Older blog entries for masood (starting at number 11)

My BirthDay
Yesterday I celebrated my 25th birthday. As I'm in Peshawar, for eid vacation, I really enjoyed spending my Birthday with my mom, dad, younger sis, aunties and cousins. The other special thing about my Birthday was; Mehvish, coolest friend of mine, sent flowers, choclates , card & cake. She some time really amaze me with her caring talks and actions. I'm really happy to have her in my list, Some one who is willing to listen all of my past stories and addventures :). Still have to share lots of stuff which hardly I can share with any one else.

Asterisk Billing Application

While developing Asterisk billing application, I have to modify asterisk mysql CDR plugin to rate the CDRs before it touches the databases. The experiment worked really great and saved the time of post processing the CDRs. The other stuff which took some time in coding was the best regax matching extension while asterisk call hunting. For this, I break down the numbers in seperate file and extensions which really work out as I expected.

GSM/GPRS Embedded Module

I really Like these Modules. I only worked with g18 but looking forward to try g20. Currenlty, Mostly Asterisk GSM devices using these module in PCI cards to give the support of GSM to asterisk. While reading motrolla Developers guide I figure out we can actually play alot more with it.

SIP Digest Authentication
Last week I was given a task of coding a SIP terminal client. The first thing, as most of the people do, I googled RFC of SIP and started reading it. And in a day or so I started coding a simple sip client to just send a registeration request to the SIP server/Proxy. The good thing about SIP is; it's a mixture of HTTP & SMTP protocol & truely speaking, Some time I feel I'm coding for HTTP not for SIP.

SIP uses HTTP DIGEST method to authenticate the client and that was the most confusing part in the start. As I was unable to find any exact RFC for it plus most of the SIP document refering me to the HTTP DIGEST which is more complex then used by SIP. Although the procedure is exactly the same but the way RFC's explained, it sucks. The simple explanation to all the sutff which once took some time to code was this.

New RFC for SIP only recomment SIP DGIEST method to be use as authentication mechanism. In Digest server sends a challenge string "nonce" which should be encrypted along with our username, pass, URI,realm , request and send back to the server. All this is achievable using a simple three step formula.

1. H1= MD5 ( username : realm : pass)
2. H2= Md5 ( METHOD : URI)
3. responce = MD5 ( H1: nonce : H2 )

In case when Authentication is needed server reponce back with the 401 (unauthorized request) along with the realm and nonce. As we are registering with the server the METHOD should be "REGISTER" and URI on the server which we want to access, e.g sip:

Solaris 10

Working in solaris was never ever been in my plan but I must say I'm lukcy enough to get a chance to work in it in professional enviroment. Today, it's my fouth consecutive day working in solaris and no doubt I learned a lot about it. SunDocs helped me alot in putting the basics in my head. SUN's patch management is excellent but with some restriction and subscribtions, it reminds me RHEL enviroment. Initially I tried using my Linux skills in solaris but only succeded in using the common Unix commands. My first task was to patch the server and using SUN's guide I patched 2 servers easily. Though I had to read it's full patching mechanism and plicy later to make my self sure when we need it. My second task was to check RAID 1 performance and to verify its state, Again I had to gone though SUN's awsome guide to make my self first understand and then using a set of checks I tested RAID 1 state.

Currenlty I'm busy in reading as much as I can to make my self comfortable in handling solaris. I migh quickly jump in to programming but first I have to make my concept of administration clear in it. And that definalty would take a month or two.


Another awsome creation of opensource community. It's a Templete Engine/Framework. My next project is to convert a site in Smarty. For this I have to learn it fully as a taged language. Though I don't have much of the interest in coding in php but again when it comes to professional life you always have to listen what you boss requires :).


I'm actually having a good time with asterisk. And after the project of CallCenter setup for MPS callcenter in Lahore, now I feel quite comfortable in handling asterisk. In my previous blogs I did mention about my activities realted to Asterisk programming and now it's all related to handling/administring asterisk. Still, there are so many things to learn and implement. But surely, with the project currenlty in my hand, I'll be able to learn all the skills quickly.

Update: Started working on my little tool name stelnet. The idea behind this creation was to create a tool for penetration testing SSL enabled ports. Exactly the same thing we do with telnet client tool. But I'm looking forward to add some interesting stuff in it like certificate checking, banner grabing, etc...

Second Job: I was doing a part time online job but It was hard to manage beacuase of the nature of my work. So I decided to quit part time job and work part time only for opensource as it's the only thing which make me feel better :).

OpenSource: Looking for some ongoing projects to work on, to gain more experience and skill. My interest is developing more and more towards device drivers.

gdb: It's awsome but really hard to get a full command over it. I hope now I got some more time to play with it along with other projects.

Job: I wish I can only work as a developer not sysadmin or anything which has nothing to do with the programming. Some time it look as time wasting stuff when any one put me in a stuff other then coding in C. I wish I can find my dream job with only C geeks arround me :).

RT Memory usage

This RT(Request Tracker) is making life harder. The way it utilizes memory is awfull. I was reading about unix memory utilization and some thing which helped me alot to understand why apache unable to release memory.i.e

taken from: Guide

Note: there is usually no system call that can be used to return unused memory back to the operating system. when you free memory, the memory manager cannot return this memory back to the operating system. If this freed memory is never used again, it will eventually be paged out to disk - but won't be freed until the process exits. Thus, the ammount of virtual memory used by a process always increases - never decreases.

Now that's what clear my concept a bit. Now I'm looking few ways to force RT to use limited memory But I think it will make life harder for RT to operate properly. Few Apache directive I'm currenlty thinking to deploy ASAP.

Limiting CPU Usage | Limiting memory Usage | Limiting CPU Usage
It will be a great fun after tight deployment of these directives.


Currenlty working/Playing with asterisk and really enjoying it. This Telecommunication world got some charm. Thanks GOD I have done MIT (Masters In IT) due to which It wasn't hard for me to hang arround with telco world.

My major task is to deploy a module of asterisk of a simple IVR solution, offcourse in C. I'm already done with it and now looking for SIP/AIX implementation. I never thought of playing with VoIP in my life :) but thanks to my CEO, I'm in :).

This project is looking excelent to me. I haven't tried it yet but after checking Asterisk Documentation, I really starting loving Doxygen.


It really awsome :), For the last 3 weekends I'm reading its features using GDB GUIDE and it's like rocking. So many feature to screw some one, offcourse program too :). I hope I can get more time in learning these awsome tools as quickly as we dream of a new girl lol. :)

Today I started reading about porting application from windows to linux, It looks exciting and hardwork but Right now I am really enjoying it.
I am in deep thinking
Why this world is after Object Oriented ?
I think I have to switch my self to OOP as It looks to me, Software Engineering is only left in OOP or World thinks only OOP is a true nature of software engineering :(. I am in so much of confussion right now and thinking what should I do next. I really love C and don't want to learn OOP, I did try to implement OOD in C but it arouse my interest in OOP so I left it alone.

Life Is so busy!

I never thought in my life, I am gona be that much busy and YES! I am really enjoying my life Thanks to GOD. So much opertunities and so many ways to get my self develop more rapaidly. Right now I am so much happy with the life I am living. Though its alone and I am still virgin lol. But really enjoying it.

Future Plans

I already customized my life a lot and still looking for more. Like Sleeping 5/6 hours a day, Working and spending my all day in front of Linux BOX, Try to gain more stuff each day. Even I fell happiness in giving my full weekend to it. May be it my true love or may be I want it more then any thing else in life. Some time Life looks cool, some time boring, some time alone, some time peaceful, some time good some time something missing. But what ever it is, I want the best out of my life. Looking to adopt all the methods of successful life. Life going two fast or I am pulling life faster. Its almost 3 am and usually its the start of my sleeping time.
Going to lay down for a bit and plan for tomorrow and then sleep In a hope of a better Plan tomorrow.

7 Jan 2006 (updated 7 Jan 2006 at 17:18 UTC) »
2005 Update
The most amazing and happy year of my life :). Amazing in a sense, I visited almost all pakistan in this year. And happy in a sense, Got good jobs one was in karachi and now in lahore.

Working with OpenSSL
I really enjoyed working with OpenSSL on few projects. Definately helped me in knowing SSL protocol fully. To call my self an expert of OpenSSL API, I have to do lots of other stuff in it as well, but not required yet. May be in near future in some free, just for the sake of getting a full knowledge I will definetly try to master it.

Distributed Application
Got a really nice document of e-donky protocol and reading it. Really helpful in understanding the concept of distributed enviroment. As I love network programming, Working on distributed and p2p application will be a great fun.

Interesting Stuff with Apache
Doing a complete research on its security and all the method of making apache more secure then its looks. though while doing a research I learned so many stuff, speacially modifying apache code for hidding some header send to clients. May be try to write an article on Apache's security soon.

For the first time in my life I studied/used OpenSSL for a project of creating a remote monitoring system. It really hard in the begining but after going through all the RFC and its main idea now implementing SSL or TLS is easy. But few of the command line tool of OpenSSL is still confusing :). I wish we can have more easy and well documented documentaion of OpenSSL in near future. Yes I wish I should have contributed my part to. But its hard for me to explain to document any topic fully with a huge amount of details.

Now OpenSSL is added in my power tool implementaion in my CV. Looking forward to implement some thing more advance using OpenSSL.

Time In Lahore
Living alone in lahore is hard as I have to do all of my work my self. But its a good experience though same hard as living alone in any place in the world alone. One thing which I realize while living alone is that for coders its best to live alone in a single room because no one will disturb you and thats what I want when I m busy in any research or any project. I usually go late in office about 12 pm aprox and prefer doing coding when no one in the office.

Linux New Worm
Another new worm but based on already exposed tricks. Linux worm My comments:

This worms is a wakeup call for the lazy administrator and Developers around us. Its been a long time since XMP-RPC,AWStat vulnerabilities discovered and still, If its the fast spreading and elegant worm then the problem is totally belong to Administrator and some how Developers too.

According to Symantec Security Responce paper, It also opens a UDP port 7222 for an unauthorized acces which is only possible if any one of us is not even fit in the First Dumbest idea of Marcus Ranum. And YES you are right, The problem is totally in the awareness of update not the Worm itself.

Thanks Daniel Hanson.

Time to sleep now its 2:00 AM :: SP ::
I am back

After a long long time I again started writting my blogs. :). Today is saturday and its more like funday in which I can do my own work.

Naseeb Networks
Joining Naseeb Networks inc, was the best decission I have ever made. Before joining Naseeb Networks it looked to me there is no development going on in Linux in pakistan. but Thanks to my this new job I am now able to do coding in linux as well as do some security implementation stuff as well.

Coding for Naseeb

When I joined Naseeb, The first project I have to do was, code a Load Balancer for HTTP traffic. I started using netfilter Library in a hope of achieving the task but the task was to redirect the trafic to the least loaded server. Then Using the idea of ABBAS, I modified the code of TUX ( Redhat implemenatation of Webserver in kernel module or in simple words kernel memory) and created a load balancer for http.

How it works? I actually created client server application which get load average from all the servers and then check the least load average. After getting 2 least loaded server it communicates with the TUX using ioctl. TUX, which can work as REDIRECTOR, Redirects the requests to the other server on the bases of the value it gets from its device file.

TUX documentation says its a kernel module base webserver and its much faster but unfortunately I was unable to impress my CEO using this. Its not the fault of my included code in tux but for the TUX the requirement of my CEO was high.

Then CEO gave me an idea of creating a DNS based load balancer which I created In a day or so, as all of the client/server work was done. I just have to do some enteries changed which I created successfully. Now Thats DNS based Load Balancer is working quite awsome now.

Security Audit As I am good in security and got some good security background in hacking and cracking :), I was given a task of auditing all the LAMP base applications of Naseeb Networks and truely speaking I love auditing LAMP applications. And when you have the source code then its not that much boring LOL.

2 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!