My Grey Cells Burning

Wednesday, August 06, 2008
My first Jam Session

Yes, right after 10 years, when most of the guitarist married and got kids already. Feel like back to high school all over again...

The studio suck but then since we have booked it, so we just go on with it. The drum fallen over right after we finish recording.. yes nobody can see it cause we switch off the camera before that..

Anyway, enjoy:

Labels:

posted by zarxcky @ 8/06/2008 12:11:00 AM   0 comments
Sunday, May 25, 2008
Back From Dead & Birth of New Phoenix..


Picture from: http://merges.ubuntu.com


Been long time already not updating anything at all here. Too busy with new job, learning all the new stuff, a bit of magics, tips and tricks and facing lots of problem from days to days and more will come. Currently settling down the Debian poorly seeded RNG encryption vulnerabilities for all servers we got now. Next time Debbies, please validate your diff to the upstream maintainer first before roll out new release of everything you want to offer us, or I wouldn't have hassle so much on our plenty servers as the original OpenSSH and OpenSSL are secure enough to withstand almost everything in the Wild Wild Net since we use lots of Ubbies here.

Just finished upgrading company laptop currently used by me from Ubuntu 7.10 to Hardy Heron 8.04 LTS. Not much problem and issue coming in except for few things:

Firefox 3:
I have no use for it since the back and forward button are freezing against my mouse touch onto it. Maybe I should touch it with my dick but then it would not be appropriate and inhuman against the laptop machine. They need other thing to simulate them such as... bit astray.. back to the topic, even my bookmarks also nowhere to be seen within the FF3. So I just install firefox-2-bin and those 2 issues are gone.

Zombie:
Yeah, got zombie after startup booing in forms of /sh if I doing ps -ef | grep defunct. As usual, since zombie are dead thing, it will stale within the grasp of listing process ps -ef. Kind of annoying, which I give a magic to make it gone forever in form of:

kill -HUP `ps -A -ostat,ppid,pid,cmd | grep -e '^[Zz]' | awk '{print $2}'`

That'll teach the zombie. Go back to your grave and lay in peace. Do not disturb my system anymore.

Sound and movie playback:
Yes, Totem a.k.a Movie Player playing movie very slow and no sound coming out of it. Playing mp3 however well enough with Rythmbox. What I do to fix it? I forgot to be honest. Just install few things, reboot twice or more and everything coming out well thanks to Google, ubuntuforums and few other forums.

Streaming video (Youtube):
No sound coming out. After a while, decide to reboot and it works after that. Realllly crazy.

Im dead back again until God knows when. Till then, cheerio. Bye.

### END TRANSMISSION FROM THE HOLE I CRAWLED FROM ####

Hey! I listen to The Ataris, I remember you :

Labels:

posted by zarxcky @ 5/25/2008 03:42:00 AM   0 comments
Saturday, December 29, 2007
Playing Around With Django
(On Ubuntu that is...)


Many thanks to sorcerer guru low for introducing me with Django. And thanks to Wei Sun too for reminding me on the Django meet-up presentation last Wednesday. Really appreciate all the efforts. Sorry guys for I cannot make it last time due to the time which belong to mine already populated with my own IPBrick presentation for the big boss.

Anyway, since I have several dreams on setting up shopping carts website somewhere in near future, perhaps I can use Django as the trial platform to realize my dream by start to write some web apps for the site.

So, let get on with this thing.

Following the installation instructions on Django project website (okay.. click here) and continue with getting the database to running so that I can start write my very first code. Very easy to install and configure straight away from the package on average Ubuntu machine. Once command python manage.py runserver 8000 & (default port) invoked, check the 127.0.0.1:8000 with any preferred browser to check if there are any error coming up.

If got something like this:



Then, we good to go.

Port 8000 eh? Makes me thinking if this command will start opening port port 8000 on my system, I then launch nmap localhost and I got this:

Starting Nmap 4.20 ( http://insecure.org ) at 2007-12-29 13:38 MYT
Interesting ports on penguin (127.0.0.1):
Not shown: 1695 closed ports
PORT STATE SERVICE
8000/tcp open http-alt


And also some message from the puking console detailing some connection reset by peer error from the http-alt logs:

Exception happened during processing of request from ('127.0.0.1', 49875)
Traceback (most recent call last):
File "SocketServer.py", line 222, in handle_request
self.process_request(request, client_address)
File "SocketServer.py", line 241, in process_request
self.finish_request(request, client_address)
File "SocketServer.py", line 254, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/lib/python2.5/site-packages/django/core/servers/basehttp.py", line 537, in __init__
BaseHTTPRequestHandler.__init__(self, *args, **kwargs)
File "SocketServer.py", line 522, in __init__
self.handle()
File "/usr/lib/python2.5/site-packages/django/core/servers/basehttp.py", line 577, in handle
self.raw_requestline = self.rfile.readline()
File "socket.py", line 346, in readline
data = self._sock.recv(self._rbufsize)
error: (104, 'Connection reset by peer')
----------------------------------------
----------------------------------------
Exception happened during processing of request from ('127.0.0.1', 51913)
Traceback (most recent call last):
File "SocketServer.py", line 222, in handle_request
self.process_request(request, client_address)
File "SocketServer.py", line 241, in process_request
self.finish_request(request, client_address)
File "SocketServer.py", line 254, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/lib/python2.5/site-packages/django/core/servers/basehttp.py", line 537, in __init__
BaseHTTPRequestHandler.__init__(self, *args, **kwargs)
File "SocketServer.py", line 522, in __init__
self.handle()
File "/usr/lib/python2.5/site-packages/django/core/servers/basehttp.py", line 577, in handle
self.raw_requestline = self.rfile.readline()
File "socket.py", line 346, in readline
data = self._sock.recv(self._rbufsize)
error: (104, 'Connection reset by peer')
----------------------------------------


So, thats how the nmap scanning logged by the http-alt active service. Next, scanning from remote machine outside the LAN shows this:

Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2007-12-29 12:12 MYT
Initiating SYN Stealth Scan against XX.xx.101.51 [1660 ports] at 12:12
SYN Stealth Scan Timing: About 17.77% done; ETC: 12:15 (0:02:19 remaining)
The SYN Stealth Scan took 167.25s to scan 1660 total ports.
Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
Host XX.xx.101.51 appears to be up ... good.
All 1660 scanned ports on XX.xx.101.51 are: filtered
Too many fingerprints match this host to give specific OS details
TCP/IP fingerprint:
SInfo(V=3.70%P=i386-redhat-linux-gnu%D=12/29%Time=4775C9DE%O=-1%C=-1)
T5(Resp=N)
T6(Resp=N)
T7(Resp=N)
PU(Resp=N)

Nmap run completed -- 1 IP address (1 host up) scanned in 188.370 seconds


That is cool. Lessening my paranoid thought. Never mind the outdated version of nmap. Yeah, kudos to Fyodor for bring the open community some very fine tool available since the existence of the Net (and porn too).

Will continue more next blog since I need to dive in again plundering the docs after lunch. And today too hot, but strong winds outside. Feel like summer in memories with plus hotness added.

Good thing, my first wages coming in already. Woohoo!!

Now! I listen to Tenacious D:


posted by zarxcky @ 12/29/2007 12:51:00 PM   1 comments
Thursday, October 11, 2007
Another Interesting Titbits from the Google of Information Security

Source from cryptome and input data's filtered for things related to Malaysia & Kuala Lumpur.

Remember when I say that Maxis and Digi are still clean? Well, look here and here to see the previous posts. Look like the Maxis now is ON the list.

Subject: NSA-affiliated IPs/DNS as of 1640hrs GMT 6Oct2007
Date: Sat, 6 Oct 2007 16:07:13 +0000 (UTC)
Please note the following, current as of 1640hrs GMT 6Oct2007:

Maxis Communications Bhd [NSA-fully controlled IP range]
Kuala Lumpur MY (Malaysia)
121.120.0.0 - 121.123.255.255
No PTR record

The obvious difference between Maxis and the other players (JARING, TELEKOM, TMNET and TIME) is that Maxis said IP range above were fully controlled by NSA.

TMNET also have some more additions in regards to affiliated IP/DNS:

Previous post show TMNET (16Aug07 at 1600hrs GMT) as:

TMNET [NSA-affiliated IP ranges]
Kuala Lumpur MY
124.82.0.0 - 124.82.255.255
219.95.128.0 - 219.95.255.255
ns2.tm.net.my [202.188.1.8]
ns3.tm.net.my [202.188.0.184]
ns1.tm.net.my [202.188.0.183]

The new additions are shown below for comparison (1640hrs GMT 6Oct2007):

TMNET [NSA-affiliated IP ranges]
Kuala Lumpur MY
58.26.0.0 - 58.27.127.255
124.82.0.0 - 124.82.255.255
202.71.96.0 - 202.71.111.255
218.208.128.0 - 218.208.255.255
218.111.0.0 - 218.111.255.255
219.95.128.0 - 219.95.255.255
ns2.tm.net.my [202.188.1.8]
ns3.tm.net.my [202.188.0.184]
ns1.tm.net.my [202.188.0.183]
ns2.myjati.com.my [203.106.249.232]
ns1.myjati.com.my [203.106.249.231]

Source here.

Note: The only company left within Malaysia will be DiGI. I know I made a good choice when I decided to change my mobile phone provider from Telekom to DiGI about a year ago. But behold, we'll see if DiGI will turn up within the NSA affiliated/controlled list later on.


Hey! I listening to Boston - More than A Feeling :


Labels:

posted by zarxcky @ 10/11/2007 07:54:00 AM   0 comments
Saturday, October 06, 2007
Free Stuff !


Like Ruby on Rails? Don't have money to buy the book? You broke (as in my case currently)? Or you the kind of people who just want something free? I found a RoR book by Patrick Lenz which was released FOC (pdf online version) for a period of 2 months only. So grab it while it still hot and available.

To download, click here.

You'll have to provide an email address to them (Sitepoint dude) so that they can sent the download link to your email. Be quick because it's limited time offer only. If you want the printed hard copy, they give 10 USD discount voucher together within the email on the book, which the Sitepoint will then happily sent the book anywhere around the world for a fee.

Hey! I listening to salir, beber :
posted by zarxcky @ 10/06/2007 05:24:00 PM   0 comments
Wednesday, September 12, 2007
FAM Website Has Been Cracked!!
And KJ Is The One Should Be Blamed For It.




First, reading the Utusan Sports Section here, regarding a Utusan reporter trying to look for score, perhaps so he can copy paste the result to his/her newspaper column. Second, after reading that, went to FAM website, and have a look at their Goal Scorer page and Standing page. It's true. KJ name is on the top of the list. Made a screen shot, which is shown below:

GoalScorer Page


Standing Page


And the company who manage FAM website can be seen here, it's called VR3D Technology Sdn. Bhd., located within Petaling Jaya, Selangor. Their company informations can be seen here. I think they doing a very bad job in securing their website. And also recovering from any cracking attempt since the cracked page is still shown until this article is written.

Well, KJ, I guess you should take this sarcasm hint, right? For the sake of FAM.

Hey! I listen to:
posted by zarxcky @ 9/12/2007 09:53:00 AM   2 comments
Friday, August 31, 2007
More Interesting Titbit's From the Google of Information Security


Source from cryptome and input data's filtered for things related to Malaysia & Kuala Lumpur.

This information could be a gift to Malaysia Independent 50th Golden Anniversary... which look bleak with all those superficial lights and sounds.

Happy Merdeka Day!

A sends 30 August 2007:

Please note the following, current as of 2105hrs GMT 30Aug2007:
TIME Telecommunications Sdn Bhd [NSA-affiliated IP range]
Kuala Lumpur MY
211.24.0.0 - 211.25.255.255
ns2.time.net.my [203.121.16.120]
ns1.time.net.my [203.121.16.85]


JARING Communications Sdn Bhd [NSA-affiliated IP range]
Kuala Lumpur MY
202.190.0.0 - 202.190.255.255
ns6.jaring.my [192.228.128.16]
ns5.jaring.my [61.6.38.139]

Looks like Maxis is still clean. And DIGi is not on the list.. yet.

Add-on popular companies among the list:

Google [NSA-affiliated IP ranges]
Mountain View CA US
64.233.160.0 - 64.233.191.255
66.102.0.0 - 66.102.15.255
66.249.64.0 - 66.249.95.255
72.14.192.0 - 72.14.255.255
209.85.128.0 - 209.85.255.255
216.239.32.0 - 216.239.63.255
ns3.google.com [216.239.36.10]
ns4.google.com [216.239.38.10]
ns1.google.com [216.239.32.10]
ns2.google.com [216.239.34.10]

Yahoo [NSA-affiliated IP ranges]
Sunnyvale CA US
69.147.64.0 - 69.147.127.255
216.155.192.0 - 216.155.207.255
ns4.yahoo.com [68.142.196.63]
ns2.yahoo.com [68.142.255.16]
ns5.yahoo.com [216.109.116.17]
ns1.yahoo.com [66.218.71.63]
ns3.yahoo.com [217.12.4.104]

AltaVista Company [NSA-affiliated IP range]
Sunnyvale CA US
216.39.48.0 - 216.39.63.255
ns4.yahoo.com [68.142.196.63]
ns2.yahoo.com [68.142.255.16]
ns5.yahoo.com [216.109.116.17]
ns1.yahoo.com [66.218.71.63]
ns3.yahoo.com [217.12.4.104]

Amazon.com, Inc. [NSA-affiliated IP range]
Seattle WA US
72.44.32.0 - 72.44.63.255
pdns3.ultradns.org [199.7.68.1]
pdns1.ultradns.net [204.74.108.1]
pdns2.ultradns.net [204.74.109.1]

Among many listed..

Source here.

Hey! I listen to:

Labels:

posted by zarxcky @ 8/31/2007 12:45:00 AM   0 comments
About Me
Previous Post
Archives
Links
Comrades
Syndicates