Jordanian Sushi

Never knew such a thing exists.

Jordanian Sushi

29.370288 47.970423

Who sucks the bandwidth out Part II: Revenge !

Revenge ! – Bye Bye ! (worms sounds added)

Okay, i won’t blabber a lot..

Endian Firewall (aka EFW) 2.3 is a linux based UTM (Unified Treat Management) software, its a firewall, its a web antivirus, its an anti-spam, its a web proxy and content filtering.. I’ve posted about it before (it’s actually my second blog post ever) that was 1.3 years ago since the early day i got this job – darn that was quick-

So the big question: how i am going to control the internet pipe the guys are massively abusing ?

Rule #1:  No one, is going out !

Endian Firewall Block all out going connections, except for those main ports: HTTP, HTTPS (a breach), IMAP, POP3, SMTP, FTP, etc..

That’s the First BYE BYE for any application that is using any other port.

Rule #2:  No one, is coming in !

well, this should be the main goal of every firewall, no one is coming in,

Bye Bye Torrents,

Rule #3:  Transparent HTTP Proxy.

The NON Transparent HTTP Proxy, means that you have to enter the Proxy settings for each client, in their browser, unless you do that, they cannot browse.

Transparent HTTP Proxy forces all HTTP connections to pass through the proxy (redirected actually) without configuring clients. This saves you lots of Pain in the ASS.

Rule #4:  Access Policy and content filtering.

This is where you setup access policies, the TIME where they are ON or OFF (am merciful, facebook in break times..), Setup an access Policy, specify it’s time, and the corresponding content filtering (customize + antivirus) that content filter i customize, where i list my banned sites..

TADA !

Endian Firewall Access Denied Message "facebook.com"

I’ll consider change that Access Denied page with An EGLEB WEJHAK PAGE!

Rule #5:  Download Size Limit

The Ultimate reason for this hassle.

trying to download a file that is more than what my mood says (7 MB)

Seriously, why do you need to download more than that ? ask me if you really need it and I’ll download it for you !

Rule #6:  Phrase Wight Limit

They will sure try to look for proxies, web based proxies, or applications ..

Phrase Weight Limit

this for sure can be expandable to other Categories, like gaming, movies, etc..

Rule #7:  MIMEtype Blocking

(blocking MSN/Windows Live messenger).

Blocking Instant Messenger is a bit tricky, it’s a combination of:

1. blocking ports
2. blacking listing
3. blocking IP’s
4. blocking MIMEType.

blocking MIMEType for msn messenger : application/x-msn-messenger

blocking MIMEType takes into consideration analyzing the packet to determine the Content type which is specified after the packet header.

The Result of Blocking all the 4 points above is: Nothing will going to reach or get from the Instant Messeging servers, even if you tick the options of “Working Behind a firewall” or using “HTTPS Proxy” what so ever:

Instant Messenger Blocking (6) !

Awwww Poor Guys ! They Can’t Log you in to their Messengers! *sniff*

Rule #8:  Some special Cases..(Pain In The Ass)

Anchor Free ( Hotspot Shield) is a well known VPN application that allows you to bypass proxies or secure surfing, the website to download those applications are already blacklisted or phrase limited, but what if the bastard has the application already ?

Some Engineering skills and patience comes in handy here, using the well know packet analyzer Wireshark, capturing packets on that interface, and trying to figure out what that application is trying to do and prevent it, lets see..

hotspot shield trying to resolve some DNS

It seems that the hotspot shield is trying to resolve some DNS, but till i figure out how to redirect the doman resolving request to the firewall it self (faking/spoofing),  i gave blocking those resolved IP’s a shot.

hotspot shield IP's get blocked

W00t W00t !

hotspot shield failed to connect

29.370288 47.970423

Who sucks the bandwidth out? Part1 – Investigation

Since the last time I’ve been involved in firewalls and proxies, i got busy, or actually less interested in them for unknown reasons (yea yea randomized mind that’s mine), so facebook, youtube, and Instant Messaging are all with wide arms open.

On one clear day, the internet goes down, and everyone is complaining, for in experienced people it will  be a hard guess who is sucking the internet bandwidth, but for me no, thanks to the FreeBSD based firewall called pfSense since it features many flexible packages.

taking a look at the Traffic Usage, and here we go, someone broke Guinness record in downloading at work.

Traffic Usage - sucking 1.7 Mb out of 1.5 provided from ISP WTF ?!

Who the heck is that ?

taking a look at the DHCP leases will show us who is he..

DHCP leases, leases the guy's name

Thaaaaaaaats it, he is back to download Arabic movies again !

Revenge will come ! Wallah La MSN, wala Yahoo, Wala hotspot shield will work, ana bawarjeekom

Wait for revenge post, won’t take long,  i promise !

A pity day..

I feel pity,  some times i pity my self, most of the times i pity people, and some times the sands of time hour glass goes flipped, and i pity my self more than people..

The type of people am talking about, are mmmm simple people.. people who don’t use their brain a lot, technically, academically, scientifically.. in all aspects..

At this moment, am using my brain socially-technically while writing this , am sitting at a sofa at the community service center (مركز خدمة المجتمع‎)‎ in Kuwait university, mmm i truly feel embarrassed of why i came here, i delivered 2 visit reports of maintaining computer labs for the Kuwait university, preparing them to ‘C-I-DI-T’* exam, an ICDL like exam provided by our company, approved and stamped -the certificate- by Cambridge University.

The guy with me from the Cambridge department is explaining some ‘ complex ‘ or ‘ artificially complex ‘ – that could be simpler IMHO- procedure  of registering students online and assigning sessions in order to take the exam..

I pity my self, gaining simple trivial shared income for doing the trivial stupid maintenance for labs computer (splash kbeer), and for the people (Kuwaiti employees) who are having headache learning The Art of Sciences of Registering Students for C-I-DI-T (ASRS C-I-DI-T). – Am mocking here, there is no such acronym.

I also pity students taking the exam, trivial exam (at least for a computer engineer and BTW i ain’t proud of it anymore as before), those people are thinking they are gaining a certificate which has its weight in the market, lol guys, 6th grade kid can do and knows more than these certificate holder..

I know this might be similar to me, taking a first aid course while a 20 years experienced surgeon or at least student studying medicine in year 4 is standing up there and watching me while am concentrating on gaining critical information that one day.. may save someones life who is or not dear to me.

BUT ! (back to the exams here)
Giving facts like: the questions is formed by one of our employees, the examination application is programmed by our programmers.

And the facts that:
Easy redundant unclear questions written in Arabic (have severe mistakes when translated to English), full of bugs, not well structured and engineered  .net based exam application, an unprofessional work, that makes me feel unprofessional, and i already perform that trivial stupid software installation and maintenance jobs for this.. I couldn’t be more disappoint ing/ed than this, this is the limit.. But i wonder if my mind can shrink ’shrinker’ than it did already.

I don’t think i  made a bigger mistake than working in this company, i do not also deny gaining experience, but the experience quantity i took is tiny compared to the stupidity doses (from employees & customers) around am forced to drink with every disgusting cup of tea i drink every morning in this office, where tea is sour without squeezing a lemons.. And might be chargeable..

My mind is distracted and i already forget a few points to mention to make the topic complete

I am not God watching everything from top above and judge, am just a normal being -wonder if humanity still exist in this world- who is trying to give his opinion/judge with all available information and observations

Great people once admired me ( a teacher, a manager, a shaikh, family  and friends), when i was a kid, and even when i graduated.. Admired my mind (intelligence, keenness,thinking out of the box, etc), my personality, and other things,  i was proud of that, proud of testimonies said about me being professional and unique, and i would be ’something’ in the future, that it turned out am doing things to WoW people (well, not always true) while my friend told me once i should do it for my self, i think the proper thing is that it should be to challenge my self.

30 minutes passed and (ASRS C-I-DI-T) didn’t finish yet (mocking again), and with each Nano second passes i lose 2 brain cells, one because am over 20, the other because of the stupidity environment/atmosphere i live in and breath it , it took them that long that i even went through this topic more than once to add and tweak (that’s my chaos way of finalizing things, revising more than once, sorry for seeking perfection)

It seems the world i hope .. Ok i mean i wish to live in, exists only in my tremendous huge imagination, with the wasted creative talented keen mind power in slumber sleep i have, i pray and  wait for a savior to wake it up,tackle it, enchanted it with extra well structured cutting edge knowledge after defragmenting the one i already have and patching the holes of missing/incorrect segments.

Till that savior shows up.. F1, Enter, /pity,
I Pity my self

*update*
Oh shoot, I’ve been asked to go ‘observe’ the examination lab..
Am sure i will be asked if some error message appeared, just now some send/don’t send error appeared.. What the heck am supposed to do ? Disassemble that in winice, adjust  the assembly code and then reassemble  ? I can barely recall c++ syntax..

Am freaking rofl the students are scared to  death of the exam.. The exam that mostly uses almost notepad in its ‘windows and manage file test’

*sigh*

*C-I-DI-T: The Original Acronym is Dash-Del(Backspace) inverted for stealth purposes.

Nano Snowman

i ROFLed on this comment:

I guess building nanobots to seek and destroy cancer cells in the bloodstream can wait; we gotta build a snowman!!!

Trustworthy Microsoft Windows Live Onecare ! (Mocking)

I’ve been recently using Microsoft Security Essentials (MSE) for few months now, which is a Microsoft made Anti-Virus, spyware and malware protection software.

If you are running Windows Vista,  installing MSE will automatically disable Windows Defender, the later known with its DSC (doesn’t catch shit) technology, as MSE gives more protection because of its Anti-Virus Engine that Windows Defender doesn’t have.

One question came to my mind, what the hell happened with Microsoft Windows Live Onecare ?

guess what ? it’s been discontinued !

Microsoft Press said (while it Announced Plans for No-Cost Consumer Security Offering):

“Code-named “Morro,” this streamlined solution will be available in the second half of 2009 and will provide comprehensive protection from malware including viruses, spyware, rootkits and trojans. This new solution, to be offered at no charge to consumers, will be architected for a smaller footprint that will use fewer computing resources, making it ideal for low-bandwidth scenarios or less powerful PCs. As part of Microsoft’s move to focus on this simplified offering, the company also announced today that it will discontinue retail sales of its Windows Live OneCare subscription service effective June 30, 2009.”

Windows Live™ OneCare® End of Sale Guidance Page

Is for those Pity who already spent their money on a non working product, i used Windows Live Onecare back in 2007, and after getting infected with W32.licum (thanks to limewire) Onecare didn’t help, i uninstalled it immediately and reported back to Microsoft that Onecare is trash (Engine & Virus Definition DB)

The page already answers this question:

WHAT OTHER SECURITY SOLUTIONS ARE THERE?

Microsoft announced that it plans to begin offering Microsoft® Security Essentials, a new security anti-malware solution, to consumers in the second half of 2009. The anti-malware solution will provide comprehensive anti-malware protection from threats including viruses, spyware, rootkits, Trojans, and other emerging threats in a single lightweight anti-malware solution. In concert with the ongoing improvements in internet security offered by Windows Vista®, the forthcoming Windows® 7, and Internet Explorer® 8, Microsoft believes that this no-cost service will offer the essential security that consumers need. And by making this available at no charge, we hope to be able to help the estimated 60% of consumers who still do not have up-to-date antimalware protection.

If you would like to try Microsoft Security Essentials, it is available in select markets at: http://www.microsoft.com/security_essentials/default.aspx.

For those who bought Windows Live OneCare ..

I Pitty The Fool !

Amman..Maps..Finally !

I was reading andfaraway.net as usual where I found my self at 360east.com suddenly (which is a brillient blog) mentioning some ever going in Jordan regarding ..hmmm what wa that open creative something (am sure I mixed things up) talking about creativity in collaboration working ..like Mozilla.

And I found my self clicking on Jordan IT industry link (was curious what that was) ended up in post announcing finally, Nokia GPS maps for Jordan/Amman

http://www.360east.com/?p=1194

The interesting thing is that Google earth/maps also have detailed maps of Amma too, seems they are all having it from the same source (national geographic center whom I begged for a map in my senior project.

I took a screen shot of google maps in my itouch, showing the name of the two surrounding streets MISSED SPELLED.

Didn’t checked the new ovi maps of nokia, hopefuly they have the correct name.

All on all, great government move to facilitate it, it’s for the benifit of the country.

*update*

for sure you can do it your self, you’ll need the following:

1. Nokia Mobile phone with GPS support

2. Download Latest version Nokia PC Suit & install it

3. Download Latest Version Nokia Software updater & intsll it

4. Download Latest Version of Nokia Maps application (new name is OVI Maps) and the Nokia Map Loader & install them

i personally prefer to perform a software update for the phone it self (its called Firmware update) just to make sure to that your phone is stable and bug free, if it’s already the latest version, i prefer hard resetting (Format) your phone either:

*#7780# This method is called RESTORE ORIGINAL SETTINGS.

*#7370# ” is a method for SOFT FORMAT

* + 3 + green call button and power on button…simultaneously press and hold , that is HARD FORMAT.

5. connect your mobile phone and let PC Suit recognize it.

6. install Nokia OVI Maps applications, if it wasn’t updated with the firmware (Version 3)

7. IMPORTANT: Run the Nokia OVI MAPS at least once, so it creates some cache files on the memory card

8. Run Nokia Maploader, Go to Asia, press the + beside Jordan and click on download

9. you are ready to go !

** GPS IS FREE: you can download the maps, locate you self on the map, perform and show routing  between points for free, Nokia Charges for the Voice Guided Navigation which is almost used why your driving a car.

i don’t actually need it, once i locate my self and know the 2 streets that surrounds me, I’ll deal with the rest.

29.370288 47.970423

12 Persons or 900 KGs or a he-goat !

That was that instructions written on the elevator plate !

12 شخصاً أو 900 كلغ أو تيس

OTIS

DUH ! Dabsheh

OS X withing Windows

In the process of the ‘initial intention’ to develop and iPhone/iPod Touch App, my cuz suggested having an Apple machine, i suggested a VMware, at least temporarily..

Now, Mac OSX 10.5.8 pawned within Windows (Thank you http://www.insanelymac.com/)

Mac booting on VMware

Mac After Booting

Installing... (Checking Media)

Installation Succeeded!

Aaaaaaaaaaaaaaaaaaand Done.

Link in Insanlymac.com : http://www.insanelymac.com/forum/index.php?showtopic=172474

Machine used: Dell OptiPlex 755, Intel® Core™ 2 Duo E6750 2.66 GHz, 2 GB RAM DDR2 1066 Mhz

Notes :

• Intel Vt enabled
• Make sure Intel Execution Disable bit is DISABLED

Hopefully, one day I’ll have the patience to download and SDK, mosh la aqra el Objective C first ?! wella la ya a7mad ?

IDC @ Raddison Blu – Al-Hashemi Hall

They’ve been buzzing me since late August about it, my mobile rang, and i saw a +971 xxxxxxx number, my mind went far, so i picked up the call to verify, it was an Asian voice, recognized that by the pattern: “Good Mooorniinggg  SAaaaaaaiiiir !”

After they’ve been sure that i am the IT Guy in my company, I’ve got an invitation to the IDC Conference, i thought its an interesting one, well maybe to some, but to me it was boring ..

So am not writing about the conference no, conference was about few things: Virtualization, Cloud Computing, ways to utilize your IT infrastructure in this financial crisis, where initiatives to new projects were diminished.

In Addition to some ERP system by Epicor, and how IBM used their technologies to build some solid critical system like SADAD in KSA, nothing else were interesting..

The interesting there actually was the venue where the conference was held,  Radisson SAS ( or Radisson BLU) is a known hotel, but Al-Hashemi Hall in kuwait ? never expected such a name, i would expect that in jordan..

Back before i parked my car, after getting the directions from security men, parked -hell of a park there where n place to park-, asked another security men where to go, i saw a dry dock and a big ship, a very big ship actually that my neck was about to snap by the wide azimuth my head elevated to see the end of its sail.

So i went to the elevator and went to the hall entrance, i was like OMG.. this is like a palace! A huge windows with sun rays gently coming in, i sighed .. and smiled. They started breakfast already.. Tea, coffee, Milk and Various refreshing juices, the sounds of glass crackles of plates and cups, and the over all smell of cookies and sandwiches;  my smile went bigger and the appetite meter maxed out.

The second hall door looked familiar to me, its like from Pirates of the Caribbeans, once i entered the door, it was dark the data show was already on.

Holy Doly ! , am inside A SHIP !

It was the same ship i saw before, the ship was joint with the building from both sides, that hall with breakfast was the building from one side..

First time to see a really amusing thing in Kuwait, wish my wedding would be there lol

Ship from the out side

Some kind of Balcony yard while coffee break ! (see how tiny the guy comparing to it)

Ship Back

Art Piece

While constructing

Cannon Aiming to Salmeyyah - KaBBBOm !

Note the ashtray beside it it seems it meant a smoker to fire the fuse !

Video while Coffee Break :