Nulis blog sambil nungguin istri yang sedang dirawat dirumah sakit bersalin, Istri kamis lalu masuk rumah sakit karena bleeding. Tapi syukurlah setelah diperiksa Dokter Pudjo sikecil baik-baik saja. Dokter bilang bahwa istri mengalami kontraksi diplasenta, sehingga terjadi pendarahan. Saat ini istri harus istirahat total dirumah sakit, bahkan untuk buang air kecilpun tidak diijinkan turun kasur. Hari ini semoga diijinkan untuk pulang kerumah kalau memang tidak bleeding lagi dan Dokter Pudjo mengijinkan.

Doh saat nungguin istri saya juga sedang tidak enak badan flu, sakit kepala, batuk dicombine jadi satu apa namanya itu demam kali ye? Malem-malem tidur pake sleeping bag punya om Nico, mayan bikin badan hangat tapi tetap saja AC serasa bisa masuk ke sleeping bag. Moga aja hari ini saya juga baikkan, capek masa sudah seminggu sakit gini terus.

Oh iya, disini tidak ada wifi nih jadinya bisa konek ke internet pake starone modal sendiri. Sayang rumah sakit bersalin sebesar ini tidak ada fasilitas wifi free. Padahal jika dibandingkan dengan pendapatan rumah sakit mungkin tidak seberapa untuk menyediakan fasilitas itu. Anggap sajalah pake speedy unlimited hanya kisaran 750000/bulan plus beli akses point yang biasa paling gak sampai 1 jt dikali 4 lantai. Bulanan hanya 750rb tapi user lebih enjoy karena adanya fasilitas tambahan, weleh ntar malah user keenakan berwifi ria gak pengen pulang.

Fasilitas tambahan dikamar sudah lumayan, TV dah konek sama Indovision. Hehehe mayan bisa lihat HBO gratis, tapi ya share bareng yang lain karena kamar diisi dua orang. Kalau pilih kamar yang sehari 450rb enak tuh bisa sendirian plus ada spring bednya buat yang nunggu, kalah hotel bintang 7.

Security watchers warn of a rare vulnerability involving software
used to control industrial systems. A denial of service vulnerability
in monitoring software from Invensys poses a severe risk to the
factories and utilities running its Wonderware subsidiary’s InTouch
SuiteLink application.

Windows versions of the package use a common software component, the
SuiteLink Service, to allow components using a proprietary protocol to
talk together over TCP/IP networks.

A security bug means hackers that are able to connect to the
SuiteLink service TCP port can shut it down by sending a malformed
packet, according to Core Security, the security tools firm that
discovered the vulnerability. It’s unclear whether or not the bug creates a means for hackers to inject hostile code onto vulnerable systems.

Even the possibility that hackers could shut down SCADA (Supervisory
Control And Data Acquisition) systems remotely, and without needing to
get past password checks, is bad enough in itself. According to
Wonderware’s website, one third of the world’s industrial plants run
its software.

The US Department of Homeland Security rated the vulnerability as a high risk bug, in a security alert issued on Tuesday. The SANS Institute’s Internet Storm Centre advises admins to patch vulnerable systems as soon as possible.

Vulnerabilities in consumer and business software are commonplace
while bugs involving industrial control software are rare. Security
firms, most notably Symantec, are trying to expand from their
traditional markets into the sale of kit to protect SCADA systems,
which are increasingly controlled over IP networks and therefore (at
least in theory) more vulnerable to attack

Kutipan dari theregister.co.uk bikin miris jika faktor sekuritas diabaikan. Dulu sewaktu kuliah sempat belajar bermain dengan SCADA, harga sangat mahal(Mungkin karena mahal, gak ada yang mampu beli sehingga expose vulnerability tidak terlalu banyak), dan memang sangat memudahkan jika diimplementasikan dalam sebuah sistem. Di Indonesia sepertinya sudah banyak yang menggunakannya, setahu saya adalah FreePort, dan mungkin beberapa Power Plant seperti Python.

Nah kalau semua seperti ini apakah faktor sekuritas akan diabaikan, dan yang penting user happy?

Ref:
Wonderware
Wonderware SuiteLink Denial of Service vulnerability
Vulnerability Summary CVE-2008-2005

Industrial Control Systems Vulnerability

Azalia Tutorial
Here are some basic troubleshooting tips for working
with new azalia codecs.

The generic driver creates every possible mixer item, so new
codecs can be can be thorougly tested in userland by fiddling
with them. What follows is an incredibly tedious process, but
I’ve tried my best to arrange it so that you’ll find the
solution as quickly as possible.

Here goes..

Start up some music sampled at 48000 Hz. If you don’t have
any, here is a copy of the 3.0 song resampled at that rate.
I figured that would be best since since many of us know how
it is supposed to sound (this is also the bsdtalk intro
music).

http://freedaemonhosting.com/~deanna/song30_48khz.mp3

If you hate that too much, you can resample anything with sox
(audio/sox)

sox song.mp3 -r 48000 song48.mp3

And some lightweight players are ‘plaympeg’ (devel/smpeg) and
‘madplay’ (devel/mad).

1) Run ‘mixerctl -v’ and take a look at the items.

2) Look for any *.eapd controls, and set them all to ‘on’.

If that doesn’t work..

3) Look for any volume controls (the number,number values) and
set them all to something fairly high. 220,220 should do it.

If that doesn’t work..

4) Look for mutable items: ‘mixerctl -v | grep mute’ Now the fun
really starts! Mute every single one of these. Make sure the
music is still playing, then unmute and re-mute each one.

If that doesn’t work..

5) All mutable items should still be muted. Look for an
‘inputs.usingdac’ control. Stop the music, and choose the
next dacgroup entry. Start the music back up, and repeat
step 4.

Still no music? Repeat step five until you’ve tried all dac
groups (inputs.usingdac).

If at any point here you manage to produce some sound, save the
output of ‘mixerctl -av’ and email this plus your dmesg to
deanna@openbsd.org.

I DID NOT WRITE THIS DRIVER. NONE OF THIS IS MY FAULT!

This is just a last resort for the truly desperate.

Saya lagi cari-cari referensi tentang sewa space untuk colocation server atau sewa dedicated server di Indonesia, dan juga virtual private server yang ada di Indonesia. Searching dipoweri(mekso deh) oleh “Google” ngomong ada beberapa perusahaan yang menawarkan solusi tersebut, berikut ini:

1. TelkomNet Hosting - (Slogan: Connected to the Largest Network in Indonesia, Reliable Competitive Price Excellence Services) Tidak perlu diragukan lagi untuk layanan perusahaan ini. Perusahaan ini diperkuat oleh TelkomNet Indonesia. Mengenai services layanan tak usah diragukan lagi deh, kita tahu telkom itu siapa dan gimana layanannya. Hehehe..
   

   Saat bisnis Perusahaan meningkat dan Anda ingin memaksimalkan seluruh potensi E-business yang tersedia maka Anda dapat mempersiapkan mesin-mesin Server E-Business sendiri dan kami akan mengurus seluruh kebutuhan infrastrukturnya sehingga Anda dapat fokus pada core business. Layanan Colocation merupakan solusi yang tepat dari kami, sehingga Anda tidak akan disibukkan lagi dengan urusan ruangan, listrik, UPS dan link internet untuk berbisnis di Internet 24 jam sehari, 7 hari seminggu. Seluruh lokasi Colocation kami siap mendukung kegiatan bisnis cyber & e-commerce Anda.

   Terhubung ke TelkomNet, jaringan internet terbesar di Indonesia, TELKOM berkomitmen untuk memberikan yang terbaik dalam penyediaan layanan hosting yang handal, tarif yang kompetitif serta layanan yang cepat dan berkualitas.

   Nah quote diatas saya ambil dari TelkomNet Hosting, “24 jam sehari, 7 hari seminggu“, gak berani ngomong 365 hari yah, mungkin karena bakal tidak sampai setahun akan ada downtime. Kantor saya juga menggunakan Fiber Optic Astinet dan memang terkadang terjadi downtime. Untuk layanan data IIX mungkin bisa lah dijadikan pilihan, tapi kalau butuh link internasional mungkin pikir-pikir dulu deh soalnya sempat kapan hari link internasional putus dan tidak ada solusi selama lebih dari 12 jam lebih. Nyimpang dikit, untuk link fiber optic Astinet kadang ngeselin, jika ada trouble lambat banget penanganannya(maklum berani harga paling murah… so services juga gak dibayar full).
   Untuk harga wah gak ada informasi nih kudu kontak langsung.

   ---

2. NatNitNet - (slogan: Lets Keep The Internet Fun!!)
   Harga colocation tergantung dari tipe space yang digunakan:
   • 1 U Server Unit + 1IP - Rp 1.000.000,-
   • Mini Desktop/Mini Tower - Rp 2.600.000,-
     (Paket tersebut sudah termasuk 100MB IIX & Share Outbound Bandwidth)

   Untuk service tambahan:

   • 1 U Server Unit - Rp. 850.000,-
   • Mini Desktop - Rp. 2.400.000,-
   • Additional IP - Rp. 300.000,- (Inclusive Shared Bandwidth)

   Ada yang tahu kualitasnya??

3. IdVPS

We are pleased to announce the release of Openfire 3.5.1! This release represents the release of the open sourced Enterprise components, as separate plugins. It also includes fixes for the s2s issues (especially with gmail.com) that plagued 3.5.0! For more details, please read the blog post here. You can view the full change log here.

It is important that you update the following plugins with this release if you are upgrading from pre-3.5.0, as some APIs have changed:

• IM Gateway
• User Search
• MOTD
• SIP

It is also very important that you read the README for the following two new plugins, as they explain how to migrate from the Enterprise plugin to the new open source plugins:

• Monitoring
• Fastpath

Note that Openfire Enterprise 3.5.1 is also available. This is available until the other components of Enterprise are released. (Clustering and Client Management) They will be released soon. SparkWeb will be released tomorrow as a separate product.

Download Openfire from here.
Download Openfire Enterprise from here.
Download Connection Manager from here

Enjoy!

Openfire Team

IGNITE!
Nice update from Openfire software, i’m still waiting for Openfire-WEB being free

OpenBSD 4.3-RELEASE, release ini pas banget dengan Hari Buruh Dunia[MAYDAY]. Tidak ada relasi antara OpenBSD-4.3 release dengan mayday hanya kebetulan bertepatan saja.

Apa saja yang baru di OpenBSD 4.3 Release?

• New/extended platforms:
  • OpenBSD/sparc64.

    SMP support. This should work on all supported systems, with
    the exception of the Sun Enterprise 10000. (Wah sekarang sudah ada gunakan Sun Enterprise 10000)

  • OpenBSD/hppa.

    K-class servers like the K200 and K410 are supported now.

  • OpenBSD/mvme88k

    SMP support on MVME188 and MVME188A systems.
    88110 processor, and thus MVME197LE/SP/DP boards, are supported now.

  • OpenBSD/sgi.

    Contains many new drivers, however the kernel requires an important
    errata fix.

• Improved hardware support, including:
  • The bge(4) driver now supports BCM5906/BCM5906M 10/100 and BCM5755
    10/100/Gigabit Ethernet devices.
  • The cas(4) driver now supports Cassini+ 10/100/Gigabit Ethernet devices.
  • The em(4) driver now supports ICH9 10/100 and 10/100/Gigabit Ethernet
    devices.
  • The gem(4) driver now supports the onboard 1000base-SX interface on
    the Sun Fire V880 server.
  • The ixgb(4) driver now supports the Sun 10Gb PCI-X Ethernet devices.
  • The msk(4) driver now supports Yukon FE+ 10/100 and Yukon Supreme
    10/100/Gigabit Ethernet devices.
  • The nfe(4) driver now supports MCP73, MCP77 and MCP79 10/100/Gigabit
    Ethernet devices.
  • The ral(4) driver now supports RT2800 based wireless network devices.
  • The cmpci(4) driver now supports CMI8768 based audio adapters.
  • The it(4) driver now supports ITE IT8705F/8712F/8716F/8718F/8726F and
    SiS SiS950 ICs. Watchdog timer functionality added.
  • The mfi(4) driver now supports Dell CERC6/PERC6 and LSI SAS1078 RAID
    controllers.
  • The viapm(4) driver now supports the VIA VT8237S south bridges SMBus
    controller.
  • Support for hotplugging ExpressCard devices has been added.
  • New amdpcib(4) driver for the AMD-8111 series LPC bridge and
    timecounter on amd64.
  • New pctr(4) driver for the CPU performance counters on amd64.
  • New bwi(4) driver for the Broadcom AirForce IEEE 802.11b/g wireless
    network device.
  • New envy(4) driver for the VIA Envy24 audio device.
  • New et(4) driver for the Agere/LSI ET1310 10/100/Gigabit Ethernet
    device.
  • New etphy(4) driver for the Agere/LSI ET1011 TruePHY Gigabit
    Ethernet PHY.
  • New amdpcib(4) driver for the AMD-8111 series LPC bridge and
    timecounter on i386.
  • New glxpcib(4) driver for the AMD CS5536 PCI-ISA bridge with timecounter,
    watchdog timer, and GPIO on i386.
  • New iwn(4) driver for the Intel Wireless WiFi Link 4965AGN IEEE
    802.11a/b/g/Draft-N wireless network device.
  • New msts(4) line discipline to interface Meinberg Standard Time String
    devices and to provide a timedelta sensor.
  • New gbe(4) driver for the SGI Graphics Back End (GBE) Frame Buffer on sgi.
  • New mkbc(4) driver for the Moosehead PS/2 Controller on sgi.
  • New power(4) driver for the power button on sgi.
  • New ecadc(4) driver for the Environmental Monitoring Subsystem
    temperature sensor on sparc64.
  • New tda(4) driver for the fan controller on the Sun Blade 1000/2000,
    making these machines much less noisy.
  • New spdmem(4) driver retrieves information about memory modules.
  • New thmc(4) driver for the TI THMC50, Analog ADM1022/1028
    temperature sensor.
  • New uchcom(4) driver for the WinChipHead CH341/340 based USB serial
    adapter.
  • New umbg(4) driver for the Meinberg Funkuhren USB5131 radio clock to
    provide a timedelta sensor.
  • New upgt(4) driver for the Conexant/Intersil PrismGT SoftMAC USB IEEE
    802.11b/g wireless network device.
  • New wbng(4)
    driver for the Winbond W83793G temperature, voltage, and, fan sensor.
  • New wbsio(4)
    driver for the Winbond LPC Super I/O ICs.
  • New adl(4)
    driver for the Andigilog aSC7621 temperature, voltage, and fan sensor.
  • The siop(4)
    driver now supports the (non-PCI) NCR 53c720/770 in big-endian mode.
  • New lmn(4)
    driver for the National Semiconductor LM93 sensor.

• New tools:
  • snmpd(8), implementing the Simple Network Management Protocol.
  • The snmpctl(8) program controls the SNMP daemon.
  • The pcidump(8) utility displays the device address, vendor, and product name of PCI devices.
  • ldattach(8)
    ldattach(8) is used to attach a line discipline to a serial line to
    allow for in-kernel processing of the received and/or sent data.

• New functionality:
  • eeprom(8) is now able to display the OpenPROM device tree on systems that have it.(Wah seperti di Solaris saja nih)
  • Support for X11 on sgi has been added.
  • The periodic security(8) reports now include package changes.
  • The cmpci(4) driver now supports multichannel audio playback if the hardware supports it.
  • The auvia(4) driver now supports multichannel audio playback if the hardware supports it.
  • The auich(4) driver now supports recording from the microphone as well as full-duplex mode.
  • The eso(4) driver now supports recording as well as full-duplex mode.
  • The
    ffs layer is now 64-bit disk block address clean. This means that
    disks, partitions and filesystems larger than 2TB are now supported,
    with the exception of statfs(2) and quotas. (Suatu saat NAS running di OpenBSD)
  • DMA is now enabled for 1-sector devices such as flash drives, providing significant speed improvement.
  • Sparc and Sparc64 disklabels now provide automatic recognition of ext2fs partitions.
  • Filesystems on USB devices are automatically dismounted if the device is disconnected.
  • The configuration of carp(4) load balancing has been vastly simplified.
  • fstab(5) entries referring to non-existent mount points are now ignored, allowing subsequent entries to be processed.
  • Additional configuration files can now be included in pf.conf(5).
  • sppp(4) now has IPv6 support.
  • ipsec.conf(5) now supports defining 192 and 256 bit keysizes for AES.
• Assorted improvements and code cleanup:
  • Improved support for an lkm(4) subsystem on amd64.
  • ossaudio(3) received several bug fixes and enhancements including but not limited to improved recording and full-duplex support.
  • audio(4) received several bug fixes and enhancements including but not limited to improved recording and full-duplex support.
  • make(1)
    was heavily modified, mostly to improve support for parallel build.
    Parallel builds now run commands in the same way the sequential builds
    do, and the output from commands is more readable. A large part of the
    source tree, xenocara, and quite a few ports now build correctly with
    make -j. (Making X11 With XENOCARA is nice)
  • rcs tools improvements and bug fixes.
  • RTM_VERSION
    was increased so that all routing messages could be modified to include
    additional fields for upcoming networking features.
  • sendbug(1) has stricter comment parsing, to avoid mangling diffs.
  • umass(4) devices no longer detect bogus LUNs.
  • USB st(4) devices can now successfully disconnect.
  • More deviant umass devices accommodated.
  • svnd(4) devices now work on block devices.
  • disklabel(8) is now aware of NTFS partitions.
  • raidctl(8) now correctly handles trailing whitespace in configuration files.
  • mt(4) no longer triggers panics when processing the ‘rewoffl’ command.
  • raid(4) devices no longer hang when searching for components during boot.
  • sd(4) devices no longer receive spurious SYNCHRONIZE CACHE commands that confuse some hardware.
  • sd(4)
    no longer claim that SYNCHRONIZE CACHE commands are 16 bytes long when
    they are actually 10 bytes. Some devices took this too literally.
  • dhcpd(8) now always issues packets equal or larger than the minimum IP MTU.
  • disklabel(8) -E mode does not allow manual editing of the ‘c’ partition, which is always set to cover the entire disk.
  • disklabel(8) -E mode does not allow changing the cpg value of a partition.
  • disklabel(8) -E mode no longer permits assigning arbitrary sizes to FS_BOOT and FS_UNUSED partitions.
  • The bge(4) driver problems receiving jumbo frames have been resolved.
  • Many dangerous unsigned comparisons with -1 when checking the results of read and write calls have been eliminated.
  • The new M_ZERO flag for malloc(9) replaces many
    malloc+bzero/memset combinations, fixing a number of bugs in memory
    initialization and shrinking the kernel.
  • dhcpd(8) now correctly constructs response packets that use the overflow buffers to store options.
  • SCSI drivers are more reliable in MP machines due to better locking around command completion.
  • TCP responses to highly fragmented packets are now constructed without risking corruption of kernel memory.
  • Sockets now allow 4095 multicast group memberships.
• Install/Upgrade process changes:
  • All platforms now have serial console support when installing.
  • Serial console speed is detected and appropriate /etc/ttys entries automatically created.
  • OpenBSD/vax now also has both kinds of install ISO CD images.
  • DNS server addresses are remembered if an install is restarted.
  • OpenBSD/sgi can now be installed using the glass console.
• OpenBGPD 4.3:
  • Correctly handle prefixes which would cause a routing loop.
  • bgpctl’s detailed RIB output shows additional attributes like extended communities or the cluster id list.
• OpenNTPD 4.3: (Very Simple And Secure Implementation of NTP protocol)
  • Handle IP changes of clients more gracefully.
  • Log peer and sensor status to syslog if the majority of either is bad, or if a SIGINFO signal is received.
  • Allow offsetting of time sensors that have a systematic error.
• OpenOSPFD 4.3:
  • Equal cost multipath support — don’t forget to set the right sysctls.
  • Parser and commandline options are now in sync with bgpd.
• relayd 4.3: (Move spam to /dev/null)
  • hoststated(8)/hoststatectl(8) were renamed to relayd(8)/relayctl(8).
  • Improved configuration grammar for relayd.conf(5).
  • Allow to send SNMP traps via snmpd(8) when host states change.
  • Improved support for URL filtering and protocol actions.
  • Added support for UDP-based DNS relaying with request ID randomisation.
  • Various bug fixes, optimisations, and cleanups.
  • Improved reload support.
• OpenSSH 4.8:
  • Added chroot(2) support for sshd(8),
    controlled by a new option “ChrootDirectory”. Please refer to
    sshd_config(5) for details, and please use this feature carefully.
  • Linked sftp-server(8) into sshd(8).
    The internal sftp server is used when the command “internal-sftp” is
    specified in a Subsystem or ForceCommand declaration. When used with
    ChrootDirectory, the internal sftp server requires no special
    configuration of files inside the chroot environment. Please refer to sshd_config(5) for more information.
  • Added a protocol extension method “posix-rename@openssh.com” for sftp-server(8) to perform POSIX atomic rename() operations.
  • Removed the fixed limit of 100 file handles in sftp-server(8). The server will now dynamically allocate handles up to the number of available file descriptors.
  • ssh(1)
    will now skip generation of SSH protocol 1 ephemeral server keys when
    in inetd mode and protocol 2 connections are negotiated. This speeds up
    protocol 2 connections to inetd-mode servers that also allow Protocol
    1.
  • Accept the PermitRootLogin directive in a sshd_config(5) Match block. Allows for, e.g. permitting root only from the local network.
  • Reworked sftp(1) argument splitting and escaping to be more internally consistent (i.e. between sftp commands) and more consistent with sh(1).
    Please note that this will change the interpretation of some quoted
    strings, especially those with embedded backslash escape sequences.
  • Support “Banner=none” in sshd_config(5) to disable sending of a pre-login banner (e.g. in a Match block).
  • ssh(1) ProxyCommands are now executed with $SHELL rather than /bin/sh.
  • ssh(1)’s
    ConnectTimeout option is now applied to both the TCP connection and the
    SSH banner exchange (previously it just covered the TCP connection).
    This allows callers of ssh(1) to better detect and deal with stuck
    servers that accept a TCP connection but don’t progress the protocol,
    and also makes ConnectTimeout useful for connections via a
    ProxyCommand.
  • Many new regression tests, including interop tests against PuTTY’s plink.
  • SSH2_MSG_UNIMPLEMENTED packets did not correctly reset the
    client keepalive logic, causing disconnections on servers that did not
    explicitly implement “keepalive@openssh.com”.
  • ssh(1) used the obsolete SIG DNS RRtype for host keys in DNS, instead of the current standard RRSIG.
  • Correctly drain ACKs when a sftp(1) upload write fails midway, avoids a fatal(1) exit from what should be a recoverable condition.
  • Fixed packet size advertisements. Previously TCP and agent
    forwarding incorrectly advertised the channel window size as the packet
    size, causing fatal errors under some conditions.
  • Many more bugfixes. Please refer to the Release Notes.
• Over 4,500 ports, minor robustness improvements in package tools:
  • i386: 4782 sparc64: 4613 alpha: 4233 sh: 2046
  • amd64: 4708 powerpc: 4634 sparc: 3159 m68k: 830
  • arm: 3377 hppa: 3971 m88k: 27 mips64: 1897
  • vax: 296
  • Highlights include:
    • Gnome 2.18.
    • GNUstep 1.14.
    • KDE 3.5.7 and koffice 1.6.3.
    • Xfce 4.4.1.
    • OpenMotif 2.3.0.
    • OpenOffice.org 2.2.1.
    • Mozilla Firefox 2.0.0.6.
    • PostgreSQL 8.2.6.
    • GHC 6.6.1 (amd64 and i386 only)
• As usual, steady improvements in manual pages and other documentation.
• The system includes the following major components from outside suppliers:
  • Xenocara (based on X.Org 7.2 + patches, freetype 2.2.1, fontconfig 2.4.2, expat 2.0.0, Mesa 6.5.2, xterm 225 and more)
  • Gcc 2.95.3 (+ patches) and 3.3.5 (+ patches)
  • Perl 5.8.8 (+ patches)
  • Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
  • OpenSSL 0.9.7j (+ patches)
  • Groff 1.15
  • Sendmail 8.14.1, with libmilter
  • Bind 9.3.4 (+ patches)
  • Lynx 2.8.5rel.4 with HTTPS and IPv6 support (+ patches)
  • Sudo 1.6.9p4
  • Ncurses 5.2
  • Latest KAME IPv6
  • Heimdal 0.7.2 (+ patches)
  • Arla 0.35.7
  • Binutils 2.15 (+ patches)
  • Gdb 6.3 (+ patches)

Untuk lengkapnya silahkan buka Link Berikut. Siap-siap untuk upgrade server nih.. OpenBSD yang saya gunakan saat ini ada 3.9, 4.0 dan 4.2 mungkin akan diupgrade ke 4.3 stable. Ngoprek OpenOSPFD juga sudah menunggu penggabungan dengan Cisco Switch nih.

Why OpenBSD? Is BSD is Dying???

| Quick Start:
| 1. get a bootable floppy image
| 2. qemu-img create -f qcow2 virtual.hd 10G
| 3. qemu -m 32 -fda floppy.fs -boot a -monitor stdio virtual.hd
| (initial install to hard drive)
| 4. qemu-img convert -c -O qcow2 virtual.hd tmp && mv tmp virtual.hd
| (compress hard drive while qemu is not running)
| 5. qemu -m 32 -monitor stdio virtual.hd
| (normal boot from hard drive)
|
| Note: Customize /etc/qemu-ifup to use ‘-net tap’ on your system.

Ada kiriman dari milis rekan kerja. Lumayan nih buat di share.

Kiriman: Ifan

Di milis ini kerap kita jumpai posting berbau agama. Atau perdebatan yang menjurus pada perdebatan soal agama. Kadang perdebatannya begitu panas. Sindir-menyindir atau ejek mengejek. Buat saya itu menyedihkan.

Saya teringat waktu lebih dari 15 tahun yang lalu belajar di Jogja. Waktu itu, tiap Rabu malam, saya dan teman-teman memilih nglurug ke patang puluhan, rumahnya Cak Nun, ini panggilan akrabnya penyair dan kiai mbeling
Emha Ainun Nadjib. Kita bikin forum melingkar di situ. Biasanya kita bicara soal kesenian atau kebudayaan, tapi juga ngobrolin soal keagamaan.

Forum itu diprakarsai oleh Sanggar Shalahuddin. Komandannya anak Solo, Nasution Wahyudi. Ini nama asli Jawa, nggak ada hubungannya dengan Nasution yang dari Medan. Pesertanya juga tidak cuma mahasiswa atau pemuda
yang beragama Islam. Pendek kata, pemeluk berbagai agama berkumpul melingkar disitu.

Suatu malam, Cak Nun tanya pada kami di forum itu. “Apakah anda semua punya tetangga?”

Wah, saya sebenarnya belum punya. Tetapi saya anak kost, tentu saja kamar sebelah saya bisa disamakan dengan tetangga. Tetangga kost. Jadi saya ikut-ikutan saja menjawab : “Tentu saja punya”.

Cak Nun melanjutkan bertanya : “Punya istri enggak tetangga Anda?”

Sebagian hadirin menjawab : “Ya, punya dong”. Saya diam saja. Rasanya tetangga kost saya bujangan semua. Kebanyakan jomblo. Maklum anak desa. Nggak pede ngajak pacaran teman kampusnya.

Yang menarik adalah pertanyaan berikutnya : “Apakah anda pernah lihat kaki istri tetangga Anda itu? Jari-jari kakinya lima atau tujuh? Mulus atau ada bekas korengnya ?”

Saya mulai kebingungan. Nggak ngeh sama arah pembicaraan Cak Nun.

Kebanyakan menjawab : “Tidak pernah memperhatikan Cak. Ono opo Cak?”

Cak Nun ndak peduli. Dia tanya lagi : “Body-nya sexy enggak?”

Kami tak lagi bisa menahan tertawa. Geli deh. Apalagi saya yang benar-benar tidak faham arah pembicaraan sang Kiai mbeling itu.

Cuma Cak Nun yang tersenyum tipis. Jawabannya bagus banget. Dan ini senantiasa saya ingat sampai hari ini. Sebuah prinsip pergaulan untuk sebuah negeri yang memilih Pancasila : “Jadi ya begitu. Jari kakinya lima
atau tujuh. Bodynya sexy atau tidak bukan urusan kita,kan? Tidak usah kita perhatikan, tak usah kita amati, tak usah kita dialogkan, diskusikan atau perdebatkan. Biarin saja”.

“Kenapa cak?” salah satu teman bertanya, penasaran.

“Ya apa urusan kita ? Nah, keyakinan keagamaan orang lain itu ya ibarat istri orang lain. Ndak usah diomong-omongkan, ndak usah dipersoalkan benar salahnya, mana yang lebih unggul atau apapun. Tentu, masing-masing suami punya penilaian bahwa istrinya begini begitu dibanding istri tetangganya, tapi cukuplah disimpan didalam hati saja”.

Saya pun menangkap apa yang dia maksudkan. Saya setuju dengan pandangan Cak Nun.

Dia melanjutkan serius : “Bagi orang non-Islam, agama Islam itu salah. Dan itulah sebabnya ia menjadi orang non-Islam. Kalau dia beranggapan atau meyakini bahwa Islam itu benar ngapain dia jadi non-Islam? Demikian juga,
bagi orang Islam, agama lain itu salah, justru berdasar itulah maka ia menjadi orang Islam. Tapi, sebagaimana istri tetangga, itu disimpan saja didalam hati, jangan diungkapkan, diperbandingkan, atau dijadikan bahan
seminar atau pertengkaran.

Biarlah setiap orang memilih istri sendiri-sendiri, dan jagalah kemerdekaan masing-masing orang untuk menghormati dan mencintai istrinya masing-masing, tak usah rewel bahwa istri kita lebih mancung hidungnya karena Bapaknya dulu sunatnya pakai calak dan tidak pakai dokter, umpamanya. Dengan kata yang lebih jelas, teologi agama-agama tak usah
dipertengkarkan, biarkan masing-masing pada keyakinannya. ”

Mengasyikkan. Saya kagum dibuatnya.

Cak Nun terus berkata : “Itu prinsip kita dalam memandang berbagai agama. Sementara itu orang muslim yang mau melahirkan padahal motornya gembos, silakan pinjam motor tetangganya yang beragama Katolik untuk mengantar istrinya ke rumah sakit. Atau, Pak Pastor yang sebelah sana karena baju misanya kehujanan, padahal waktunya mendesak, dia boleh pinjam baju koko tetangganya yang NU maupun yang Muhamadiyah. Atau ada orang Hindu kerjasama bikin warung soto dengan tetangga Budha, kemudian bareng-bareng bawa colt bak ke pasar dengan tetangga Protestan untuk kulakan bahan-bahan jualannya.Begitu. ”

Kami semua terus menyimak paparannya.

“Jadi ndak usah meributkan teologi agama orang lain. Itu sama aja anda ngajak gelut tetangga anda. Mana ada orang yang mau isterinya dibahas dan diomongin tanpa ujung pangkal. Tetangga-tetangga berbagai pemeluk agama,
warga berbagai parpol, golongan, aliran, kelompok, atau apapun, silakan bekerja sama di bidang usaha perekonomian, sosial, kebudayaan, sambil saling melindungi koridor teologi masing-masing. ”

“Kerjasama itu dilakukan bisa dengan memperbaiki pagar bersama-sama, bisa gugur gunung membersihkan kampung, bisa pergi mancing bareng bisa main gaple dan remi bersama. Tidak ada masalah lurahnya Muslim, cariknya Katolik, kamituwonya Hindu, kebayannya Gatholoco, atau apapun. Itulah lingkaran tulus hati dangan hati. Itulah maiyah,” ujarnya.

Ketika mengatakan itu nada Cak Nun datar, nyaris tanpa emosi. Tapi serius dan dalam. Saya menyimaknya sungguh-sungguh. Dan saya catat baik-baik dalam hati saya. Sayangnya dunia memang tidak ideal. Di Ambon dan Palu, misalnya saya lihat terlalu banyak orang usil mengurusi isteri tetangganya. Begitu juga di berbagai tempat di dunia. Di Bosnia. Atau yang paling baru di Irak dan Afghanistan. Akibatnya ya perang dan hancur-hancuran. Menyedihkan. Sangat menyedihkan.

-
Regards,
Syamsi Kusyanti