Lowyat.NET: Latest topics by rizvanrp

SOLD

rizvanrp — Sat, 16 Nov 2024 23:48:36 +0800

SOLD

WTS GSkill TridentZ RGB DDR4-3200 2x8GB (2 sets)

rizvanrp — Mon, 01 Aug 2022 15:45:15 +0800

Item(s): GSkill TridentZ RGB DDR4-3200 2x8GB Kit (F4-3200C16D-16GTZR)

Package includes: RAM with Original Packaging and Original Purchase Receipts

Price: RM300 (1 set), RM550 (2 sets)

Warranty: Will provide original purchase receipts

Dealing method: COD Only

Location: Petaling Jaya

Contact method/details: Send me a PM
---

Item(s) conditions: Purchased October 2017, removed from own rig after upgrade

Picture:

» Click to show Spoiler - click again to hide... «

Reason for sale: Upgraded

SOLD

rizvanrp — Mon, 25 Jan 2021 19:05:46 +0800

ITEM SOLD, TQ

ITEM SOLD

rizvanrp — Mon, 10 Jun 2019 23:11:36 +0800

ITEM SOLD

WTS Kingston HyperX Fury DDR4-2666 C16 (Black)

rizvanrp — Thu, 26 Oct 2017 10:01:24 +0800

Item(s): 2 x Kingston HyperX Fury DDR4-2666 C16 (HX426C16FB2/8, Black)

Package includes: 2 units of Kingston HyperX Fury DDR4-2666 C16 (HX426C16FB2/8, Black) in original packaging. These are two separate units of RAM, not a 2x8GB kit.

Price: ITEM SOLD

Warranty: Lifetime warranty from Kingston, will provide purchase receipt.

Dealing method: COD in PJ

Location: PJ

Contact method/details: PM me
---

Item(s) conditions: 10/10. Original owner, tested and used in a 2x8GB configuration for 2 days before switching to an RGB kit. HCI memtest 1000%+ validation.

Picture:

Reason for sale: Switched to RGB RAM.

[WTS] 3 x 8GB Kingston DDR3-1600Mhz KVR16N11/8

rizvanrp — Mon, 23 Oct 2017 10:55:53 +0800

Item(s): SOLD

Package includes: SOLD

Price: SOLD

Warranty: 3 days personal warranty

Dealing method: COD in PJ

Location: PJ

Contact method/details: PM me
---

Item(s) conditions: 9.5/10 - Perfect working condition, pulled from personal rig. 2 units have a slightly different shade of PCB silkscreen colour as they were purchased at a different time.

Picture:

Reason for sale: Not using it anymore

SOLD

rizvanrp — Mon, 23 Feb 2015 17:21:43 +0800

Item sold, thanks!

YouTube Deep Packet Inspection

rizvanrp — Wed, 01 May 2013 04:00:19 +0800

Hi all,

I'm experiencing some anomalies while streaming videos off YouTube on Unifi. For certain 'political' videos -- I've observed that the HTTP connection for the videoplayback stream to YT's local CDNs are being disrupted as follows :

1. Client video player makes a connection to the YT CDN
2. HTTP GET request is sent

There's a few different behaviors after this .. :

3a. HTTP 200 OK is received however it arrives 90 seconds later (should be instant) :

3b. HTTP 200 OK is received instantly, first 1-4KB of video stream traffic is sent (allowing the YT player to show the first frame of the video with a timestamp of 0:00).. then no traffic is received for 90 seconds once again :

There's a duplicate TCP ACK when the stream returns, did my ACK at packet #271 ever reach the CDN in the first place??

Further testing :

1. Using an unencrypted SOCKS proxy on a remote server + non standard TCP port results in the same behavior with packet loss between the client and SOCKS proxy server

2. Using an encrypted SSH tunnel to the same remote server results in absolutely no issues with viewing the videos

Sample videos :
http://www.youtube.com/watch?v=hHTz22bTBRw
http://www.youtube.com/watch?v=uVWxB4AWOxc

UPDATE :

I performed a simultaneous packet capture on both my client + remote server while encapsulating the HTTP connection via plaintext SOCKS. All the video payload packets were dropped en route back to my SOCKS client :

Dafuq?

UPDATE 2 :

Confirming all plaintext HTTP connections on Unifi (and maybe Celcom + Maxis) are being man-in-the-middle'd and dropped if they contain blacklisted data.

UPDATE 3 :

Other sources confirming this .. (thanks wkkay):

https://plus.google.com/1013966581485225280...sts/ak6opfbDxwa

UPDATE 4 :
What we know :

i. The DPI isn't only being used to selectively block YouTube videos, however unencrypted Facebook pages belonging to certain parties are also being blocked. You can get around this by appending 'https://' to the Facebook URLs rather than trying to use 'http://'.

ii. The DPI is based on TCP segment analysis. Basically, every single TCP packet has its payload analyzed for certain request URI strings that have been blacklisted. Obfuscation attacks such as packet fragmentation (splitting a large TCP payload containing a single HTTP request into smaller TCP segments) as well as packet padding (appending large amount of junk data to the HTTP request URI in order to force the 'HTTP/1.1\r\n' trailer into a separate TCP segment) will also work however you need specialized HTTP proxy software or iptables rules (on Linux) to do this.

iii. Once a blacklisted payload is detected within a packet, the header information for the TCP stream (SRC/DST port + SRC/DST IP address) is added to some kind of blacklist for 90 seconds. This causes all traffic for that particular TCP stream to be dropped for 90 seconds (hence the 90 second gaps in my packet capture samples above). This is also why some of you have noticed that if you wait long enough (well, 90 seconds in my tests).. the videos/sites that are blocked will eventually continue to load. Due to the persistent nature of TCP, once the 90 second blacklist window passes.. your TCP stream will continue and the payload data for whatever you're requesting will reach your computer.

Mitigation techniques :

i. Use 'https://' wherever possible (especially on Facebook). Users in the thread have recommended HTTPS Everywhere which is a Firefox/Chrome addon to do this automatically for most major websites.

* While YouTube supports HTTPS for their main website, their player does not support it so even if you were to use HTTPS on YT.. the videos won't load.

ii. For accessing blocked YouTube videos, you can use some of the various YouTube proxy sites such as ProxFree.

iii. Get a VPN/SSH tunnel service if you're worried about having your HTTP requests intercepted.

UPDATE 5 :
Response from MCMC

QUOTE

GE13: ISPs not restricting access, says MCMC
By PATRICK LEE

SUNGAI PETANI: Internet Service Providers (ISP) have not been restricting access to local online portals, according to the Malaysian Communications and Multimedia Commission (MCMC). "Preliminary investigations indicate no such restrictions by ISPs as alleged by certain quarters," it said in a statement.

It said network congestion could have caused users to experience difficulties in accessing the sites, adding there was an increase in traffic for GE13-related articles.

Hey, here's a simple test you can do with less than 2 commands on a Linux box + Wireshark :

CODE

wget http://www.facebook.com/DAPMalaysia

So a HTTP GET request for /DAPMalaysia results in the query taking 109 seconds to respond along with 8 TCP retransmissions (I'm basically getting 0 TCP responses from the server for 109 seconds). Let's see what happens when we request for the exact same URL however we append 1500 bytes of junk URI padding to the end :

CODE

#!/bin/bash
for i in {1..1500}
do
PADDING=$PADDING"A"
done
wget "http://www.facebook.com/DAPMalaysia?test="$PADDING

.. which results in ..

CODE

wget "http://www.facebook.com/DAPMalaysia?test=AAAAA... (1500 times)"

Oh? What do you know, no issues at all. Apparently appending an extra 1500 bytes of junk data to every HTTP request in a 'congested' network results in less network congestion. Who would have guessed /s

---

My final comments on this issue ..

I'm pretty apolitical when it comes to the Internet and networking. The only reason I have to keep testing what some may call PR-friendly URLs is because it seems that the only time we have 'congestion' is when accessing such content.. and the 'congestion' goes away the moment you obfuscate the requests enough. With the resources that the MCMC has available to debug these kind of issues, I'm honestly surprised they haven't figured this out already.

The tests we've done here show at the very least there is some kind of HTTP request inspection happening and traffic is being dropped once certain strings have been identified. As Internet users and/or caretakers, we should be against any form of Internet censorship. I leave you with these two articles hosted on the MCMC/SKMM website :

http://www.skmm.gov.my/Media/Press-Clippin...sur-fitnah.aspx

QUOTE

SKMM pantau, sekat blog ada unsur fitnah
03/03/2013, Berita Harian

Butterworth: Suruhanjaya Komunikasi dan Multimedia Malaysia (SKMM) akan memantau dan menyekat mana-mana blog yang didapati memuatkan kenyataan berunsur fitnah menjelang Pilihan Raya Umum Ke-13 (PRU-13).

Timbalan Menteri Penerangan, Komunikasi dan Kebudayaan, Senator Datuk Maglin Dennis D'Cruz, berkata kebanyakan blog yang disiasat SKMM kebanyakannya mempunyai agenda tersendiri dengan menulis kenyataan yang tidak betul dan cuba berbohong untuk menjatuhkan maruah seseorang.
“Oleh itu, sempena PRU-13, SKMM diminta memantau dan menyekat mana-mana blog yang cuba menjatuhkan seseorang dengan menulis perkara tidak benar dan mempunyai unsur fitnah, sama ada pada pihak pembangkang atau Barisan Nasional (BN). Kita mahu PRU-13 berjalan aman tanpa sebarang isu,” katanya.

Beliau berkata demikian selepas merasmikan Program Kenali dan Mesra Jiran Peringkat Negeri Pulau Pinang di Rumah Pangsa Taman Bagan, di sini semalam. Hadir sama, Ketua UMNO Bagan, Datuk Abdul Latiff Mirasa; Penyelaras BN Bagan Dalam, M Karuppanan dan Penyelaras BN Parlimen Bagan, David Chua Teik Siang.

http://www.skmm.gov.my/Media/Press-Clippin...edia-In-Ge.aspx

QUOTE

MCMC To Monitor, Control Use Of Social Media In General Election 13 To Prevent Abuse
02/03/2013, Bernama

BUTTERWORTH, March 2 (Bernama) -- The Malaysian Communications and Multimedia Commission (MCMC) is looking into suitable methods to monitor and control the use of social media in the 13th general election (GE13).

Deputy Information Communications and Culture Minister Datuk Maglin Dennis D'Cruz said this was to ensure that the social media would not be abused by irresponsible quarters to achieve their own political agenda.

Last week, Prime Minister Datuk Seri Najib Tun Razak said the GE13 would be the first 'social media election' in the country where internet would be widely used as a campaign tool.

The MCMC will monitor all users of social media, regardless of their political beliefs, to ensure peace and smooth running of the GE13, Maglin said after opening the 'Know Your Neighbours' programme organised by Penang Information Department at Taman Bagan flats here Saturday.

The deputy minister said the monitoring of the social media was vital as certain quarters were only good at making baseless allegations and spreading lies to gain political mileage, adding that he himself had once fallen victim to such lies and accusations.

Maglin said the culture of making baseless allegations and distorting facts among politicians was indeed unhealthy and would only confuse the public, especially the young generation.

"They should not be so selfish and lie just for the sake of gaining political mileage because what matters most in politics was to ensure that the people will live in peace and harmony.

"Therefore, the public, especially the young voters should be wise enough to do their parts in selecting the right government with vast experience in managing the country, so that their future will be secured.

"Don't believe the lies and accusations made by those whose aim is only to create disharmony among the people," he added.

Unifi DC++ Hub

rizvanrp — Mon, 05 Jul 2010 13:16:20 +0800

Unifi DC++ Hub

[CENTER][/CENTER]

Hey fellow Unifi-ers, since Unifi is about to kick off in about 18 more exchanges.. I've finally decided to start up a Unifi DC++ hub. Originally, I was planning to revive the LYN DC++ project however it seems to have disappeared for some reason (I'm guessing inactivity). If you've already subscribed to Unifi.. please join us !

Q: What is DirectConnect (DC++)?
A: Direct connect is a peer-to-peer file-sharing protocol. Direct connect clients connect to a central hub and can download files directly from one another. Hubs feature a list of clients or users connected to them. Users can search for files and download them from other clients, as well as chat with other users. DC++ is a free and open-source, peer-to-peer file-sharing client that can be used to connect to the Direct Connect network or to the ADC protocol.

Q: Why is there a need for a Unifi DirectConnect hub?
A: As you all know, Unifi provides every user with a symmetrical connection (upload speed == download speed). While it was nearly impossible to upload files on a long term basis on Streamyx connections (30-50KB/s tops).. Unifi enables each user to upload at 5/10/20mbps speeds. As Unifi home packages also have a data download cap (which we believe will only take in account international traffic), having our own local P2P network is a great way to share files with other Malaysians while conserving international bandwidth in the process .. and possibly preventing you from hitting your daily data cap within an hour.

Q: Who can join this Unifi DC++ hub?
A: At the moment, I've only allowed connections from the Unifi home network ranges to connect to the hub to ensure that only local traffic is utilized. If you're on Unifi home, simply download a DirectConnect client (most of us use ApexDC++). The hub also has a chat channel so you may interact with other Unifi users there. If you're not a Unifi user and you attempt to connect to the hub, you will likely not be able to (connection refused error).

Q: I'm a Unifi user, how do I connect to the hub?
A: Pick up a DirectConnect client (I recommend ApexDC++ -- http://www.apexdc.net/ ). Set up your username and connect to the hub address @ hub.athena.my OR 184.82.41.12 (if hub.athena.my is not working).

Q: Do I have to setup any portforwarding?
A: Yes, you do. However if you're on the TM DIR-615 router.. simply select UPNP mode in the DC++ client options. The DIR-615 has UPNP enabled by default and this will allow the client to automatically configure the port forwarding for you.

You may also use Manual Portforwarding with the DIR-615 (for better stability) :

I'm using port 5800 here -

See you guys in the hub !

---

Thanks for this guide farkinid !

Starting Guide to ApexDC++

So you just got Unifi and are worried about the cap? Rumour has it that local p2p traffic will not count toward your cap and thats why you are here.

The 1st thing anybody should do is read the 1st post in http://forum.lowyat.net/topic/1479905

Then after you have downloaded the ApexDC++ client you are now ready to share the love with your fellow Unifi users. Lets go through this quickly.

Start your client (duh)
You will then be bombarded by a tonne of information. The 1st thing you should do is don't panic
If you see the image below, the red circle shows the DC++ client windows. Everytime a new window opens, it will be shown here.
Right click on each tab to close them. This makes things easier. You can add other hubs later when you are more familiar
Now, click on Favourites like the screenshot
The favourites window will now open. If you notice, the Favourites tab is now shown at the place pointed out in the earlier screenshot
Untick all the hubs listed in Favourites. You may enable them later if you wish
Right click on any black spot in the window and select 'New'
Refer to Rivzanp's 1st post in this thread to enter the details
You now have configured the client to connect to our little Unifi hub (well its really Rizvanp's but I've decided I like to call it 'our')
But before you connect, you should set up the things you wish to share with us
To do that, click on File -> Settings
Click on 'Sharing' and put a tick on each folder you wish to share
Click 'OK' and you are done
To connect just right click on the newly configured hub in the Favourites area and select 'Connect'

---

Security Update (August 08, 2010)

Please DISABLE DHT in your Apex DC++ client

Update :

Hub is closed until further notice. Drop me a PM if you're interested in hosting/managing a hub and I'll post your server up here/setup a DNS redirect.

WARNING TO ALL UNIFI USERS

rizvanrp — Sat, 29 May 2010 06:59:32 +0800

You know, the first day I got Unifi, I asked you guys (TMnet) if I would be able to use my own router. Well you said no. When I discovered the SSH daemon running on the router (which used a different password than the web user interface), you said you couldn't disclose the password. An hour ago, I discovered that password and the reason why you won't give it out.

TM, you basically planted a bloody backdoor in everyone's DIR-615 router.

What is this? What are all these hidden options in this special account you neglected to tell us about? You mean to say I could have used my own router all along? You mean people spent >RM1000 on Cisco grade equipment just because you didn't want to tell them about this?

You mean in a sample group of 900 nodes, 600 of them who think their networks are 'secure' are actually completely open? Even those companies on Unifibiz which use the same router? WOW..

That's right guys, TM named the "administrator" account on the DIR-615 as "admin" when there was actually a secondary administrator account with a higher access level. The VLAN settings were never locked out, that account which we all assumed was the admin (because they told us so) was actually a noob piece of shit with <60% access to the router. This account has the same user/pass across every Unifi router that has been given out so far and cannot be changed or even seen with the default 'admin' account.

----

What's the fix?

Untick remote management. If you have a firewall on it, block all the ports (TCP 22/23/80/8080/443) from WAN access.

UPDATE : If you're a Unifi user on firmware 7.05, if you read everything in the management page you can find the username for this account. The pass is the same, once you get access log in and reconfigure your router security properly. I can't believe not a single technician set this account up properly.

----

FAQ

Some less tech-savvy people have asked me what this all means.. so here goes -

Q: What is this and how is this possible?
A: Every consumer router has a username/password combination to access it. This is a basic security feature to ensure that only you (the owner) can access it. This Unifi router however, has two accounts by default. When TM installed Unifi in your home/office, they only configured the first account. The second account -- which has a higher level of access was left configured with its default username/password. They also neglected to inform the customers (you) and their own technicians who did the install about this second account. As every Unifi user is 'forced' to use this router and this account has not been configured properly, every Unifi user is also vulnerable to have their routers accessed by unauthorized users simply by using this default account user/password combination.

Q: So what if outsiders can access my router? What does this mean?
A: The Unifi router is not just a simple box that sits on your network. It can be considered to be a full computer system and has the capability to run any executable that's made for it. Since an outsider can access your router, he can also do the following :

- Turn your router into a proxy, if he commits any crimes online it will be traced back to you instead and you will take the fall for it
- Use your 10/20mbps Unifi account so he doesn't have to pay for his
- Use up your bandwidth quota (once quotas are implemented) as much as he wants and you will pay for it
- 'Spy' on your Internet connection and view every site you are visiting
- Forward all connections to your home PC using DMZ, making your home PC completely vulnerable to Internet attacks.. if you have an open NAS (network attached storage) on your home network, he will be able to access all your files

And the list goes on and on..

Q: So how can I fix this?!
A: Make sure remote management is disabled (as it is enabled by default). With this enabled, anybody with this default user/pass combination can access your home router and perform the attacks I mentioned above. This fix however, doesn't prevent people on your own LAN network from accessing the router. If you are running an open Unifi hotspot (shop wifi, etc) and you are using the default DIR-615 router, the only fix is to access this second account and change the password.

I've uploaded a Router Security guide and VLAN bridging guide (to use your own hardware with Unifi) on my website @ http://unifi.athena.my

New local BF2 1.41 server

rizvanrp — Thu, 19 Feb 2009 17:10:47 +0800

Original post :

QUOTE

Hey,

I don't normally post here (I'm usually in the CS section) but I was thinking about hosting a public BF2 1.41 server on my dedi server. I was just wondering if there are still any local players for BF2 and if there are any other local BF2 servers around (64 slot).. also anyone who would be interested in playing?

The server is now up

http://www.gametracker.com/server_info/210.48.159.88:16567/

IP: 210.48.159.88
Port: 16567

The average ping ingame for me at the moment is about 9-12ms.

New uTorrent 1.9/2.0 client bypasses throttling

rizvanrp — Sat, 06 Dec 2008 21:35:29 +0800

Hey,

Just wondering if anyone else here has tried the new uTorrent 1.9.1 alpha with UTP (UDP transfer) support? I've been getting killer (150KB/s per foreign bittorrent/utorrent 1.8.1+ peer) speeds occasionally using UTP ONLY mode (bt.transp_disposition 10). The speed is unstable but can hit around 200KB/s on my 4mbit line without VPN/tunnel !

http://forum.utorrent.com/viewtopic.php?id=49813

Set bt.transp_disposition to 10 in advanced settings to make your client use only UDP connections.. you'll see [utp] tag next to every connection in your peer list.

Other people seem to be having good results with it too :

http://www.dslreports.com/forum/r21497962-...vade-throttling

As proof, I've attached an SS of a torrent I added a minute or so ago.. this is a Korean peer at 50KB/s. Yesterday I had a few american (US flag) peers at 100-150KB/s. I've also noticed that I'm getting these high speeds mainly from BitTorrent 6.1.1 clients + uTP.

---

UPDATE 1st Jan 2010 :

UT 2.0 RC2 is out (well it's been out for a bit)

http://forum.utorrent.com/viewtopic.php?id=65482&p=1

----

FAQ

Q : Why should bt.trans_disposition be set to 10 instead of the default 15?

A : Look here - http://forum.lowyat.net/index.php?showtopi...post&p=28065338

Q : What kind of speed increase am I looking at with this method?

A : I'm on a 4mbps line myself. I can download at 400+KB/s max. With this method + a good public tracker, I can easily download torrents at 430KB/s stable as opposed to 1KB/s without enabling UTP-only mode.

CS 1.6 Server - [ATF] AveX TopFragger

rizvanrp — Wed, 14 May 2008 00:11:03 +0800

QUOTE

UPDATE (23rd January 2009) :

The original server is now back online. Please add the new IP address to your favs list which is '210.48.159.89'. If you have the old server IPs on your fav list, you will notice they are mirrors of the new server. Please try to avoid using these mirrors as they might increase your latency with the new gameserver. Connect to '210.48.159.89' directly, thanks!

---

Admin List

Physical server + ingame admins :

Santury (lowyat) - FlameHaze
rizvanrp (lowyat) - Bunneh

Ingame admins :

Waterz
HiCal
egGy.
Tetsujin

-----------

Server is OFFLINE, please read the memo at http://frag.my/ for more info. TQ