Nirlog.com

When I read Mahabir Pun’s story about how he brought the wireless technology to a remote mountainous village of Nepal called Nangi, I was amazed by his determination! What an inspirational story of a man with a noble cause. It really gave me goose bumps, I just thought what a difference one committed individual can make to a society. With his determination, hard-work, and dream, he changed the lives of all the people of Nangi village for better. What a meaningful way to use the technology and what a wonderful way to live this life. I sincerely wish I could do something like that. I’ve written to Mr Pun and hopefully I could be helpful to his project in someways.

Relay Station 2, Khopra with Antennas Pointing to Different Villages Elevation 3,600m (~12,000 ft)
More Photos

Read the rest of this entry »

How do you monitor your network traffic? Of course using MRTG, you might say. Yes, that’s true, MRTG does an excellent job of monitoring traffic across networks and devices (router/switches). But when you see an abnormal traffic in MRTG, how do you find out what is generating that extra abnormal traffic? This is where ntop comes into play. Basically, MRTG shows you a bigger picture, whereas ntop lets you zoom into individual networks and hosts, and gives you enough information to pinpoint the hosts or devices generating extra/abnormal traffic.

ntop is a tool that shows network traffic usage. It is based on libpcap and when installed in a place where it can capture network traffic (hub or a mirrored port of a switch), it logs and reports information concerning IP and Fibre Channel traffic generated by each host in the network. ntop has a very rich and user-friendly web interface for reporting.

This is what ntop can do for you:

* Sort network traffic according to many protocols
* Show network traffic sorted according to various criteria
* Display traffic statistics
* Store on disk persistent traffic statistics in RRD format
* Identify the indentity (e.g. email address) of computer users
* Passively (i.e. withou sending probe packets) identify the host OS
* Show IP traffic distribution among the various protocols
* Analyse IP traffic and sort it according to the source/destination
* Display IP Traffic Subnet matrix (who’s talking to who?)
* Report IP protocol usage sorted by protocol type
* Act as a NetFlow/sFlow collector for flows generated by routers (e.g. Cisco and Juniper) or switches (e.g. Foundry Networks)
* Produce RMON-like network traffic statistics

Read the rest of this entry »

I was surprised to read this (Nepali), it says that Ram Bahadur Bomjon, the Buddha Boy attacked and injured a guy with his sword. The blog entry refers to a Nepalese newspaper “Naya Patrika”, according to which Bomjon attacked and injured 22 years old Anil Khatri with his sword because Khatri entered the meditation premises without permission.

The report seems conflicting — first it says that Khatri was taken into control for three hours before being attacked in presence of committee members, and later quotes a committee member Yekananda Kunwar, who says: “Khatri was attacked because he tried to enter the meditation premises with a Khurpa (Nepali knife) when no one was around”.

To me, all this sounds a bit strange — a person meditating for peace resorting to violence, but again the facts are not clear yet! hopefully more details will emerge soon.

[Thanks for the link, Bharat.]

After switching to a mac, I tried many desktop password managers, and had written about Password Managers for OS X, which got a lot of attention. It’s needless to mention the importance of using a password manager since we use passwords to protect almost everything digital, and we’ve so many of them today. Currently we trust most of our private data like, emails, bookmarks, documents, spreadsheets and calendar events to some online providers like Google, Yahoo or Microsoft. So, how about your secrets and passwords stored online, somewhere in the cloud? I know what your immediate response is, passwords? No way I’m going to store my passwords online! But you might want to give a second thought because now the technology is secure enough. Thanks to Host-Proof Hosting. If the owners of the servers wanted to mess around with your information, or even if the server gets hacked, they won’t be able to recover your data. In Host-Proof Hosting the sensitive data is always transmitted to the server in encrypted from using a pass-phrase. The good thing is that, this pass-phrase is never transmitted to or stored in the server. The server can never access the stored data in it’s plain form. All the encryption and decryption takes place in the client side, inside the browser. This is basically a “Zero-Knowledge” web application, where the provider knows nothing about your actual data.

* User enters pass-phrase to begin using the system. Browser retains the pass-phrase as a global variable.
* User requests a list of all data belonging to him.
* For each record, the system stores the associated user ID in plain-text, the record ID in plain form, and the record content only in encrypted form. (The message content is one or more database columns, each encrypted.) Thus, system is able to return a list of record IDs for this user.
* User selects one of the record IDs.
* System checks that this user ID is associated with the record ID, and returns the corresponding message content.
* Browser uses stored pass-phrase to decrypt the contents.

Ok, with that background if you’re ready to store your sensitive information online, here are few choices for you.

Read the rest of this entry »

I remember being admitted to a boarding school when I was in class 6 (around 12 years old). From that time I’ve been living away from home (most of the time). Trying to make new homes, a home away from home…, In 1990 I left my home town Pokhara to join Amrit Science College in Kathmandu. In 1992 I left my country, and flew to Russia, where I completed my higher education and lived for 6 years. I came back to Nepal in 1998, and started my IT career. Came to Hong Kong in 1999, where I have been living with my wife and son since then.

Hong Kong has been a special place for me both in personal and professional aspect. Personally, my married life started together with my wife here, my son was born here, I’ve made many friends, and overall I find Hong Kong very friendly and peaceful place to live (except the buildings are too tall and your living apartments are too small). Professionally, I had an opportunity to work in a very interesting company (Japanese), where I grew up to become an IT System, Networking and Security Professional. I obtained some well respected professional certifications like CISSP, CCNA, ACP, and earned my Masters Degree in IT. Hong Kong has been a nice stop in my life, but the journey continues…, I’m leaving Hong Kong, this time the destination is UK. I’m moving to UK in August 2007, with my family. By moving to UK, I hope to improve the quality of life for my family in the long term, and I think I’ll have more interesting opportunities to grow professionally as well. If anyone in UK is looking for someone with my background (pdf), feel free to contact me or email me at niranjan.kunwar@gmail.com.

I’m having mixed feelings at this stage. A lot of excitement and some uncertainty at times. I’m observing my feelings with great interest. I’ve learned to watch my own feelings, and chatter in the head up to some extent, thanks to mindfulness meditation. It’s amazing to step back and observe what your mind is doing. This gives some clarity and helps make important decisions. I truly believe that life is a journey, not a destination, and I’m really enjoying this new phase of my journey that’s about to begin.

Any tips (for a newcomer) from people living in the UK will be very much appreciated. You can leave comments or contact me.

Ok England, here comes one more geek!

The benefits of designing and testing complex networks in simulated environments are obvious to network professionals and companies. It lets them test the network configurations before implementing it in the real world, and the good thing is that, they can do this without investing any money in expensive hardwares. Virtual networks are also excellent tools for academic and certification purposes like CCNA, CCNP or CCIE, where students can get hands-on experience configuring cisco routers.

Currently Cisco is the leader in Networking market, and Linux, the leader in Server market. So, if you want to test your complex (or not so complex) network configurations before buying any actual linux servers or the very expensive cisco routers, then you can use Dynamips to simulate Cisco Router/Switch and VNUML (Virtual Network User Mode Linux) to simulate your linux servers/routers. Both Dynamips and VNUML are open source and free.

Read the rest of this entry »

There are many things you can and should do to keep your system and network secure. As the saying goes — “Security is not a single event or a product, it’s a process”. So, you’ve to keep up with all the changes, installing firewalls, IDS/IPS, network security monitoring, auditing, making security policies, password policies, email policies and so on… Yes, all of them are very important and you’ll be dealing with most them depending on your security requirements. But there’re some basic things every network and system admin should follow. Personally, I’ve found 4 things that are very simple yet effective in securing your systems.

Read the rest of this entry »

Snort has always been, and still is my favorite IDS (Intrusion Detection System) although I manage many UTM (Unified Threat Management) Firewalls with built in IPS/IDS (Intrusion Detection/Prevention) now. The commercial UTM Firewalls with IPS/IDS are easy to use and configure but they come with a high price tag and aren’t easy to customize. Even though snort is not that easy to install, configure and manage it still is the most popular IDS/IPS today because of the fact that it is open source, free, easily customizable, easy to create rules, signatures are always kept up-to-date by its community and plenty of excellent documentation, guides and books.

Snort captures enormous amount of data from the network and generates alert based on the rules and signatures. There’re currently 3 excellent and relatively user friendly ways to manage and analyze the snort data:
Read the rest of this entry »

Mac OSX Leopard - The latest and greatest Mac OS X, major features unveiled. New Desktop, Finder, Time Machine, Spaces, Quick Look and many more…

Safari for Windows - The sleek and fast apple browser comes to Windows world. I’ve installed it in my windows machine and surfed for a while. The first impression is that, it’s faster than both IE7 and Firefox, but at the same time it’s buggier, in an hour browsing it crashed twice (it’s currently in beta and I’m sure it’ll be fixed soon).

iPhone to Support Third-Party Web 2.0 Applications - So, Apple is allowing the developers to make iPhone apps and host them on their own servers. iPhone is using full Safari-based browser.

WWDC 2007 Keynote (QuickTime Video on Demand) - Watch Apple CEO Steve Jobs unveil and demo Leopard features in his World Wide Developer Conference keynote address from San Francisco’s Moscone West.

Go and download a free DivX Pro for Mac by giving your email address. The license will be sent to your email address. No word on why they’re giving it for free, but who cares. It’s a good chance to get an excellent video player worth 20 bucks for free. I’ve already downloaded and installed mine. Act quickly!

Via: macenstein