• Sun Tech Days 2009

    Sun Tech Days 2009 is a wonderful opportunity to interact with technology experts from around the world, and a cool place to meet up with developers working on your favourite projects! So what're you waiting for? Sign up already!

    I'll be there for sure, and will be attending as many OpenSolaris and OHAC sessions as possible . See you all at Hyderabad!

  • Stumbling away....

    After working on HA-Cron all day, and making pretty good progress, I decided to call it a day and thought I'd stumble for a while. Here are some interesting links I stumbled into :). Enjoy!





    And this one surely takes the cake...


  • Upgrading from Etch to Lenny

    It's the first day of the new year, and amidst the hassle of being one of the admins conducting the online semester registration for the students, I decided to upgrade my ageing Debian Etch to it's testing release, Debian Lenny. Upgrading from one version to another has never been so easy! Just go through the following steps.

    $: sudo vim /etc/apt/sources.list

    Now replace every occurrence of 'etch' with 'lenny'. To be on the safer side, comment out all 3rd party repositories as Lenny is still in testing.


    $: sudo apt-get update

    $: sudo apt-get dist-upgrade

    You might have to do the dist-upgrade step a couple of times till it upgrades no further. I know some people have had problems while trying to do an Etch->Lenny upgrade, but things have been quite OK for me. If you're not using one of the Debian packaged kernels (you built your own kernel from source), make sure apt-get doesn't override your kernel headers. In case it does, and you notice that some of your device drivers are acting up, just go through the following steps:

    $: cd /usr/src/linux

    (if you don't have the symlink, cd into wherever your kernel is!)

    $: sudo make headers_install

    Although I didn't have to do the last step, I believe it should solve your device driver issues after your upgrade, if any. Do correct me otherwise.

    And yes, almost forgot...

    Happy New Year everyone!

  • LOL, ROTFL and WTF: My Winter Vacation

    Tomorrow night I shall be on a train back to Jaipur. The wait has been long, and somehow, it has made the fruit taste better. My dedication to my work has made me anything other than a social animal, and unlike everyone else I know, I've spent this vacation going through research papers and publications (71 in total!) and I think I've finally found my unique idea which I'll be presenting for the HP Innovate awards (will give you the prelude to it shortly). I've got to say I've learnt a lot but heck, I guess I missed out on a lot of other things. I still had my share of fun to say. I had a great time with my cousins who were here in Palakkad for the holidays, especially during the engagement function of one of them. I also met some of my friends from school, and during our class reunion which was held on Christmas, I met many more of them. I had rabbit meat for the first time during the marathon of a lunch that we had. :)

    I've also submitted two project proposals for Sun's Code For Freedom (CFF) contest. I'll be developing high availability agents for Zabbix and Cron, so that they may work off the box on the Open High Availability Cluster suite. I'll be coding over the GDS (Generic Data Service) template, that allows you to code without having to deal with the cluster framework. So all you have to do, is focus on starting, stopping, probing and validating the application you're developing the agent for. Sounds easy? I'll only know for myself once I start work. So you'll be seeing a lot of technical posts throughout my coming semester. (There go my readers I guess)

    Apart from CFF, the other thing that's going to keep me busy through the coming months is the research paper I'm working on for the HP Innovate awards. We all know the kind of havoc that crackers wreck on networks across the world. Commercial Banks have reported losses in the order of billions of dollars due to cyber attacks on their servers. To detect such attacks, we have things called Intrusion Detection Systems (IDSs). But then again, conventional IDSs are based on signatures. A signature is a string developed out of some particular parameters, that distinguish one attack from others. The problem here is, if the IDS doesn't have the signature for an attack, it's not going to detect the intrusion itself, and this is where signature based systems completely fail. If this is going over your heads, let me take a more common example. All of you know what an Anti Virus suite is right? You do know that without 'updating your virus definitions' your system is vulnerable right? So that's what I'm talking about. Anti virus software are based on signatures.

    It's not very difficult for the attacker to make minor modifications to an attack so as to get it's signature changed. As far as viruses are concerned, it's real easy to add useless code that will get the virus' signature altered. Consider a virus' code, being executed as assembly language instructions (this isn't proper code ok?):

    00 Original Code...

    01 Original Code...




    N Original Code...

    Now the above piece of code will give you a signature we'll call ABC. Now if your anti virus has this signature ABC, it will be able to detect the above virus. Now look at the modification I'm making here.

    00 Original Code...

    01 Original Code...



    K MOV <Some register>, <some value>

    L MOV <Some register>, <some other register>



    N+2 Original Code...

    Now the above piece of code has two new instructions in between it that needn't serve any purpose whatsoever (known as 'dummy code'). All I have to do is insert this kind of code in between different parts of my program, without worrying about changing the program's functionality. But this virus will now have a different signature, and the anti virus won't be able to detect it inspite of having the signature ABC of a virus which does the same thing.

    The same kind of little tricks go toward bamboozling IDSs as well. So hence, we need to move away from signature based systems, towards an era of intelligent, anomaly based IDSs. So I'm basically working on the application of AI to such IDSs for the HP Innovate awards.

    I’ll be writing about all these as and when I’m working on them. Right now, I feel like playing Tekken 5. So adios…

  • You know you're bored when...

    So it's been nearly two weeks since I got home and the endurance test conducted by a seemingly dead dial-up connection, lack of good channels on cable TV and the inability to work properly seems to be setting in. So here's a thesis straight from the guinea pig himself...

    You know you're bored when:

    -> you spend a lot of time going through research papers and the only question that your efforts seem to bear is, "WTF?"

    -> you wonder if gravity will prevent you from falling off the earth, if it were flat.

    -> you're trying to set high scores in 'Raging Blades' on your PS2.

    (Haven't heard of it? That's exactly what I'm talking about.)

    -> you actually 'tune into' a show on Animal Planet.

    -> you consider helping the investigators working on the Pakistani hand in the Mumbai Terror attacks because --> you think that Pakistan is being framed because --> highly trained terrorists don't use entirely Pakistani made Kalashnikovs and don't leave evidence like Pakistani branded toothpaste, shaving cream and other stuff on a hijacked ship and give away their roots that easily and the only reason they'd do this is because --> they want an Indo-Pak war so as to get Pakistani troops off the north-west frontier because --> that's where the Taliban remnants in Pakistan are based.

    (The frequency of occurrence of the word 'because' here is directly and exponentially proportional to the amount of time spent thinking on this issue)

    -> you write an article on the Mumbai seige and then decide not to put it up because it's even more boring than your own life now.

    -> you're actually chatting with maggots because no one else is online on GTalk.

    -> you finally get tired of chatting with maggots and log in to Orkut after 8 months so as to check your scraps.

    -> you then revert back to research papers because you think artificial intelligence and network intrusion detection systems go well together; this inspite of the fact that you don't know shit about either.

    -> you actually watch shows where an assortment of losers from around the country dedicated to loserness fight it out for the ultimate award in loserdom (MTV Roadies).

    -> you start wishing you'd auditioned for the above mentioned adventure show, even though you can't go beyond 10 push-ups and the closest you ever get to physical activity in your day to day life is typing on a keyboard and blinking.

    -> you realise you're too lazy to go for the auditions and wonder if they'd conduct telephonic interviews.

    -> you think of the possibility of you being a loser because you actually thought of auditioning for the above.

    -> you then switch to the Discovery Channel and watch 'Amazing Baby Videos' for a solid 5 minutes.

    -> you then realise how badly you loathe noisy babies and try to connect them to global warming and crop circles, fail miserably at the attempt and hence proceed to hate babies even more.

    -> you've renamed every song file in your laptop in a 'Artist: Song' format and sorted them into directories on the basis of 'Artist'.

    -> you're anxious to know your grades. (This is serious)

    -> you're solving Sudoku puzzles.

    -> you decide to visit all your grand uncles and aunts, even though you're sure you don't know them and you're not sure if their EXIST property is 1.

    -> you suddenly start using programming languages in your vocab like the end of the above sentence.

    -> you actually blog about ways to tell if you're bored.