Water

Posted on June 14, 2013 by pjp 5 Comments ↓

Hi,

This post is to spread the word – Water. To spare a moment to think about – Water. To help grow awareness about this source of life – Water. Do share!

I was thinking of writing this post since I read this column about the must watch environmental documentaries. Initially it was to be more about interesting documentaries to watch. It’s not about documentaries any more. It is about – Water.

Ever since I read that column and saw these movies – Blue Gold: World Water Wars & FLOW: For Love of Water – I’m seeing more and more similar stories and patterns. Ex: In this news they say Egypt is ready to wage war against Ethiopia for the later is planning to build a dam on the river Nile. In another story folks in Chile are protesting against a big multinational corporate which wants to build a dam on their pristine river. And today these pictures about water shortage in Delhi. What could be more ironic than to have one of the oldest river, on the banks of which lord Shri Krishna himself once played and bathed, flowing in your backyard and yet you are thirsty for Water.

Actually, being an Indian, none of this or what they show in the above documentaries comes as surprise or news to me. For these situations and fights are quite commonplace in India. Yet, what surprises me is how less do we talk and discus about these issues in comparison to all the drama and brouhaha about PRISM and surveillance states and digital privacy & rights and gay rights and gun control and if you are in India, you see drama over arrest & pardon of an actor, IPL cricket, spot/match fixing, and to top it all octogenarian senior most politician throwing tantrums like a 10 year old girl and the others cajoling him out of it. It’s crazy! All these things don’t even matter to everybody like Water does.

Even more surprising is how some of us justify wrong doings of big corporate multinationals and powerful bodies. I had heated debate wherein I was explaining about this movie Blue Gold and how people are protesting against big corporates for building dams and pumping billions of galleons of water every day from natural water sources and how it is practically drying those sources. And they come back saying private companies are perfectly justified in trying to maximise their profits and value to their shareholders, that is why they exist. I should/could not hold them responsible on moral or ethical grounds. I was absolutely stunned and surprised beyond shock for a moment.

I understand that private companies work to maximise their profits and I’m okay with that. But if you pump billions of galleons of water every day for that profit and value to your shareholders, I think it is wrong. And it should take less than common sense to see that it is wrong.

Along with all the global political and financial deficit we carry today, we also have greater crisis/deficit in being able to know right from a wrong and good from a bad.

Some of these links below:-

[1] Water shortage in Delhi – http://blog.tehelka.com/photo-blog-water-shortage-in-delhi/
[2] Egypt on war against Ethiopia – http://oilprice.com/Geopolitics/Africa/Egypts-Instability-Triggers-a-New-Proxy-War-Against-Ethiopia-and-its-Allies.html
[3] Chilean protest – http://adventureblog.nationalgeographic.com/2013/06/10/rios-libres-video-2-the-history-of-the-dam/
[4] Environmental documentaries – http://calamur.org/gargi/2013/06/07/lokmat-column-must-watch-environmental-documentaries/
[5] Blue Gold – World Water Wars – https://www.youtube.com/watch?v=Ikb4WG8UJRw
[6] Flow – For Love of Water – https://www.youtube.com/watch?v=zmWdco0glEA
[7] Satyamev Jayate – Water – https://www.youtube.com/watch?v=bqVAHBiGLic
[8] Truth About Tigers – http://www.truthabouttigers.org/home/

Tagged with:
Posted in Uncategorized

New DJBDNS-1.05.7

Posted on March 24, 2013 by pjp 2 Comments ↓

Hello,

    # yum install ndjbdns-1.05.7

I feel happy to announce yet another release, version 1.05.7, of the New DJBDNS. This is by far the most complete release of the New DJBDNS. It fixes a major bug(BZ#913651) in dnscache resolver while reading domain specific server data. The fix adds a new debug option to validate the authoritative server data stored in the memory. It also includes couple of new features which enable DNS servers to listen on multiple interfaces, on multi-home machines, and respond from the same IP address to which the requests were sent: BZ#913667 & BZ#917580.

This was an interesting issue to fix. Linux follows something called Weak Host Model. In this, a host chooses to send response packet from an interface/address that is most appropriate to it, which may not be the one on which the request was received. This means the destination IP address in the request and source IP address of the response could be different. This ensures that clients would never receive response from the server, would time-out and resend their requests. I’m surprised that there is no hardware level switch or kernel boot parameter to enable/disable such behaviour. The behaviour seems fundamentally flawed.

Apart from these changes, release 1.05.7 includes last of the DJB tools: walldns server. I’m pleased to announce that with walldns server, release 1.05.7 officially concludes the packaging exercise of the djbdns. Tools that are not installed, for these are no longer useful are:

    noinst_PROGRAMS = dnscache-conf tinydns-conf pickdns pickdns-data \
                                pickdns-conf rbldns-conf walldns-conf axfrdns-conf dnsmx

I urge you to upgrade to this latest version and hope that you continue to find it valuable and useful in your set-up. Thanks to Mark Johnson, Simone Caronni, Christoph Gröver for helping me with the reviews and testing of these new changes.

Thank you! :)

Tagged with: ,
Posted in Uncategorized

New DJBDNS-1.05.6

Posted on February 6, 2013 by pjp 15 Comments ↓

Hello,

I feel happy to announce yet another release of the New DJBDNS. (New wordpress interface looks neat too.)The release 1.05.6 of N-DJBDNS fixes a major security flaw in the DNS resolver, which would allow an attacker to keep a domain name alive in the resolver cache, even after it has been revoked by the DNS server. It is known as a ghost domain attack. This release also includes the Real time Block List DNS tools: rbldns & rbldns-data. Full list of the added features, latest source and RPM packages could be accessed from

  here -> http://pjp.dgplug.org/ndjbdns/

This latest package is also available via Fedora & EPEL stable repositories. I strongly urge you to install the update via

   $ yum install ndjbdns

It has been truly wonderful to work on N-DJBDNS package; Recently a kind user conveyed his remarks:

I just wanted to thank you for N-DJBDNS.  I’ve been using djbdns (as a caching resolver) with a Fedora system since about Fedora 8.  I did have an older Fedora package, but with some of the init rewrites (systemd), having an updated RPM package makes installation quite simple.  Reported success on Fedora 18 of N-DJBDNS – post install, all I had to do was point Network Manager’s resolver to the lo, 127.0.0.1.

I’d like to thank all users for using N-DJBDNS and invite those who haven’t tried it yet. I’d also like to thank Mark for filing bugs and helping me with the updated patches and reviews.

Thank you so much! :)

Tagged with: , ,
Posted in Uncategorized

ndjbdns-1.05.5

Posted on January 4, 2013 by pjp 4 Comments ↓

Hi, happy new year! :)

I’m happy to announce the latest release of New DJBDNS version 1.05.5. This release is special. It includes two very important security patches reported here -> BZ#838965. These patches protect dnscache resolver from cache poisoning attacks. Please do # yum update to this latest release asap.

Second, I’m pleased to introduce my new co-maintainer – Mr Simone Caronni aka Slaanesh. Slaanesh is an avid Fedora user and an expert developer. He recently submitted useful patches for NDJBDNS and offered to co-maintain the package. It’s encouraging to receive patches and comments from your users. Slaanesh’s offer to co-maintain the package was overwhelming. When I look back, I think it’s a significant progress from a point when nobody wanted to review NDJBDNS for years, to having a co-maintainer for the package. Please join me in welcoming Simone(Slaanesh) aboard the NDJBDNS wagon:

    Welcome aboard Simone! Thanks so much for being the super NDJBDNS user. :)

I have already pushed the latest NDJBDNS package to the Fedora stable repositories, soon you should be able to do

    # yum install ndjbdns
    # yum update ndjbdns

Another good news is, NDJBDNS is now available as EPEL 5/6 package(courtesy Simone:). Now you can use NDJBDNS on the Enterprise Linux Platforms of your choice.

Lastly, I want to thank Mark Johnson for reporting the bugs and helping me with code reviews and useful updated information. I also wish to thank all NDJBDNS users for the constant encouragement via comments and patches.

Thanks so much and happy new year! :)

Tagged with: ,
Posted in Uncategorized

nullcon Delhi’12

Posted on September 29, 2012 by pjp 2 Comments ↓

Hi,

The nullcon day #2 is turning out to be really cool! After the keynote speech by Mr Alok Vijayant of IDG(NTRO), Mr Zoltan Hornak demonstrated insecurity of the ubiquitous Set Top Box devices. Mr Zoltan was followed by Mr Rahul Sasi who demonstrated the vulnerabilities of the IVR systems. Though the talk seemed a bit detailed, it was intriguing.

Yesterday, I reached the venue at 0900 hrs. after a short bus ride and a long walk(as I missed a bus stop closer to the venue). The day started with a brilliant keynote by Mr Raghu Raman, head of the NATGRID. Mr Raman’s articulate talk was about how technology is rapidly changing the case for cyber warfare.

The keynote was followed by couple of drab talks about android forensics and the state of cyber security. I wonder if the drabness was because of the lack of expertise, lack of experience in public speaking, lack of language proficiency or just plain inability to convey clear thoughts. Anyhow, I think there’s a dire need to train people in public speaking, which is often very neglected skill in our (Indian) upbringing. It is a fairly complex task to produce effective speakers, but I’m sure there are people who provide such training or may be here is an idea for an interesting new start-up.

Before lunch, I attended Kital‘s talk about the Fedora Security Lab. It was very well received. Many participants showed interest in packaging their tools for Fedora and some even in translation work for Fedora. After lunch, I attended another good talk by Mr Aashish Kunte. Aashish spoke about Forensic Timeline Analysis and collecting data for the same. A few pictures from the event are

     here -> https://secure.flickr.com/photos/pjps/sets/72157631648529540/

Overall it’s been an excellent experience to attend nullcon Delhi 2012. :)

Tagged with: ,
Posted in Uncategorized

Fedora meet at nullcon Delhi

Posted on September 16, 2012 by pjp Leave a comment ↓

Hi..!

Nullcon – the Information Security conference which brings eminent hackers, researchers and information security professionals together under one roof, is happening in Gurgaon, near New Delhi, at the end of this month between Sep 26 – 29, 2012.

    -> http://www.nullcon.net/website/conference/it_conference.html

Mr Joerg Simon, aka: Kital of Fedora Security Lab, is going to talk about FSL and Open Source Security Testing Methodology Manual(OSSTMM) at the conference.

    -> https://spins.fedoraproject.org/security/
    -> http://www.nullcon.net/website/conference/speakers/profiles/joergSimonNullcon.html

I plan to join Kital for the conference and to discus about FSL. If you happen to be in the vicinity of Gurgaon/New Delhi or are planning to visit New Delhi end of this month, please drop by the conference and we could have a small Fedora meeting at nullcon Delhi. :)

Though the conference is paid, the exhibition and the job fair is free for everybody to attend.

…see you there! :)

* original post

Tagged with: ,
Posted in Uncategorized

Fedora-17 Anaconda LVM Bug

Posted on September 9, 2012 by pjp 4 Comments ↓

Friday, I get new laptop – Lenovo Thinkpad X220. Excited, I copy boot.iso to USB device and set out to install Fedora-17.

    $ dd if=boot.iso of=/dev/sdb

Usual chore: select language, time zone, set root password, create paritions, select packages and install. I create partition table: mix of standard partitions and LVM logical volumes. I never tried LVM logical volumes before.

  • /boot   ext4   128M
  • /         ext4     20G
  • swap   swap   04G
  • LVM Physical Volume 280G encrypt=ON
  • /home   LV  ext4    10G    encrypt=ON
  • /data1   LV  ext4    70G    encrypt=ON
  • /data2   LV  ext4   100G
  • /data3   LV  ext4   100G

Next, I select Gnome Desktop, de-select some packages, select few others, hit install. It takes more than an hour to finish; says – crongratulations, installation complete. I reboot.

System boot-up halts with message – Cannot find font file True, throws me on to emergency mode shell. I google message – see something about boot parameter SYSFONT=True, I set SYSFONT=latarcyrheb-sun16, boot again. System boot-up halts with several – Dependency failed for blah – messages, throws me on to emergency mode shell. I figure, I goofed up at custom package selection. I think it is weird, very un-likely, to get dependency errors.

Saturday afternoon, I set out to re-install again. Everything same, I go with default Graphical Desktop option, no customisations, hit install. It takes more than an hour to finish; says – congratulations, installation complete. I reboot, same error. I re-install again, select Minimal option, no customisations, hit install. It takes more than an hour to finish; says – congratulations, installation complete. I reboot. Again same error. I post a message on #fedora-devel, they say – cannot find font file True – not error. Yet no idea why system can not boot.

It’s past 23:00 hours, I’m tired, losing patience. For last time, I re-install, select Software Development option, no customisations, hit install. It takes more than an hour to finish; says – congratulations, installation complete. I reboot. Same error, emeergency mode shell. I ask on #fedora-devel again, they say looks like LVM glitch. I list LVM volumes – $ lvs – it says – no physical volume. I try – $ lvmdiskscan – it says same – no physical volume. I collect install.log, anaconda-ks.cfg, install.log.syslog, dmesg.out, file bug.

   -> https://bugzilla.redhat.com/show_bug.cgi?id=855548

As I file bug, I think about – LVM Physical Volume 280G encrypt=ON. I nailed it! I re-install again. Everything same, but -> LVM Physical Volume 280G encrypt=Off. I select Graphical Desktop -> Customise now, de-select some packages, select few others, hit install. It takes more than an hour to finish; says – congratulations, installation complete. I reboot.

Systems boots up to show fireworks on the shiny new login screen! :) I login, run $ rsync to copy $HOME from old laptop. Everything in place. Look at watch, says 04:30hrs. I think about sleep. I come home, sleep.

Sunday afternoon, I write this post as I watch The Pianist.

Tagged with: ,
Posted in Uncategorized
Follow

Get every new post delivered to your Inbox.