My life as an IT geek!!!

[::.Personal::.]
Resume
Webmail

[::.White Papers.::]
RFCS
Protocols
Networking
Security
Honeypot

[::.OS.::]
Slackware
Redhat
FreeBSD
OpenBSD
NetBSD
Solaris
All Other Unices
What about Microsoft?

[::.Programming .::]
Perl
PHP
C
ASP
VB
HTML
Assorted

[::.HOWTOs.::]

POSTFIX
Rough Postfix

APACHE
Quicky Apache

CHECKPOINT
Checkpoint/Freebsd Integration
IDS on Checkpoint
FW-1 State table
Building rulebase
Auditing setup
Troubleshooting FW-1

SOLARIS
Solaris Password Recovery
Solaris Tutorial 1
Solaris Tutorial 2
Armoring Solaris I
Armoring Solaris II
Sun Error Codes

LINUX
Armoring Linux
Kernel
Find RPM
ISO Images

Firewalls Tutorial

[::.Security Tools.::]
nessus
saint
netcat
snort
tcpdump
ethereal
whisker
dsniff
hping
firewalk

[::.Miscellaneous.::]
my home theater
finishing my basement
dvd list

My books

[::. UPDATES .::]

[::. December 5, 2009, 1am .::]
Few pics of my Pioneer BDP-320 Bluray player

pioneerbdp-320pic1.jpg
pioneerbdp-320pic2.jpg
pioneerbdp-320pic3.jpg

[::. December 3, 2009, 12:07am .::]
I've been experimenting on the audio track of some of my bluray movies. Today, I removed the fiber optic connection from the bluray player and receiver but decided to use 8 rca cables. The 8 rca cables were inserted to the player's 7.1 analog outputs and onto my Yamaha receiver's 7.1 analog input. However, the .1 which is the LFE was inserted directly from the bluray player to the QSC PLX amplifier. Doing this kind of setup, I am able to benefit from Dolby TrueHD or DTS-HD MA(30mbps) audio tracks rather than digital optical out via fiber optic which is only at 2mbps.

This evening, I tested Dark Knight in Dolby TrueHD format. The audio was pretty cool. It was good. Anyways, I was given a list of bluray movies with DTS-HD MA audio format. Hopefully, I'll be able to buy a few from this list before the end of the year. I actually have KungFu Panda bluray movie but I still haven't opened it yet. It's in Dolby TrueHD audio format but many audiophiles consider this movie a reference quality movie. This would be another good movie that I can test. I'll keep you posted.

[::. December 2, 2009, 3am .::]
Finally, my wait suffering for bluray player has ended. I bought a Pioneer BDP-320. I am quite impressed with the upscaling capability on dvds. It's even better than my Toshiba HD-A2 player. I love this pioneer since it can decode Dolby TrueHD and as well as DTS-HD Master Audio. It's even got 7.1 analog outputs which would be very beneficial for folks who doesn't have hdmi inputs on their receiver. With 7.1 analog output from the BDP-320, you still get to experience the audio quality as close to the original. Anyways, here are some screenshots

Transformers 1 in DVD but upscaled to 1080p
Transformers 1 in DVD but upscaled to 1080p
Corpse Bride - 1080p
Corpse Bride - 1080p
Corpse Bride - 1080p
Corpse Bride - 1080p

[::. August 25, 2009, 10am .::]
A big sigh of relief!!! :D. This is the critical stage, don't let them dry out! Water for 5-10 minutes 3 times a day say 10am, 2pm and 6pm but if it puddles, go slowly on that area. Next 10 days would be 1 time a day watering for 15-20mins. I guess, I'll have to water around noon. We'll see.

Day 10 pic 1
Day 10 pic 2
Day 10 pic 3
Day 10 pic 4
Day 10 pic 5
Day 10 pic 6
Day 10 pic 7

[::. August 23, 2009, 6:21pm .::]
Here are the first 7 days after I dropped the seeds on August 15.

Day 8
Day 5 pic 1, OUCH!!! :(
Day 5 pic 2
Day 3 pic 1
Day 3 pic 2
Day 2
Day 1 pic 1
Day 1 pic 2
Day 1 pic 3
Day 1 pic 4

[::. August 5, 2009, 5:42pm .::]
I don't like my lawn that's why I killed it!!!

Lawn Pic 1
Lawn Pic 2
Lawn Pic 3
Lawn Pic 4
Lawn Pic 5
Lawn Pic 6
Lawn Pic 7
Lawn Pic 8
Lawn Pic 9

[::. July 31, 2009 .::]
Check out my July Garden 2009 Update folks!!!

[::. June 2009 .::]
Check out my June Garden 2009 Update folks!!!Also Check this out, Early June Garden Update.

[::. November 26, 2008, 1 am .::]
Just a video of my diy subwoofer in action.

[::. June 13, 2008, 1 am .::]
Summer is here...woohoo!!! Now, enough for the home theater hobby. Finally, my lawn is getting better. With organic practices, green up of lawn is usually slow. I remember around late April, I still have about 30% dead grass from last winter. When it started getting warm, the organisms started to devour the dead grass blades. Anyways, check out my lawn as of June 12 here.

[::. March 23, 2008, 7 pm .::]
Man, I found another pair of Polk Audio towers for $80. That's a steal! Sound is amazing! Also, I have mounted the two Paradigm Atoms to the rear as Surround Backs. It works when movie is either Dolby EX or DTS ES. I also have to turn on EX/ES via the remote. Check out my latest setup here.

[::. March 12, 2008, 11 pm .::]
Finally, my 2 Autopatch 1YDM have been migrated to the production environment, hehehe! :). They've been collecting dust for more than a year. Actually, I bought the first one back in 2006 for $40. It had 2 8x8 standard boards. I bought the other one for $36 2 months ago. This is far better than the first one because it has 5 4x4 Wideband board/modules. Wideband boards are ideal for routing highdef signals since it has enough bandwidth to carry HD signal. The 4x4 module will allow me to have 4 video sources route to 4 different areas in my house. I use the 8x8 standard boards for routing L/R audio. However, it can also be used to carry other signals such as digital signal.

I wrote a simple unix script that will allow me to change the video source I want to watch and depending on what area I'm at in the house. The master 1YDM(4x4) is hooked to my linux's serial port 2(/dev/ttyS1) via a NULL modem cable. The slave 1YDM(8x8) is cascaded to the master 1YDM via a 6" serial cable(pins 2-3,3-2 and 5-5). Here is the script. This script gets called via LIRC(Linux Infrared Remote Control). Down below, I wrote a HOWTO on how I compiled and built lirc on Linux.

Anyways, for now, I have only assigned 2 areas, the Family Room and the Basement Home Theater. So how does sendfeed.sh gets called? In my /etc/lircrc file, I assigned 4 buttons on remote control. So if I am in the family room and I want to watch what my visitors in the basement is watching in HDDVD or MythTV, I either press 3 or 4 button from my remote.

Below are 2 pictures of my HT equipments. You can clearly see from the rear panel the 2 video sources. Both of them are outputting RGBHV signal. One warning though, 1YDM is not a converter. It won't convert Component Signal(YPbPr) to RGBHV or vice-versa. It's just an intelligent splitter on steroids. That means, my CRT RPTV HDTV in the family supports RGBHV signal. More pictures can be seen here.

Back Front

What can I say about this device? I'm blown away by the simplicity of BCS programming, Autopatch's Programming Control Language. And lastly, the PQ of the HighDef signal being routed is phenomenal. I don't see any PQ degradation at all! ;) I'm glad that I put 5 runs of RG6QS and 2 CAT5e to every strategic room in the house.

[::. Feb 2, 2008, 12:41 am .::]
I had a simple home theater setup at the previous house. I used Paradigm Atoms for my mains and SVS 20-39Pci for the subwoofer. The Atoms are still with me but today, she's no longer my mains. She's been assigned the surround LR position. Regarding my SVS 20-39Pci subwoofer, she found a new home in Rhode Island. She got replaced by 2 massive 18" FiCar IB audio driver which I will be using for my future Infinitely Baffled configuration.

Anyways, I brought my Atoms to a Paradigm authorized dealer so they can check if something was wrong. I was hearing some weird noises when listening to music and watching movie. They told me that I was just overdriving them so hard especially they're small.

Just near their exit door at that store, I saw a used floor stander/towers being sold. It was a Polk Audio RTA 11T floor stander. We listened to some music and I was floored/blown away by the sound quality. I did more research about these models and found out from the guys at Polk Audio that the drivers used on these models were the flagship drivers used on their SDA(Studio Dimensional Array) line.

I brought home 2 brand of speakers so I can test them. I brought home the RTA 11T and another pair of Paradigm Mini Monitors. I A/Bd them and after listening to different music, the sound from the 11T was phenomenal. Even if it was loud, it wasn't harsh to my ears. Here are some few pictures which I took this evening.

Left Right Left/Right frontshot

Verdict: I kept the RTA 11Ts. The Boz Scaggs (shown in picture) is definitely the bomb. I also played Diana Krall's Live on Paris, OH MY GOD, she was phenomenal!!! I also played Alison Krauss included on our AVS Forum DVD Demo Disc #5, the main/bass guitar's and the piano's sound sounded like as if I was in the concert. It totally blew me away! More pictures here.

[::. January 26, 2008, 4 pm .::]
It was a boring Saturday afternoon and I was having a hard time thinking of what I should do especially when staring at dead snow. :D

So I decided to conduct a test to find out how my subwoofer was performing since I had the tools. The guys at Home Theater Shack taught me how to use their Room Equalizer software.

I was already prepared myself that the room where all my gears were setup won't respond properly since it had no walls, no drywalls, no carpet(just plain concrete floor), etc, simply, as audiophile will say it, it was not treated. This way, I won't get dismayed. So I started the hook ups, connected the output from my RadioShack SPL meter to my laptop's LINE IN. Then I connected the LINE OUT from my laptop to one of the inputs on my Yamaha Receiver. Oh, make sure your machine's sound card is full duplex or else, you will get incorrect reading. I fired up the Java based Room Equ tool and calibrated the frequency/master volume to match the recommended value on the tool. It was 75db. After running the tone sweep, this is the graph that was generated. As you can see, I had a spike at 22hz, then another one at 28hz and a big bad spike at 58hz. This is caused by bouncing sound all over. There are ways of fixing this issue such as moving the sub to a different location. However, I'm saving money now on a Behringer equalizer so I can tune the sub as close to the reference line.

[::. November 24, 2007, 10 pm .::]
I've started planning/building my dedicated home theater room. It will be a 21ft x 14ft in dimension. The screen's aspect ratio is 1.78 but will be able to accomodate a 2.4, 2.35 and a 1.33 aspect ratio movies. The screen size is 10 ft x 5ft by Wilsonart Designer White DW354-60.

I've started mounting the crt projector. She's finally up in the ceiling. I will work on the screen this week. As usual, I will take detailed pictures during the build process. Click here to see pictures how I made a custom mount and how I mounted the Sony 1272 crt projector.

[::. October 22, 2007, 12:17 am .::]
It's been a long time since I updated this page. Been so busy with so many things. Anyways, just want to share the new toy I purchased recently. It's actually an old projector that is CRT based(3-gun tube). I bought two of them, one dead and the other one was intermittent. I was lucky that after swapping modules, the intermittent projector became very stable.

Anyways, here are some few screenshots of my crt projector in action. Some movies were displayed at 8 ft. and some were 9 ft.

[::. March 26, 2005, 11 pm .::]
Here are fews updates on my experience with building and using Mythtv. You can read the full details here. It includes events how I got my Fedora Core 3 running Mythtv to drive my HDTV. I also have written a HOWTO on building and installing 2 Linux Remote Infrared Control (LIRC) instance. I am using LIRC to control my Mythtv.

Hooking PC to your HDTV. Read more.
Compiling/installing linux kernel from source and latest Nvidia graphics driver. Read more.
Installing 2 LIRC instance. Read more.

Have fun!

[::. January 1, 2005, 1:25 pm .::]
Well, it's a new year and happy to say that we're still here. Anyways, I've been reading up a lot on MythTV. MythTV is an opensource personal video recorder just like Tivo. Although with Tivo, it requires that you are subscribed to it and you have to pay monthly for the subscription. I'm not comfortable paying extra money just to record programs. You can learn more about on Mythtv via this link. Right now, I still haven't bought the requirements yet to build the MythTV. But since I was so eager to really start and so that it will really push me to finish it, I started building the infrared transmitter. There are commercial infrared transmitters out there but I don't want to spend extra bucks on it. An IR transmitter allows you to change channels in your satellite receiver via MythTV. The ir transmitter howto I built can be seen here. Of course, we are still missing something in the equation. You will have to have an IR receiver. That's my next project.

[::. August 15, 2004, 01:37 .::]
I'm back guys and I am here to share how we can use PHP to convert HEX to BINARY. Huh, get a scientific calculator then you're done. Well, I am not going be tackling mathematics here, but what I was referring to is the HEX number that we see in Ethereal captures and binary file encoded as decimal but written as in ASCII. Back in 1992(college days), I wrote a Pascal program that will check if a file is a flic(.fli) file by reading the header of the file. FYI, flic is a type of animation format just like MPEG.

Anyways, while pondering about the things I did during my college days, it just came into my mind about searching google for a tool that will allow me to capture the file that was embedded in an HTTP traffic or probably an add-on to Ethereal sniffer. I wasted 3 hours searching and saw some threads but most of them were not helpful. So, I just thought of applying the old techniques I used in manipulating files back in my colleges days. Sure you guys remember those PC-tools or PCshell or even NDD. :)

But before I started coding, I had to analyze the "Follow TCP Stream" capture in Ethereal of an HTTP traffic that had an embedded jpg against the output of hexdump or od tool from a real jpg file in FreeBSD. From there, I was able to find out how the jpg file's header is encoded. Now for the real thing, I used chr(hexdec($the_hex_code))). What my code does is loop through the Ethereal capture, put all the hex in an array, then convert each hex to decimal, then decimal to ascii and write to a file. Below is the exact excerpt of the code I used to generate the binary file.

for ($i=0;$i < count($onebigarr); $i++) { if ($i >=($_POST["start"]-1)) { $err = fwrite($fd1,chr(hexdec($onebigarr[$i]))); } }

I will leave the Ethereal capture for your assignment. Well, the working code is actually found on this link. Input should be a plain text file.

Have fun....

[::. April 04, 2004, 14:08 .::]
It's been a long time since I last updated this site. I got sooo busy after the October 2003 companywide realignment. Well, I'm happy about it because the new team where I am right now manages about 300+ banking applications, 20+ IIS servers, 40+ solaris and about 15+ mssql database servers.

Anyways, I highly believe in opensource technology. There are so many things you can do most especially if you are creative. I will share my ideas or rather the real thing here in this column. It's just that, I can't afford to miss sharing ideas back to the opensource community. The experience I felt in opensource since 1995 until now compares to nothing. I just can't explain the feeling when I am untarring, compiling, troubleshooting a code for 2 or more days, writing my own code or even patching the code. :) I might be exaggerated but this is how I really feel. And because of this, I tried presenting one of the top 5 opensource tool to my team and I am very happy to say that Nagios captured their attention.

I will not talk here about Nagios' capablity of monitoring daemon or services but rather monitor statistics or performance counters of a machine and how to plot those counters within the Nagios interface. The recipe used in this kind of configuration are rrdtool, some php knowledge, nsclient(for Win2k), and access to unix's vmstat. I got this idea from Apan but I got so very limited most especially when plotting multiple counter variables. So, I had to write it my way. Here is a screenshot of the vmstat output plotted from within Nagios _main interface.

By creating a serviceextinfo.cfg file and having nagios load this file when it starts, we are able to create an icon on the Nagios interface just beside the service. Here is a screenshot which shows the graphplot-like icon. But of course, you should not do this until you have created hosts.cfg and services.cfg.

Before you can create that kind of graph, you have to make an rrdtool database and here is the command I used to create that rrddb. More tutorial can be found in rrdtool website. Now that we have the rrd db created, it is populated by my libexec/solaris_check.sh. I wrote it from scratch because no one has ever written a vmstat plugin yet. But I hope you still remember the Rule of Thumb for run queue length(r), blocked queues(b) and processes that are swapped out(w) and the 4 times the number of your processors. I will update solaris_check.sh to parse the r,b,w columns.

When you click on the service icon, it calls the graphsolarisload.php we defined in serviceextinfo.cfg which indirectly calls unixsystem.cgi. This is just a plain .sh program. This is also the program that creates the graph in .PNG graphic format.

Well, it took me time to get it working and I'm sure, you will be able to get it running too. Drop me an email if you have any questions about it and I will be glad to assist. Or, if you wanted something similar to your environment, I can work with you during weekends. ;-) Wa da ya think???????????

[::. September 28, 2003, 10:57 am .::]
This morning, while I was having my cereal and at the same time watching the cursor blinking on my SSH session, I decided to look at how NMAP's different stealth options sends the portscan to the target port and ip address. I didn't add DECOY parameter since it will just mess up my sniff. I just got full-charged after attending Network Associates' TCPIP Troubleshooting and Protocol Analysis. That's why I am doing this.

This very short article will also give network administrators or security wannabees a bird's eyeview how traffic is received or sent by the sender and receiver.

Let's start. For my testing, I will only be scanning port 80 on the other end. I used "TCP connect" to port scan my FreeBSD box. The command line was:
nmap -vv -sT -P0 -n 192.168.1.105 -p 80. Here is the result which includes both nmap result and traces. You would also noticed that it only took 1 second which is quite fast.

Next was TCP Stealth SYN scan. The command line I used was nmap -vv -sS -P0 -n 192.168.1.105 -p 80. Here is the result. You will notice that it didn't complete the 3 WAY handshake. So it could be considered as a halfsyn scan too.

Another option I tried was NULL scan. I was impressed with the traces. Just go over the traces. Although, it takes more time to get the results. But it's gonna be harder for a firewall guy to decide if this source IP address was really portscanning his network. So it has its pros and cons. The command used was nmap -vv -sN -P0 -n 192.168.1.105 -p 80. Here is the result.

Similar with NULL Scan is Xmas scan. The command line I used wasnmap -vv -sX -P0 -n 192.168.1.105 -p 80. It also took a long time before I got the results.

Last option I tested was Stealth FIN Scan. The performance was also similar with the last 2 previously mentioned options. The command line I issued was nmap -vv -sF -P0 -n 192.168.1.105 -p 80 and here is the result.

[::. September 19, 2003, 8:03 pm .::]
I have always appreciated the beauty of technology most especially when you use it beyond its boundaries. Like HTTP protocol. If you would look at an HTTP sniffed trace by tcpdump, it is in its plain text. Having an understanding about networks and security, you can take advantage of HTTP protocol and use it as a transport for other TCP protocols. The only reason that you would be doing this is to access your unix-like o.s. at home from your office and that the corporate also employs proxy type of access. Shoot!!!! :(

I have tested this type of access via Squid Proxy server, another open source proxy server. FYI, the process which I am referring here is called Network Access Control Systems bypassing. WARNING: Please do not try this if you don't want to lose your job!!! :)

RECIPE(s): http-tunnel and an opensource Unix-like box such as FreeBSD, OpenBSD or Linux. This link shows the usage of the tool and also gives the exact commands that you can mimic for your own testing.

[::. August 25, 2003, 1:33 am .::]
Just want to share the parameters I used to configure php which enables GD support for graphing, mssql support for Microsoft SQL connectivity via FreeTDS and other graphic file formats support such as png and jpeg. I was tasked to develop another network application w/c will utilize NetIQ database. NetIQ application is a very cool product but there are features that our manager was searching for which he couldn't find in it.

So, I decided to write a php application that will connect to the netiq db, calculate every throughput and response time retrieved from the db, and finally, graph the datapoints.

Anyways, here is the product of my craftsmanship.

[::. August 22, 2003, 8:56 pm.::]
Yo! I'm just ecstatic being able to put back my server up and running. Look at that, it was almost a month of struggle with no fast internet access. I was very patient with my netzero and aol connection. And worst thing about it is that, I forgot that SBC charges local tolls. But anyway, Fox Valley Internet got me hooked up via their wireless presence using Canopy, Motorola's new technology.

I was really impressed when I tested my bandwidth at 2wire. Here is the result. Here is another result from a test conducted at dslreports. Have phun!!!

[::. July 15, 2003 .::]
Hey guys, just want to give you a heads-up about this website. I will be taking my webserver down temporarily on July 26, 2003. I will be moving to a house I bought and hopefully, on July 28, DSL will be installed. I will do my best to bring back the server up and running as soon as possible.

That's it. So July 26, 2003 is the big day.

[::. Jun 7, 2003 .::]
Lately, I've been receiving a lot of spams and infected attachments on emails. So, I decided to reconfigure my qmail server with virus and spam filtering. I was faced with a big problem. I couldn't find /usr/local/src/qmail dir anymore. This folder contained a lot of patched which I did 2 years ago. I still tried to make it work but the system never cooperated. The reason I wanted to keep this production qmail because I have tons of email addresses related to security, firewalls, hacking and so on.

So I was stucked! Fortunately, Postfix is there for the rescue.

Postfix perfectly works with Amavis, Razor amd Spam-Assassin. So I had another issue, any SMTP service by default will listen on port 25. The fix I did is to modify qmail to listen on a different port, in my case, 11125 and have Postfix relay to another port. Here is my /services/smtp/run. I wanted to have Postfix receive all incoming mails from the internet, then forward it to the filters, then if safe, forward to qmail on 127.0.0.1 port 11125.

So how did I tell Postfix that if mail is clean, deliver it to qmail? Postfix's transport_map is here again for the rescue. Below is the line you need to tell Postfix to relay it to another SMTP server.

restricted.dyndns.org smtp:[127.0.0.1]:11125

And also, here is the sketch of the process.

[::. Feb 19, 2003 .::]
Here is a snippet of my code which I wrote to help me analyse our company's network traffic generated by 20 different type of transactions. It is currently being used in our production environment.

Rough flow of process includes (a) Weblogic boxes create logs with information such as amount of time in milliseconds the application was able to finish the transaction, timestamp, transaction type, server ip address etc. (b) perl code which uses oracle DBI to do a sql insert to the Oracle server using the logs of Weblogic (c) php code which pulls information from the Oracle db which also creates a graph based from the recordset return by Oracle. Click here to display a live output of my code.

It then calculates the average round trip of every transaction based on the sampling rate I specify. After it has calculated the average time for one day, it generates a graph. It will display the average milliseconds per number of transaction.

[::. Dec 31, 2002 .::]
I was trying to find a way to block kazaa. I do use kazaa but it was nice studying how kazaa tries to find a control connection. You will be amazed when you see this netstat output. I modified my firewall rules so that it will only allow certain ports for outgoing traffic. I only allowed port 21,22,23,25,80,443,5100,5050,5999 and 6659 >< 6671. From the output, we saw how kazaa client was trying to connect to different ip and different destination ports. You Haxors!!! You rock!!! :)

[::. Dec 19, 2002 .::]
I've been very quiet lately. Anyway, to fill the void in my room, I decided to study how FTP works both in PORT or PASV mode. You are better of studying RFC 959. This tutorial is for those people who loves seeing numbers, flags, TCP 3way handshakes and tcp sessions instead of high-level commands like GET, MGET or LS in ftp.

I will only include captured packets here. From the 2 examples of captured packets, you will understand how FTP works and you will be able to figure out how to tweak/fix your firewall rules. Click here for active ftp and here for passive ftp. BONUS, 192.168.1.105 is the ftp server and 192.168.1.102 is the ftp client. Useless TUTORIAL huh!!! ;>

[::. Nov 11 , 2002 .::]
I just finished building a new firewall. I am running now an Invisible Firewall (IF) using (PF) Packet Filter + Bridging in OpenBSD. So now, here is how my home network is configured.

INTERNET -> mycablemodem -> PF IF bridge -> PF NAT -> MyPrivNET

DAILY BREAD FOR THE MONTH

The Only Way To Be Happy

There is no lasting earthly satisfaction. Marriage, family, money, fame,
enlightenment, travel, athletics, academic achievement - nothing
completes our JOY. Any satisfaction we gain in our quest fades
quickly and becomes a vague memory, if it can be remembered
at ALL.

Oh, to be sure, there are happy events along the way,
unexpected moments when we experience pure delight. But
those moments are fleeting, and we can never go back in time
to relive them and recapture the sensation.

Why then do we keep seeking for something to satisfy us? Simply
put, it's because we have to. Whether we realize it or not, our souls
are thirsting for GOD. Every desire, every aspiration,
every longing of our nature is nothing less than a yearning
for GOD. We were born for HIS love and we cannot live without
it. HE is the happiness for which we have been searching
all our lives. Everything that we desire is found in HIM - infinitely
more.

And so, when you find yourself restless and thirsting for something
more in life, respond to Jesus' invitation, "Come to ME and drink"
John 7:37.
Go to HIM, drink freely of HIS grace and forgiveness, and
experience true joy.