Pakistan, Japan, Linux and lots more

Thursday 31st May 2007

Free proxy sites

Internet Web Security

Thanks to my addiction to grabbing any good domains that I find available, I now have a total of six free anonymous proxy websites, though have hardly any traffic on some of them. Haven't had much time to promote them or work on the interface either (as you might notice, they mostly use the same template, but with different color schemes). Here's the full list for all of you who might be able to make use of them:

For those people whose access to these might be blocked, (based on the server's IP) I have relocated them to a new server that I just got. It has slightly better connectivity and should perform well. Let me know if you find anything wrong with them or have any suggestions.

Posted at 23:56pm PKT  Comments(40) |

Global peace index

General

Norway rated most peaceful nation. That's what the BBC article and the Global Peace Index says. According to these, Norway, New Zealand, Denmark, Ireland and Japan are ranked the world's top five peaceful countries. The whole list can be found on the Vision of Humanity website which looks like a nice initiative that just maybe could play a part in turning world peace into reality.

Global Peace Index

It is ironic how a few of the top countries, like Germany (ranked 12th), Japan (5th) and Ireland (4th), have had a violent past. Maybe massive, bloody wars, coupled with a decisive end, are what it takes to make people value peace. With no end in sight to the current conflicts, sadly I don't see the same thing happening in Iraq or all the other areas of conflict.

Interestingly (in a bad way), Pakistan is ranked at 115, just six positions above Iraq, and comes in last in the Asia and Australia region. I've gone from the 5th most peaceful place to the 6th least peaceful in just 4 years. That's not an encouraging thought.

Posted at 00:03am PKT  Comments(147) |

Wednesday 30th May 2007

IPv6

Internet Technology

Some people are treating it as another buzzword that goes right up there with synergy and others are reluctant to look past its arcane structure, yet IPv6 is becoming more and more important. In case you don't know what I'm talking about, let's start with a brief explanation of these terms.

IP Address

An Internet Protocol address is a unique address that certain devices (such as your computer) use to identify other devices on a computer network and communicate with them. Whenever you use the Internet, you are doing so via an IP address.

IPv4

IPv4 is the fourth revision of the Internet Protocol and is the dominant network layer protocol on the Internet. Though it can theoretically have a maximum of about 4.3 billion addresses, some of these are reserved for special purposes and most of the others are already in use somewhere. Even if they weren't and we distributed all of them among the world's population, we would still be over 2 billion IPs short. According to this article, we will run out of IPv4 addresses in 2010. An IPv4 address looks like this: 172.16.45.54

IPv6

So what happens in 2010? If not for IPv6, any new users (human or otherwise) trying to get onto the Internet would have a hard time. With more and more Internet-capable devices being made available, they would have to go through all sorts of loops to be able to host a website or make their toaster accessible to the world.

IPv6 on the other hand, provides 340 trillion, trillion, trillion unique addresses which might be enough to assign an IP to each organism on the planet (sorry, I can't find detailed statistics on how many there are, but you'd be surprised to know that the number of bacteria in a single human being can total into the trillions). An IPv6 address looks something like this: 2001:0db8:85a3:08d3:1319:8a2e:0370:7344

Supported platforms

Virtually all of the hardware and software that makes up the Internet's core already supports v6. Even your typical operating system and browser has had support for it for some time (Linux has supported IPv6 since version 2.1.8, released in 1996, while Windows NT had it in 2002. Vista has it enabled by default). You can even run v6 in parallel with IPv4 and this is the most common configuration.

The main hurdle just seems to be understanding the concept and putting everything together. I must admit that it isn't a simple protocol and not just in the number of bits that this address comprises of. I still have no clue about IPv6 routing and other calculations.

Nevertheless, I wanted to dabble in it and develop some web-based tools for v6, but my hosting service doesn't support IPv6 and I'm hard-pressed to find a good one that does (while also matching the rest of my prerequisites).

Tunnel brokers

The solution to that was to request a free IP or subnet assignment from one of the "tunnel brokers" that allow you to make use of IPv6 by encapsulating the packets within IPv4, also known as tunnelling. Upon Zaeem's recommendation, I managed to get a couple of these from the BT Exact Tunnel Broker Service and have configured IPv6 addresses on my servers. Will soon be posting an update on the network tools that I have been working on that now support IPv6, thanks to this service.

As an ISP, we are in a good position to play a role in more widespread adoption of IPv6. Though we are currently only running it for testing (and educational) purposes, we should be able to incorporate it into the core network.

Posted at 00:49am PKT  Comments(793) |

Tuesday 29th May 2007

More PKNIC screwups

Pakistan Internet

Once again, one of Pakistan's biggest ISP has fallen victim to the anathema that is PKNIC. It was just over a month ago that they somehow changed entries for Dancom's domains in their database and this was done without any request from our side and without even informing us. Our domain and hence our email, websites and a number of other services were cut off from the rest of the world due to this.

They have now done it again. Though the latest entries are still valid and they haven't had a major impact, they are not what they should be. We have attempted to reach them on their staff email address, the only point of contact, without any reply so far.

So to summarize, the sole authority for the .PK top level domain charges exorbitant fees (more than $30 a year) for domain registrations and still makes blunders that cause unacceptable outages for an industry that thrives on high availability. To top it off, they have no street address or support number. These incidences make it seem like we live in a banana republic with no hope for those that depend on things being done correctly.

With most of the world's TLDs becoming available for registration through more than one registrar, I think it is about time that we got rid of PKNIC or forced them to change their ways. They have had a good profitable run for many years now and enough is enough. I don't know if the last issue reached the right people at the Pakistan Telecom Authority (PTA), but this time, I'll make sure that it does and something solid is done about it.

Posted at 13:50pm PKT  Comments(115) |

Monday 28th May 2007

Test your Geography

General

Found this great geography test recently that is meant for children, but should be pretty tough (as well as educational) for adults. Maybe every world leader should be required to pass this before assuming office. I had a perfect score for Middle East and the World quiz, did pretty well for Europe and Asia, but scored quite terribly for Africa and North and South Americas. Don't even ask about India, Russia, Oceania and Mexico.

Thank you for the link, Pindrop.

Posted at 19:36pm PKT  Comments |

Friday 18th May 2007

Darkness in central part of the capital

Islamabad

It has been almost 3 hours since the power failure and we still have no clue when it will be back up. I'm in the office which is located in F-7, one of the hippest and upscale areas of the nation's capital, yet it has been in darkness for what seems like ages. The WAPDA (the national power monopoly) persons at first denied any knowledge of the outage and then said it'll be fixed in 25 minutes. Still nothing.

Though the shops and businesses in this area are but a fraction of the total economy and the losses would be nothing significant in the overall scheme of things, if this is the state of the best part of the capital, I can only imagine what people in other areas would be going through.

These power shortages, coupled with the abundance of wind and solar energy would make Pakistan an ideal place to kickoff renewable energy projects. I should start looking into these.

This office has its own generator which at least keeps my laptop and the Internet connection running, but it can't support the air conditioners or heavy systems and it won't run forever. Hope the power is restored soon.

Posted at 23:10pm PKT  Comments(3) |

Thursday 17th May 2007

NYSE migrates to IBM and Linux

Linux Technology

The New York Stock Exchange is going live today with the first phase of its migration to IBM's p servers running AIX, and HP servers running Linux. It is estimated that this move will halve the cost of transactions taking place in the NYSE. Though lower cost is the main reason given for this move, I'm sure that top-notch security and stability would have been prerequisites for such a move.

Just today, I was talking to a fan of Sun's Solaris operating system and a critic of Linux's reliability for mission critical applications. The above announcement might offer some proof of how far the hacker/hobbyist OS has come, but I doubt this will be enough to convince people like him. I won't get into another debate about Solaris vs Linux, even after spending the last couple of days dealing with some silly and time-consuming Solaris issues, but all my Linux systems have had been running very smoothly. And this is regardless of the distribution being run (I'm currently using all of Ubuntu, CentOS, Fedora and Slackware on various systems, including my laptop).

Here's hoping to see the penguin go even further.

Posted at 21:35pm PKT  Comments(5) |

Tuesday 15th May 2007

Port 25 blocking and ISPs in Pakistan

Internet Security Pakistan

Block everyone's email?

A few days ago, we did the unthinkable (at least unthinkable for Pakistan). We (as in Dancom's network operations team) blocked all the outgoing email of our customers and not just for a limited time period. This is permanent. If that sounds extreme, then it was, but this is where things are headed, judging by the current state of email and we're probably the first to implement something like this in Pakistan.

Lately, there has been an explosive increase in spam (or unsolicited email) and this is causing problems not just for those on the receiving end of things. Gone are the days when we had to explain to customers sending out bulk marketing emails that this was a bad practice and not business as usual. Or convince those running open relays to fix their servers. These days, spammers employ hundreds or thousands of infected user systems to do their bidding, usually without the user knowing there is anything wrong apart from the hefty bandwidth bill and the subsequent blocking of all their outgoing email.

Pakistan is already notorious for being a source of spam and the long term effects of letting this continue would be devastating. Services such as Spamcop regularly list our customers' IP addresses and the abuse reports sent to us are becoming too numerous to act upon in an effective manner. With limited IP pools, this poses a threat of rendering whole blocks of them as blacklisted and the possibility (remote as it may be) of one day having the whole country's email traffic blocked by the rest of the world due to the overwhelming spam.

A brief description of what we have done can be found on this excellent Wikipedia resource about anti-spam techniques and the Beeb published a couple of articles some time back on the surge in the number of hijacked systems and malicious code rise driven by web. Most of the users we encounter, however, do not understand any of these and fight tooth and nail to put the blame on the vendor or service provider instead of managing their own security properly.

So if we are blocking everyone's outgoing email, do we expect customers to stick to using Yahoo and Gmail? No, they set our state-of-the-art SMTP server, with some excellent anti-spam features, as their outgoing server. Seems simple enough, but the main problem arises when people just refuse to change their settings or are running their own mail server, yet lack the knowledge of configuring it properly. Something that I am getting tired of hearing is exempt me from this change or I'll switch to another service provider. We can off course make the exemption, especially for corporate customers, though we also have to make it clear to them that they themselves are responsible for their own IP address or pool of addresses.

Internet Service Providers

This brings me to my rant about ISPs in Pakistan. Policies, like the one above, happen to be common in a number of European and East Asian countries where best practices generally take precedence over temporarily pleasing the customer. Unfortunately, in this country, customers are usually ignorant of anything that contains even a slight touch of technicality, yet hate to admit that they don't know something and that it is best to trust in the judgement of the experts. Then there is a lack of real collaboration and cooperation between ISPs which causes some serious issues.

While in other places, large service providers form consortiums to have their demands met and to agree upon policies and standards, here they are divided and weak. Despite a potential customer base of at least tens of millions of users, we are forced to stick to low speed packages that charge by the Megabyte and are only within reach of a tiny percentage of the population. The customer and our upstream provider have the say in everything and there is little that the ISP can do about it.

If we could join forces and make important decisions (like the one above) together, it would eradicate the common threat that customers give about switching to another ISP as well as increasing the integrity of Pakistan's overall Internet infrastructure. Both the commercial and technological long-term benefits of this type of collaboration could be huge.

I have already talked to one technical head from another ISP with positive results and am planning on getting in touch with the others. At the minimum, we can start off with a mailing list to discuss these things and move forward from there. Tee Em? The rest? Hope to hear from you soon.

Posted at 10:48am PKT  Comments(584) |

Saturday 12th May 2007

Terror in Karachi

Pakistan

What was starting to look like a circus now seems to be turning into a small-scale war. Ever since the country's top judge was suspended by the president, there have been endless protests and rallies against the decision. At first these were like any other protests, though on a larger scale than usual. Well and good. Justice should be upheld and not easily manipulated by those in power. But then the rally in Lahore looked more like a political one or maybe even an opulent celebration of sorts.

Now people have died. Though I haven't seen any of the news channels, those that have say that Karachi has turned into a war zone with upto 50 or 60 people dead (the official death toll stands at around 12). Most of Islamabad is peaceful, but there have been cautions against going anywhere near Blue Area. No news about it so far which is good news.

The government has started holding its own rallies, causing inconvenience to citizens and potentially endangering the lives of those attending. I hope all this is resolved soon before more destruction is caused and precious (or not so precious for the elite Pakistanis) lives are lost.

Here is the BBC article (currently top story) on the subject.

Posted at 18:01pm PKT  Comments(139) |

Thursday 10th May 2007

Web proxies and web proxy blog

Web

Though it isn't my main area of concern, ever since I started my own proxy, I have been looking more and more at what's out there. It seems that there is some money to be made by running your own proxy, though nothing very significant. At least it puts those extra cpu cycles and bandwidth to good use and I get to practice my optimization skills.

You can find a lot of interesting information on web proxies from the Web Proxy Blog. The Web Proxy Blog helps you earn money with proxies and is a good resource if you are planning on starting your own.

Though I haven't had it translated into Chinese yet, the Chinese Proxy is another site that I have started after succumbing to the temptation of buying another good domain. Let's see how that goes.

Posted at 16:59pm PKT  Comments(34) |

Thursday 3rd May 2007

Website bandwidth usage and PHP optimization

Web

Though the traffic on my blog has steadily increased, it is nothing (yet) that would warrant the need to optimize the site for better bandwidth usage. However, the hits on my proxy site have jumped up quite dramatically over the last couple of days.

There isn't much I can do about such a site since there is very little content that is loaded from the server itself. However, both the traffic and the resource utilization (namely CPU) are starting to get hammered. And I'm looking at whatever small optimizations that can be done before I have to move it to a more powerful server.

Though the Apache web server isn't the real bottleneck and already quite optimized, I have disabled fancy directory listings (all those AddIcon lines) as well as extra Apache modules, such as mod_proxy. That'll be all for Apache (for now at least). I remember using the bare, optimized config file that is shipped with the Apache source and employs some of the same techniques. Will check that again if Apache ever requires more fine tuning.

For PHP optimization, I found a number of resources, though the 12 PHP optimization tricks page is probably the best and most famous one. Not all of these tips were applicable in my case, but I managed to cook up a few myself. I have taken out a number of the if statements from the PHP code since most of them weren't required anyway and am looking at what else can be changed.

Logging has also been controlled to minimize disk i/o. I was a bit frustrated that there doesn't seem to be any option in Apache to disable logging for a particular virtual host. Your options are either to log the hit to /dev/null or set a condition using SetEnvIf. Here's how I did it:

SetEnvIf Request_URI "^/index\.php?" dontlog
CustomLog <path_to_logs>/www-access_log combined env=!dontlog
CustomLog <path_to_logs>/www-referer_log referer env=!dontlog

What this does is to only log requests that don't start with /index.php? and this has drastically reduced the size of my logs.

For bandwidth consumption, here is a nice page that I happened to find on reducing a website's bandwidth usage which could come in handy if you're running your own blog or website. Carry on webmastering.

Posted at 20:00pm PKT  Comments(2780) |

Tuesday 1st May 2007

Meaning of Mayday

General

1st of May, a public holiday that is also known as May Day. The first thing that came to my mind was the distress signal that so often appears in fiction and one that we hope we never have to use. The first thing that I thought was that something really awful must have happened in May or the 1st of May to have led to this.

Enter good ol' Google and Wikipedia. It seems that May Day and Mayday have nothing in common with each other. One can refer to any holiday in the month of May while the other is a distress call based on the french word m'aider, meaning "help me".

Posted at 10:06am PKT  Comments(1) |

Previous Month's Entries
Next Month's Entries