The Facebook Social

I thought I'd try out some more social networking lately, so got signed up for Facebook, and went searching for anyone I knew. The first thing that surprised me was just how many people I knew were already on there. Even my Mum was already there! Crazy. The next thing I noticed was just how much time people seem to spend on there. There's all sorts of mad applications people are using.

I thought this video was quite funny. Kind of sums up nicely how bizarre Facebook can be - the fact that you're browsing through peoples lives - sometimes people you hardly know.



Of course I found that video because someone in my family posted it on my 'wall' :-)

It'll be interesting to see how long Facebook's popularity lasts. 'My Space' is so last year. What strange social things is 2008 going to bring?

Home Server

Microsoft have had some strange marketing campaigns in the past, but this just tops if off for me: Stay At Home Servers - The 'book' advertising the new Windows Home Server product. Its just bizarre. Surely the market that you're aiming at to sell dedicated servers in a home environment is going to be pretty IT-literate. So why market it using a children's book? Seems mad to me.

The product itself looks pretty cool though. Remote Access to many machines in the house would be nice, but I dont like the idea of opening up TCP/80 and 443 for all and sundry. You're just going to get attacked morning, noon & night. And as for registering for a DNS name in the namespace http://myfamily.homeserver.com! Hello? Want to advertise 'come & get me' to hackers everywhere - what a great idea! :-

I'd like to run one up at home and have a play. I wonder whether you can run VMware Server on it too...

Reviewers Guide

Some of these add-ins look handy too:
http://www.wegotserved.co.uk/windows-home-server-add-ins/

There goes t'Internet

Oh dear, just got this email this morning from Telecom regarding their Global Internet Gateway:
"Tropical Storm hit the Oregon coast in the USA that damaged the southern cross fibre cables. It is expected to take some time to recover the damaged cables due to the severe weather condition.

You are likely to experience some congestion of your international service until this problem is resolved."

But searching for news about it hasn't revealed much. This is about all I could find: Qwest reports broad outages along north coast - OregonLive.com But that's just talking about phone lines.

I suppose if the major Internet links out of New Zealand are down/degraded then maybe the news can't get through :-)

Update:
"The area continues to experience high winds and heavy rain which have affected landline along the Oregon Coast. The stormy weather condition still prevents technicians from access to the damaged area."

Bummer eh, even the Internet is dependent on good weather!

Update:
Finally some news articles about this today:
"Storm downs Aussie ISP links"
"Blog: If the cable breaks"

This is quite interesting too: New Zealand ISP Topological Map shows the interconnects between the different New Zealand ISPs.

Halo 3 Service Record

I've been playing a bit of Halo 3 lately - completed the campaign first, then started multiplayer over XBOX Live. Just discovered the online stats - Bungie Online : Halo 3 Service Record. Its really nicely presented, just like everything in Halo 3 really.

The game history function and stats are cool - even has details of all the local multiplayer games I have vs Scott & Gareth. Very cool.

Now I've just got to get some good screenshots and maybe an action video to upload....

Apple Tablet PC

Now this: Apple Tablet PC is real, says Asus - would be really cool! I love my Tablet PC, and would be very keen to see a Leopard-based alternative. I thought about getting a Mac about 18 months back, when the Intel MacBook Pros began shipping, but now that I've been using a Tablet for so long I doubt I'd be able to go back to a standard Notebook/Laptop ever again. Its just too handy to be able to write, draw, make notes in meetings without a tap-tap-tapping noise distracting everyone.

I'll keep my eyes peeled for any more news on this. It could be an Apple New Year (if the tablet and a decent 3G iPhone comes out).

More:
http://apple.slashdot.org/article.pl?sid=07/11/06/1327230
http://www.macrumors.com/2007/11/06/apple-working-on-a-tablet-mac/

Gmail gets IMAP support

Outstanding - something I (and probably 1000s of others) have been waiting for, for a very long time (ever since first using Gmail): IMAP is now supported. Yay! Not only that - IMAP over SSL. Excellent news for me - this will make managing my email across multiple PCs and my Nokia E61 much easier.

Thanks Google! Death to POP3!

Settings to note:
Incoming server: imap.gmail.com:993 Using: SSL
Outgoing server: smtp.gmail.com:587 Using: TLS

It looks like they are rolling it out to Google Apps users too. The option's not there for me at the moment, so I'll keep checking over the next few days.

I wonder when/if the iPod Touch will ever get the built-in email client.

I found out about it here:
Gmail gets IMAP support - 25 Oct 2007 - NZ Herald: Technology News from New Zealand and around the World

Monitoring Checkpoint Firewalls with SNMP

I've been doing some work for a client with Checkpoint Firewalls (running Secure Platform, or SPLAT), and wanted to monitor them using SNMP. The two main reasons being;

1. To graph Accepted/Dropped/Rejected packets over time and

2. To Poll the Firewalls for status using 3rd Party Management Tools like "Whats Up Gold" and "BMC Patrol".

The information I found in Checkpoint SecureKnowledge was terribly confusing, contradictory and misleading (has lots of info about Nokia IPSO Firewalls which doesn't work when using the SPLAT OS).

So a brief summary of what I had to do to get it to work correctly:
1. Enable SNMPD

chkconfig snmpd on

service snmpd start

2. Edit /etc/snmp/snmpd.conf
Add "rocommunity NotPublicCommunityString 192.168.0.1"

Add "proxy -v1 -c public 127.0.0.1:260 .1.3.6.1.4.1.2620"

3. Edit $FWDIR/conf/snmp.C

Add :snmp_community (
:read (“public”)
:write(“private”)
)

4. Run cpconfig, and enable the cpsnmpd extension

5. Add required security rule to permit access to the firewall from the management server(s) (SNMP-UDP/161) (You don't need to permit access to cpsnmpd-UDP/260)

Following these changes you should be able to do a 'netstat -an' and see the cpsnmpd listening on :260, and perform a local snmp check:

snmpwalk -v1 -c public localhost 1.3.6.1.4.1.2620.1.6

Gotchas to note:

1. The local snmpwalk above uses the "public" string - the one in snmp.C - NOT the one in snmpd.conf

2. snmpwalk from a remote host uses the "NotPublicCommunityString" - not "public"

3. snmpwalk locally (and maybe remotely) using just the OID 1.3.6.1.4.1.2620 causes the cpsnmpd process to die (need to restart it using '$CPDIR/bin/cpsnmpd -p 260' or cpstop, cpstart)

Once the above are done the management servers can query the enforcement module for Checkpoint SNMP OIDs, such as accepted packets, dropped packets and Checkpoint OS OIDs like CPU usage (accurate), memory usage etc. These queries go to the Firewall on UDP/161 and internally the snmpd process proxies the snmp request for OID .1.3.6.1.4.1.2620 (checkpoint) to the cpsnmpd process on UDP/260.

This happens by default in Nokia IPSO, but not on SecurePlatform.

Some good OIDs to Graph:

Active Real Memory .1.3.6.1.4.1.2620.1.6.7.4.4.0
Total Real Memory .1.3.6.1.4.1.2620.1.6.7.4.3.0
Packets accepted .1.3.6.1.4.1.2620.1.1.4.0
Packets dropped .1.3.6.1.4.1.2620.1.1.6.0
Packets rejected .1.3.6.1.4.1.2620.1.1.5.0
Packets logged .1.3.6.1.4.1.2620.1.1.7.0
Current connections .1.3.6.1.4.1.2620.1.1.25.3.0
Processor (System) .1.3.6.1.4.1.2620.1.6.7.2.2.0
Processor (User) .1.3.6.1.4.1.2620.1.6.7.2.1.0

And good OIDs to monitor for status:
Firewall Module State (Installed) .1.3.6.1.4.1.2620.1.1.1.0
Processor Usage .1.3.6.1.4.1.2620.1.6.7.2.4.0

Useful Links:

Cacti - An excellent (+free) web front end to MRTG/RRD-Tool

Cacti Templates Index - Although the supplied Checkpoint/Nokia ones didnt work for me without customisation. I created some more graphs and data sources using the above OIDs.

What's Up Gold - The new version is very nice. Excellent Web based multi-user UI.

Google Maps Mobile for E61

Just on my way South for a Weekend away with the boat (hopefully to get in some fishing & diving), and surfing in the car on my E61. There was a link for Google Maps on the search homepage so I installed it, and its very cool. A proper map application with GPS support! Really fast scrolling between locations too. Can't wait to try it out with the Bluetooth GPS i've got mounted in my car.

I wonder how long it'll be till they release one for the iPod touch (once the SDK is released).

Nice DNSCMD Script

I just came across this guy's blog when searching for dnscmd.exe syntax (DNSCMD.EXE = command line modifications to Windows 2000/2003 DNS zones/records). He has a really nice little batch file to enable the creation of both A and PTR records easily from the command line:
fpschultze - Add an A and PTR record using DnsCmd.exe

Looks like he has some other handy little scripts there too.

The IDxx European Launch Party Tour

I'm off to Italy this weekend to catch up with friends from the project last year. Should be a pretty cool trip. We're blogging the trip here.

New NZ Video

This is some nice Marketing for NZ I just stumbled upon. There's more here: http://www.youtube.com/user/PureNewZealand

Cisco IOS Embedded Event Manager

Another one of the sessions today had more info and examples related to Cisco IOS Embedded Event Manager (EEM). There's a forum where people share scripts which could come in handy here. Wasn't happy to learn that EEM isn't supported on the Catalyst 3750 yet. Will have to look into that in more detail...bit of a bugger as it would be useful.

There's a whitepaper on the Catalyst 6500 and EEM here.

Cisco Compliance

Day 2 of Networkers, and I tried a few different tracks today. The first of which was about PCI/DSS Compliance. The most interesting thing that I hadn't seen before was CiscoWorks Network Compliance Manager. The report outputs look very handy for Security Managers. Its an OEM'd product apparently - no idea of the price but expect it'll be pricey.

There's a free eval download here.

Another related link: http://www.cisco.com/go/compliance

Cisco Networkers & IOS TCL

I'm at Cisco Networkers at the moment in Brisbane (Day 1 of 3). Went to some pretty good sessions today, the keynote was very interesting (Howard Charney, Cisco SVP) with lots of crazy facts about the amazing spread of the Internet & technology. Went to quite a good session in 802.1x - with plenty of gotchas and things to look out for, so the slides from that will come in handy.

The session that I learnt the most at was on getting the right events out of NMS, by Benoit Claise from Belgium. He's written a book on this stuff and had some great examples on how to use things like the Embedded Event Manager, RMON and TCL scripts to get some pretty powerful monitoring from the devices themselves. Kind of on a similar line to the TCLsh stuff I came across last week, for scripting things in the CLI - this is a good blog for examples Cisco IOS hints and tricks: IOS Tclsh resources.

Flight of the Conchords

I just discovered the Kiwi comedians 'Flight of the Conchords', who have recently got their own show on HBO in the US, have a Podcast available for download in iTunes. A few of their sketches are available on You Tube too. I like this one: Very funny!

YouTube - Flight of the Conchords- Business Time

Street View

I've just been playing with "Street View", a new feature from Google Maps. Its very cool. Wish they had it in New Zealand (but given that its not available for the UK or anywhere else yet I imagine it'll be a long time coming).

This is the Street View of the hotel where I stayed in New York last year (Affinia Manhattan on 7th Avenue).

I'd love to see the cameras they must have used to capture all the 3D images (presumably mounted on top of a car/van of some sort). The Intro Video is quite funny too (nice orange suit, dude).

Analytics

With the new website I've just done, and the others I've been playing with, I've been looking for a nice tool to do reporting. I think in the past my web host had the Webalizer tool available for use, which was OK. But its not available any more, so you have to munge through raw access logs.

So I found Google Analytics, which is an online web analysis/reporting tool. You just add some script to the pages you want to monitor, and the data is available online for analysis using some very nice tools. So I've got all my websites in there now, and you can see on a world map where the visitors are coming from, how they got to the site and even map out a sequence of pages that you want them to follow and report on that. Pretty cool. And its free, of course.

Just another in the long list of Google tools I'm now using, I guess. >Brainwashed<

Racing Cars

I've been doing some work for my cousin recently, Dale Williams, who races cars in NZ and would like to drive professionally. I went with him and his family to some of his races, took photos and shot some video, and have put together a website for him:


http://www.dalewilliamsracing.com



He's using the website, plus a promotional DVD I put together for him, to gather sponsors for racing next year. Last year he raced in the NZ Production Racing Series, and won the championship, so he's a pretty good driver.

Its been quite interesting putting all the stuff together for him, as I'm not that big on cars or racing as such, so its been cool doing something new.

I'm thinking about putting the video up on You Tube, but I'm not sure about the rights issues with music etc. Will have to do some digging.

Joost!

I've just started playing with "Joost", an online TV application.

It looks pretty cool, lots of channels with Music Videos and S.I Swimsuits ;-) I'm not too sure about the buffering though - could just be a NZ Internet thing - but it can be quite choppy at times. Still, worth a look. Invite only at the moment.

Bluesocket again

I'm working with a new client who has implemented Secure WiFi using Bluesocket "BlueSecure Controller" boxes. It's interesting as I haven't actually seen anyone using these things since I looked at them a few years back, when they sent us a version 1.0 box to review. The early version was pretty cool, but their solutions look to have progressed quite far since then.

I look forward to finding out more about how they tunnel 802.1q traffic across the LAN. Sounds interesting :-} They even do their own access points too.

Built in Intrusion Detection and some Checkpoint technology too.

"Over and Over"

I've heard this song a few times before (its kind of old) but only saw this video for the first time today (on AltTV) and thought it was very cool. I think I'll buy their CD to see if there are any other good songs.

Hot Chip - "Over and Over"

I'm quite surprised how good quality this video actually is...it's even watchable full-screen (@1680x1050). Go You-Tube!

Flip!

I recently built my new PC - a pretty major upgrade from the last one - including a new Samsung SyncMaster 215TW screen (which is excellent). So I wanted to take advantage of the new screen, keyboard & mouse with my Laptop. Now this is something I've been thinking about doing for quite sometime, but I've always come up against a major hurdle: PS2 vs USB.

Most KVM switches, even if they support USB PCs, require a PS2 console (PS2 Keyboard/Mouse on the controlling end). I came across the Belkin Flip and thought I'd try it out, and its really good. Not only does it support USB console and USB connections to both computers, it has a little Wireless Remote to switch, so you dont need to see any cables etc. It also supports Audio (share one set of speakers). One of the cool audio features, using the PC software you can switch keyboard, mouse and video, but keep the audio off the other PC - so you can work on one PC while still listening to Music from the other. Very cool.

Some of the other components in my new machine:
* RaidMax RX9 Case (Black)
* Corsair Dominator DDR2-1066 RAM (TWIN2X2048-8500C5D)
* ASUS Striker Extreme Motherboard (nVidia 680i chipset)
* nVidia GeForce 8800 GTS Video Card (640MB RAM!)

Bought pretty much all of it from Playtech (who were very helpful)