Why this world is after Object Oriented ?I think I have to switch my self to OOP as It looks to me, Software Engineering is only left in OOP or World thinks only OOP is a true nature of software engineering :(. I am in so much of confussion right now and thinking what should I do next. I really love C and don't want to learn OOP, I did try to implement OOD in C but it arouse my interest in OOP so I left it alone.
Life Is so busy!
I never thought in my life, I am gona be that much busy and YES! I am really enjoying my life Thanks to GOD. So much opertunities and so many ways to get my self develop more rapaidly. Right now I am so much happy with the life I am living. Though its alone and I am still virgin lol. But really enjoying it.
I already customized my life a lot and still looking for more. Like Sleeping 5/6 hours a day, Working and spending my all day in front of Linux BOX, Try to gain more stuff each day. Even I fell happiness in giving my full weekend to it. May be it my true love or may be I want it more then any thing else in life. Some time Life looks cool, some time boring, some time alone, some time peaceful, some time good some time something missing. But what ever it is, I want the best out of my life. Looking to adopt all the methods of successful life. Life going two fast or I am pulling life faster. Its almost 3 am and usually its the start of my sleeping time.
Going to lay down for a bit and plan for tomorrow and then sleep In a hope of a better Plan tomorrow.
Working with OpenSSL
I really enjoyed working with OpenSSL on few projects. Definately helped me in knowing SSL protocol fully. To call my self an expert of OpenSSL API, I have to do lots of other stuff in it as well, but not required yet. May be in near future in some free, just for the sake of getting a full knowledge I will definetly try to master it.
Got a really nice document of e-donky protocol and reading it. Really helpful in understanding the concept of distributed enviroment. As I love network programming, Working on distributed and p2p application will be a great fun.
For the first time in my life I studied/used OpenSSL for a project of creating a remote monitoring system. It really hard in the begining but after going through all the RFC and its main idea now implementing SSL or TLS is easy. But few of the command line tool of OpenSSL is still confusing :). I wish we can have more easy and well documented documentaion of OpenSSL in near future. Yes I wish I should have contributed my part to. But its hard for me to explain to document any topic fully with a huge amount of details.
Now OpenSSL is added in my power tool implementaion in my CV. Looking forward to implement some thing more advance using OpenSSL.
Time In Lahore
Living alone in lahore is hard as I have to do all of my work my self. But its a good experience though same hard as living alone in any place in the world alone. One thing which I realize while living alone is that for coders its best to live alone in a single room because no one will disturb you and thats what I want when I m busy in any research or any project. I usually go late in office about 12 pm aprox and prefer doing coding when no one in the office.
Linux New Worm
Another new worm but based on already exposed tricks. Linux worm My comments:
This worms is a wakeup call for the lazy administrator and Developers around us. Its been a long time since XMP-RPC,AWStat vulnerabilities discovered and still, If its the fast spreading and elegant worm then the problem is totally belong to Administrator and some how Developers too.Time to sleep now its 2:00 AM :: SP ::
According to Symantec Security Responce paper, It also opens a UDP port 7222 for an unauthorized acces which is only possible if any one of us is not even fit in the First Dumbest idea of Marcus Ranum. And YES you are right, The problem is totally in the awareness of update not the Worm itself.
Thanks Daniel Hanson.
After a long long time I again started writting my blogs. :). Today is saturday and its more like funday in which I can do my own work.
Joining Naseeb Networks inc, was the best decission I have ever made. Before joining Naseeb Networks it looked to me there is no development going on in Linux in pakistan. but Thanks to my this new job I am now able to do coding in linux as well as do some security implementation stuff as well.
Coding for Naseeb
When I joined Naseeb, The first project I have to do was, code a Load Balancer for HTTP traffic. I started using netfilter Library in a hope of achieving the task but the task was to redirect the trafic to the least loaded server. Then Using the idea of ABBAS, I modified the code of TUX ( Redhat implemenatation of Webserver in kernel module or in simple words kernel memory) and created a load balancer for http.
How it works? I actually created client server application which get load average from all the servers and then check the least load average. After getting 2 least loaded server it communicates with the TUX using ioctl. TUX, which can work as REDIRECTOR, Redirects the requests to the other server on the bases of the value it gets from its device file.
TUX documentation says its a kernel module base webserver and its much faster but unfortunately I was unable to impress my CEO using this. Its not the fault of my included code in tux but for the TUX the requirement of my CEO was high.
Then CEO gave me an idea of creating a DNS based load balancer which I created In a day or so, as all of the client/server work was done. I just have to do some enteries changed which I created successfully. Now Thats DNS based Load Balancer is working quite awsome now.
Security Audit As I am good in security and got some good security background in hacking and cracking :), I was given a task of auditing all the LAMP base applications of Naseeb Networks and truely speaking I love auditing LAMP applications. And when you have the source code then its not that much boring LOL.
hohoho another happiest day comes to an end. i got my first vulnerabilities listing on securityfocus wowowo
http://securityfocus.com/bid/11132 http://securityfocus.com/bid/11133 http://securityfocus.com/bid/11134
and the second thing i did today is to make a mini MAC Controler today and launch it. That was also excellent work i did today documentation available at http://www.aosp.net/projects/maccontroler.pdf
But didnt get time to work on sendmail security article although it will take time as I wana include all security stuff. One thing i noticed today in another article on Port Scanning is that they all miss one very important step and that is what happen when a port is block .. I will probably write article of my own on Port Scanning with proof of what going when we get rejection from server and diffrence in replies.
Today I am so so so happy, My article on REGULUS EXPOSED is submited to most of the hacking sites including astalavista, hackerscenter and linuxpakistan and other little hacking website and now I submited it to securityfocus and securitydoc, Although I got there confirmation of adding my tutorial on their <<vulnerabilities added link >> and soon they will mail me that added link, I am so hope full but lets see what they do now.
I am also recieving emails on EXPOSING Pakistan's Mobile SMS protocol with appriciation and I am just loving it.
My next step is to write article on SENDMAIL security and want to EXPOSE some serious threads which other dont even notice. This guide will be completed in one week or so because of my busy schedule. Ok now its time to go in BED.
I hope next day will be more brighter and full of learning. INSHALLAH GOD will help me in achieving what I am looking for.
Keep up with the latest Advogato features by reading the Advogato status blog.