My heart still has a beat
but love is now a feat
as common as a cold day in LA
Sometimes at night alone I wonder
Is there a spell that I am under
Keeping me from seeing the real thing

Love hurts
but sometimes it’s a good hurt
And it feels like I’m alive

Love sings
When it transcends the bad things
have a heart and try me
‘Cause without love I won’t survive

I’m fettered and abused
Stand naked and accused
should I surface this one man submarine

I only want the truth
So tonight we drink to youth
I’ll never lose what I had as a boy
Sometimes at night alone I wonder
Is there a spell that I am under
Keeping me from seeing the real thing

Love hurts
but sometimes it’s a good hurt
And it feels like I’m alive

Love sings
When it transcends the bad things
have a heart and try me
‘Cause without love I won’t survive

Without love I won’t survive

Love hurts
But sometimes it’s a good hurt
And it feels like I’m alive

Love sings
When it transcends the bad things
have a heart and try me
‘Cause without love I won’t survive

Love hurts, oh
Love hurts
Without love I won’t survive

Love hurts, oh
Love hurts
Without love I won’t survive

Waktu itu musim gugur, seorang suku indian pada daerah terpencil bertanya pada Kepala suku mereka yang baru. “Wala-wala chimo-ela suma totangka obuawachi?” (yang artinya:”Chief apakah musim dingin kali ini akan sangat dingin atau seperti biasanya?”.
Karena Ia kepala suku yang sudah modern, dia tidak pernah belajar mengenai cara-cara meramal dengan cara-cara kuno. Ketika ia melihat ke atas, ia tidak dapat mengatakan bagaimana nantinya keadaan cuaca. Meskipun begitu, supaya aman, ia mengatakan bahwa musim dingin nantinya akan terasa dingin, sehingga ia menyuruh warganya untuk mengumpulkan kayu bakar untuk persiapan musim dingin.

Namun setelah beberapa hari, ia muncul ide untuk menelpon Layanan Prakiraan Cuaca, dan menanyakan, “apa musim dingin kali ini akan sangat dingin atau tidak?” “Kelihatannya musim dingin kali ini akan sangat dingin,” Kata Meteorologist di Layanan Cuaca.

Kemudian Kepala suku kembali, dan menyuruh warganya untuk mengumpulkan kayu lebih banyak lagi untuk persiapan. Seminggu kemudian dia menelpon kembali Layanan Prakiraan Cuaca. “Apa musim dingin kali ini akan sangat dingin?” Katanya. “Ya,” jawab Orang di Layanan Prakiraan Cuaca tersebut, “Musim dingin kali in akan sangaaaat dingin.”

Kepala suku kembali dan menyuruh warganya untuk mengumpulkan semua kayu dan ranting pohon yang mereka temukan. Dua minggu kemudian dia menelpon kembali Layanan Prakiraan Cuaca Nasional. “Apa anda yakin bahwa musim dingin kali ini akan sangat dingin?” “PASTI,” Jawab pria itu. “Kelihatannya akan jadi musin dingin yang paling dingin yang pernah ada.”
“Kenapa anda begitu yakin?” Tanya kepala suku. Pria itu menjawab, “Karena para suku indian sedang mengumpulkan kayu bakar dalam jumlah yang gila-gilaan!”

Viewing Email Header
Every e-mail comes with information attached to it that tells the recipient of its history. This information called a header. The above is the Full header of email .All this information comes with the email. The header contains the information essential to tracing an e-mail. The main components to look for in the header are the lines beginning with “From:” and “Received:” However, it might be instructive to look at what various different lines in the header mean.

Quote:
MIME-Version: 1.0
Received: from rwcrmhc11.comcast.net ([204.127.198.35]) by mc7-f12.hotmail.com with Microsoft SMTPSVC(5.0.2195.6713); Tue, 25 Nov 2003 19:56:18 -0800
Received: from pavilion (pcp03530790pcs.mnhwkn01.nj.comcast.net[68.37.24.150]) by comcast.net (rwcrmhc11) with SMTP id <20031126034457013001nk6pe>; Wed, 26 Nov 2003 03:44:57 +0000
X-Message-Info: JGTYoYF78jGkTvdOiviUvHyY85nt7iLD
Message-ID: <000801c3b3cf>
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
Disposition-Notification-To: “Leona” <leona6256>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Return-Path: leona6256@comcast.net
X-OriginalArrivalTime: 26 Nov 2003 03:56:18.0897 (UTC) FILETIME=[3F5AFC10:01C3B3D1]

Some e-mail programs, like Yahoo or Hotmail, have their full headers hidden by default In order to view the full header, you must specifically turn on that option. Some ways of doing this in different e-mail programs follow here:

Viewing full Header in Yahoo and Hotmail
Yahoo

Quote:
Click Options -> Click Mail Preferences -> Click Show Headers -> Click “All” -> Click “Save”

Hotmail

Quote:
Click Options -> Click Mail Display Headings (under “Additional Options”) -> Click Message Headers -> Click “Full” ->

Quote:
Click “OK”

Viewing full Header in Email Clients like (Outlook and Eudora etc)
Outlook Express
If you use OE, at least the version I have (5.5), you may not have much luck; it sometimes gives little more information than what you can see in the main window. But here’s the application path anyway:
Click File/Properties/Details to find the header information.

Outlook
First, highlight the email in your Incoming window, right-click on it, and select Options. The window that comes up will have the headers at the bottom.

Eudora
Be sure the message is open, then Click the ‘Blah, Blah, Blah’ button from the Tool Bar, and the headers will appear.

Pegasus
Select Reader/Show All Headers/

Netscape Mail
Select Options/Headers/Show All Headers

Netscape Messenger 4.0 and 4.5
Select View/Headers/All

Now I will discuss the full header in detail:

Message ID:
Quote:
It is used to identify the system from which the the message has originated (I.e. from the system the sender has logged in). However, this is too easy to forge, and is consequently not reliable.

X-Headers:

Quote:
X- headers are user defined headers. They are inserted by email client programs or applications that use email. Here from the X- headers inserted into the email by the email client it is clear that the sender has used Microsoft Outlook Express 6.00.2800.1106 to send this email.

X-Priority: 3
Quote:
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106

MIME-Version:
Quote:
MIME stands for Multipurpose Internet Mail Extension. It tells the recipient what types of attachments are included in email. It is a format that allows people to send attachments that do not contain Standard English Words, but rather graphics, sounds, and e-mails written with other characters. The Mime-Version field merely confirms that the version of MIME used corresponds to the standard version (which is currently 1.0).

From:
Quote:
Form is useless in tracing an e-mail. It consists of the email of the sender but this can be obviously be a fake. One can use any fake-mailer to fake the sender’s name.

Content-Type:
Quote:
This line tells the receiving e-mail client exactly what MIME type or types are included in the e-mail message. If the Content–Type is text/plain; charset=”us-ascii” just tells us that the message contains a regular text message that uses English characters. ASCII is the American Standard Code for Information Interchange and is the system used to convert numbers to English characters.

Return-Path:
Quote:
It is the address to which your return e-mail will be sent. Different e-mail programs use other variations of Return-Path:. These might include Return-Errors-To: or Reply-To etc.

Received:

Quote:
This field is the key to find out the source of any e-mail. Like a regular letter, e-mails gets postmarked with information that tells where it has been. However, unlike a regular letter, an e-mail might get “postmarked” any number of times as it makes its way from its source through a number of mail transfer agents (MTAs). The MTAs are responsible for properly routing messages to their destination.

Let me strip-off the above email header to make the understanding easy. The header is splitted and the two received headers are given below.

Received Header 1: Quote:
204.127.198.35 – Tue, 25 Nov 2003 19:56:18 -0800
from rwcrmhc11.comcast.net ([204.127.198.35])
by mc7-f12.hotmail.com
with Microsoft SMTPSVC(5.0.2195.6713)

Received Header 2: Quote:
68.37.24.150 – Wed, 26 Nov 2003 03:44:57 +0000
from pavilion (pcp03530790pcs.mnhwkn01.nj.comcast.net[68.37.24.150])
by comcast.net (rwcrmhc11)
with SMTP
id <20031126034457013001nk6pe>

The MTAs are “stamped” on the e-mail’s header so that the most recent MTA is listed on the top of the header and the first MTA through which the e-mail has passed in listed on the bottom of the header. In the above sample e-mail header, e-mail first passed through 68.37.24.150 (pcp03530790pcs.mnhwkn01.nj.comcast.net), and at last made its way through 204.127.198.35 (rwcrmhc11.comcast.net).

In the Received Header 2, the one marked with red colour “pavilion” is either the domain name of the server from which the email has originated or the name of the computer from which the email has been sent. By doing a DNS query for “pavilion”, it is confirmed that it is not a know host name hence, must be the name of the computer from which the mail has originated. “68.37.24.150″ is the IP address from which the mail might have originated or it is the IP address of the ISP (Internet Service Provider) to which the user was logged on while sending the mail.

Note: Correct me if I am wrong, most of the time “HELO” is prefixed to the system name from which the mail has originated, but its accuracy is not reliable.

Trace who owns the IP address
Every computers hooked on to internet is assigned with an IP address. Individual users possess a dynamic IP address when they logged on to any ISP to access internet. These IP addresses are assigned by the ISP itself. Organization usually possess static/public IP address which is stored in a database of registries.

There are three major registries covering different parts of the world. They are

www.arin.net => American Registry of Internet Numbers (ARIN) : It assigns IP addresses for the Americas and for sub Saharan Africa.

www.apnic.net => Asia Pacific Network Information Centre (APNIC) : It covers Asia

www.ripe.net => Réseaux IP Européens (RIPE NCC) : It covers Europe

Thus, to find out which organization owns a particular IP address, you can make a “WHOIS” query in the database at any of these registries. You do this by typing the IP address into the “WHOIS” box that appears on each of these websites.

“Received Header” will have the IP address of the ISP in case the users has dialed up to the ISP while sending the email. But if the user has send the email from within the corporate then the corporate public/static IP address is logged.

By giving a “WHOIS” query for 68.37.24.150 at www.arin.net, the following result has been displayed:

Comcast Cable Communications, Inc. JUMPSTART-1 (NET-68-32-0-0-1)
68.32.0.0 – 68.63.255.255
Comcast Cable Communications, Inc. NJ-NORTH-14 (NET-68-37-16-0-1)
68.37.16.0 – 68.37.31.255

# ARIN WHOIS database, last updated 2004-02-04 19:15
# Enter ? for additional hints on searching ARIN’s WHOIS database.

From above queries it is found that the IP address (68.37.24.150) is owned “Comcast”. By making further queries on “Comcast” it is found that it is the name of the ISP located in NJ, US – 08002. The result of further query is given below:

OrgName: Comcast Cable Communications, Inc.
OrgID: CMCS
Address: 3 Executive Campus
Address: 5th Floor
City: Cherry Hill
StateProv: NJ
PostalCode:08002
Country: US

NetRange: 68.32.0.0 – 68.63.255.255
CIDR: 68.32.0.0/11
NetName: JUMPSTART-1
NetHandle: NET-68-32-0-0-1
Parent: NET-68-0-0-0-0
NetType: Direct Allocation
NameServer: DNS01.JDC01.PA.COMCAST.NET
NameServer: DNS02.JDC01.PA.COMCAST.NET
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2001-11-29
Updated: 2003-11-05

TechHandle: IC161-ARIN
TechName: Comcast Cable Communications Inc
TechPhone: +1-856-317-7200
TechEmail: cips_ip-registration@cable.comcast.com

OrgAbuseHandle: NAPO-ARIN
OrgAbuseName: Network Abuse and Policy Observance
OrgAbusePhone: +1-856-317-7272
OrgAbuseEmail: abuse@comcast.net

OrgTechHandle: IC161-ARIN
OrgTechName: Comcast Cable Communications Inc
OrgTechPhone: +1-856-317-7200
OrgTechEmail: cips_ip-registration@cable.comcast.com

# ARIN WHOIS database, last updated 2004-02-04 19:15
# Enter ? for additional hints on searching ARIN’s WHOIS database.

Now since the IP address found belongs to an ISP, it is clear that the sender has dialed up to this ISP while sending the email. For further enquiry we can then request the ISP to provide us with details of the user who has dialed up to them at that given point of time (Wed, 26 Nov 2003 03:44:57 +0000). If the ISP cooperates, they will check their user and message logs to see who was logged into that particular IP address at that time and date. This will reveals the sender’s telephone number from which he/she has dialed to the ISP. Now once we have the telephone number we can easily retrieve the name and address of the sender.

Now the above case is solved but there are also other cases where the IP address found on the email header may be owned by an organisation or a cyber cafe. Below I have discussed how you can trace the sender in both of these cases.

Cases1: THE IP ADDRESS OWNED BY AN ORGANISATION

But in case the IP address found belongs to an organisation then you have to request them to provide information about the user who has send the mail from within the organisation network. They must have user and message logs on their firewall / proxy and can trace each of their computers connected at the given point of time. By supplying the organisation with the e-mail header of the offending e-mail, they can check these logs and hopefully produce information of the user of that machine.

Cases2: THE IP ADDRESS OWNED BY A CYBER-CAFE

In case it is found that the sender has sent the email from a cyber-cafe then it becomes a difficult task to trace him/her. The user may not be a frequent visitor to that cyber-cafe. But let’s assume that you receive such mails frequently from that particular cyber-cafe then you can install “key-loggers” in the computers at the cafe. These programs records user’s keystrokes, thus creating a record of everything that was typed at a particular terminal. By reviewing the key-logger logs you may be able to trace the sender in this case.

Note: These methods would aid greatly in identifying an e-mail sender, they also would impinge on the rights of others using the computers to conduct their personal business. Such a conflict defines the ongoing struggle between the fight against terrorism over the Internet and the right to privacy, which will continue to evolve in the years ahead.

kejadiannya beberapa bulan yang lalu, gue punya teman, kita sebut saja inisialnya AP (ADI PURNAMA NAMANYA!!!) waktu itu dia lagi maen ke ruangan gue, trus waktu itu dia terima telpon dari seseorang, yang belakangan diketahui bernama Mr. Onni, nah Mr. O dan AP terlibat obrolan seru yang sampai-sampai saya ikut mendengarkan, di tengah pembicaraan teman saya AP itu menanyakan Mr. O alamat emailnya, dan seketika itu pula si AP meminta secarik kertas dan sebatang pulpen, begini kira-kira kata dia, “fik! gue minta kertas ama pulpen dong, gue mo nulis alamat email nih orang”.

Ok, and then gue kasih secarik kertas ama pulpen, setelah itu teman gue AP nulis alamat emailnya…(kejadian yang teramat heboh akan segera terjadi!!!).

teman gue menulis alamat email sambil mengulang kata-kata si Mr. O, gini “OSCAR…NOVEMBER……NOVEMBER..YANKEE…at XXX.com” teman gue sambil nulis sambil terheran-heran, and pas gue liat tulisan tangan temen gue yang emang gak bagus itu, tertulis “oscarnovem…” (sambil keheranan karena alamat emailnya panjang dan ada kata november berulang) akhirnya gue tersadar dan gue pun tertawa biadab terbahak-bahak ternyata teman gue yang ini SALAH PAHAM!!!

sebagai teman yang baik dan berbudi saya langsung memberi “lecture” kepada dia, dan memberitaunya bahwa itu namanya “phonetic alphabets” sodara-sodara!!! akhirnya teman saya yang mirip-mirip kotaro minami ini mengerti apa yang Mr. O maksud.

That’s it, maka dengan ini saya ingin memposting tentang PHONETICS ALPHABETS, ini ada tabel phonetic alphabets dapat dari phoneticise.com semoga dapat membantu.

Reference: Phonetic Alphabets

Introduction

In this tutorial you will find out about the .htaccess file and the power it has to improve your website. Although .htaccess is only a file, it can change settings on the servers and allow you to do many different things, the most popular being able to have your own custom 404 error pages. .htaccess isn’t difficult to use and is really just made up of a few simple instructions in a text file.

Will My Host Support It?

This is probably the hardest question to give a simple answer to. Many hosts support .htaccess but don’t actually publicise it and many other hosts have the capability but do not allow their users to have a .htaccess file. As a general rule, if your server runs Unix or Linux, or any version of the Apache web server it will support .htaccess, although your host may not allow you to use it.

A good sign of whether your host allows .htaccess files is if they support password protection of folders. To do this they will need to offer .htaccess (although in a few cases they will offer password protection but not let you use .htaccess). The best thing to do if you are unsure is to either upload your own .htaccess file and see if it works or e-mail your web host and ask them.

What Can I Do?

You may be wondering what .htaccess can do, or you may have read about some of its uses but don’t realise how many things you can actually do with it.

There is a huge range of things .htaccess can do including: password protecting folders, redirecting users automatically, custom error pages, changing your file extensions, banning users with certian IP addresses, only allowing users with certain IP addresses, stopping directory listings and using a different file as the index file.

Creating A .htaccess File

Creating a .htaccess file may cause you a few problems. Writing the file is easy, you just need enter the appropriate code into a text editor (like notepad). You may run into problems with saving the file. Because .htaccess is a strange file name (the file actually has no name but a 8 letter file extension) it may not be accepted on certain systems (e.g. Windows 3.1). With most operating systems, though, all you need to do is to save the file by entering the name as:

“.htaccess”

(including the quotes). If this doesn’t work, you will need to name it something else (e.g. htaccess.txt) and then upload it to the server. Once you have uploaded the file you can then rename it using an FTP program.

Warning

Before beginning using .htaccess, I should give you one warning. Although using .htaccess on your server is extremely unlikely to cause you any problems (if something is wrong it simply won’t work), you should be wary if you are using the Microsoft FrontPage Extensions. The FrontPage extensions use the .htaccess file so you should not really edit it to add your own information. If you do want to (this is not recommended, but possible) you should download the .htaccess file from your server first (if it exists) and then add your code to the beginning.

Custom Error Pages

The first use of the .htaccess file which I will cover is custom error pages. These will allow you to have your own, personal error pages (for example when a file is not found) instead of using your host’s error pages or having no page. This will make your site seem much more professional in the unlikely event of an error. It will also allow you to create scripts to notify you if there is an error (for example I use a PHP script on Free Webmaster Help to automatically e-mail me when a page is not found).

You can use custom error pages for any error as long as you know its number (like 404 for page not found) by adding the following to your .htaccess file:

ErrorDocument errornumber /file.html

For example if I had the file notfound.html in the root direct
ory of my site and I wanted to use it for a 404 error I would use:

ErrorDocument 404 /notfound.html

If the file is not in the root directory of your site, you just need to put the path to it:

ErrorDocument 500 /errorpages/500.html

These are some of the most common errors:

401 – Authorization Required
400 – Bad request
403 – Forbidden
500 – Internal Server Error
404 – Wrong page

Then, all you need to do is to create a file to display when the error happens and upload it and the .htaccess file.

Part 2: .htaccess Commands

Introduction

In the last part I introduced you to .htaccess and some of its useful features. In this part I will show you how to use the .htaccess file to implement some of these.

Stop A Directory Index From Being Shown

Sometimes, for one reason or another, you will have no index file in your directory. This will, of course, mean that if someone types the directory name into their browser, a full listing of all the files in that directory will be shown. This could be a security risk for your site.

To prevent against this (without creating lots of new ‘index’ files, you can enter a command into your .htaccess file to stop the directory list from being shown:

Options -Indexes

Deny/Allow Certian IP Addresses

In some situations, you may want to only allow people with specific IP addresses to access your site (for example, only allowing people using a particular ISP to get into a certian directory) or you may want to ban certian IP addresses (for example, keeping disruptive memembers out of your message boards). Of course, this will only work if you know the IP addresses you want to ban and, as most people on the internet now have a dynamic IP address, so this is not always the best way to limit usage.

You can block an IP address by using:

deny from 000.000.000.000

where 000.000.000.000 is the IP address. If you only specify 1 or 2 of the groups of numbers, you will block a whole range.

You can allow an IP address by using:

allow from 000.000.000.000

where 000.000.000.000 is the IP address. If you only specify 1 or 2 of the groups of numbers, you will allow a whole range.

If you want to deny everyone from accessing a directory, you can use:

deny from all

but this will still allow scripts to use the files in the directory.

Alternative Index Files

You may not always want to use index.htm or index.html as your index file for a directory, for example if you are using PHP files in your site, you may want index.php to be the index file for a directory. You are not limited to ‘index’ files though. Using .htaccess you can set foofoo.blah to be your index file if you want to!

Alternate index files are entered in a list. The server will work from left to right, checking to see if each file exists, if none of them exisit it will display a directory listing (unless, of course, you have turned this off).

DirectoryIndex index.php index.php3 messagebrd.pl index.html index.htm

Redirection

One of the most useful functions of the .htaccess file is to redirect requests to different files, either on the same server, or on a completely different web site. It can be extremely useful if you change the name of one of your files but allow users to still find it. Another use (which I find very useful) is to redirect to a longer URL, for example in my newsletters I can use a very short URL for my affiliate links. The following can be done to redirect a specific file:

Redirect /location/from/root/file.ext http://www.othersite.com/new/file/location.xyz

In this above example, a file in the root directory called oldfile.html would be entered as:

/oldfile.html

and a file in the old subdirectory would be entered as:

/old/oldfile.html

You can also redirect whole directoires of your site using the .htaccess file, for example if you had a directory called olddirectory on your site and you had set up the same files on a new site at: http://www.newsite.com/newdirectory/ you could redirect all the files in that directory without having to specify each one:

Redirect /olddirectory http://www.newsite.com/newdirectory

Then, any request to your site below /olddirectory will bee redirected to the new site, with the
extra information in the URL added on, for example if someone typed in:

http://www.youroldsite.com/olddirecotry/oldfiles/images/image.gif

They would be redirected to:

http://www.newsite.com/newdirectory/oldfiles/images/image.gif

This can prove to be extremely powerful if used correctly.

Part 3: Password Protection

Introduction

Although there are many uses of the .htaccess file, by far the most popular, and probably most useful, is being able to relaibly password protect directories on websites. Although JavaScript etc. can also be used to do this, only .htaccess has total security (as someone must know the password to get into the directory, there are no ‘back doors’)

The .htaccess File

Adding password protection to a directory using .htaccess takes two stages. The first part is to add the appropriate lines to your .htaccess file in the directory you would like to protect. Everything below this directory will be password protected:

AuthName “Section Name”
AuthType Basic
AuthUserFile /full/path/to/.htpasswd
Require valid-user

There are a few parts of this which you will need to change for your site. You should replace “Section Name” with the name of the part of the site you are protecting e.g. “Members Area”.

The /full/parth/to/.htpasswd should be changed to reflect the full server path to the .htpasswd file (more on this later). If you do not know what the full path to your webspace is, contact your system administrator for details.

The .htpasswd File

Password protecting a directory takes a little more work than any of the other .htaccess functions because you must also create a file to contain the usernames and passwords which are allowed to access the site. These should be placed in a file which (by default) should be called .htpasswd. Like the .htaccess file, this is a file with no name and an 8 letter extension. This can be placed anywhere within you website (as the passwords are encrypted) but it is advisable to store it outside the web root so that it is impossible to access it from the web.

Entering Usernames And Passwords

Once you have created your .htpasswd file (you can do this in a standard text editor) you must enter the usernames and passwords to access the site. They should be entered as follows:

username:password

where the password is the encrypted format of the password. To encrypt the password you will either need to use one of the premade scripts available on the web or write your own. There is a good username/password service at the KxS site which will allow you to enter the user name and password and will output it in the correct format.

For multiple users, just add extra lines to your .htpasswd file in the same format as the first. There are even scripts available for free which will manage the .htpasswd file and will allow automatic adding/removing of users etc.

Accessing The Site

When you try to access a site which has been protected by .htaccess your browser will pop up a standard username/password dialog box. If you don’t like this, there are certain scripts available which allow you to embed a username/password box in a website to do the authentication. You can also send the username and password (unencrypted) in the URL as follows:

http://username:password@www.website.com/directory/

Summary

.htaccess is one of the most useful files a webmaster can use. There are a wide variety of different uses for it which can save time and increase security on your website.