Hello there!
A few announcements to spin off into a well deserved weekend 
I – End of Maintenance of NumExt
NumExt will no longer be maintained (sad… sho sho shad :=) …)! Ok! it is not that much of a tragedy, since I am happy to have seen the add-on grow and inspire many other addons that have implemented some of its features (yes! you “code rippers” you know who you are 
)
II- quaggOS
quaggOS stable version 1 has been extensively delayed due to the delay from Quagga upstream’s release of the next stable branch. Current branch 0.99.17 is not fully stable, thus we will have to wait a bit longer. Meanwhile I am actively working on making quaggOS a bit more user friendly.
III – pwgen
pwgen firefox addon’s development will continue as it is. Thanks to the many contributors and for the strong user base.
That’s folks!
Cheers,
Ali
Hello there!
I know… it has been a long time since the last release and I know, many of you were awaiting for the bug fix identifed by Armin Juhlke @juhlke.de - I was able finally today to put some time aside and look at it – here is the new release….
This release includes some bug fixes and had underwent a medium code cleanup from the 0.4 branch including some XUL improvements and a new feature added.
Here is the raw changeLog
1. Bug reported by Armin Juhlke @juhlke.de
“The digit 0 is not excluded from generated password when specified in the list of excludec characters”
2. Feature added – Password History added for current session.The user is now able to select whether or not they want to keep a history of the generated passwords… those passwords are not “saved” and only exist in memory; the user can then clean the buffer. That being said, the logged passwords do not survive a firefox restart.
3. JS Preference Code Cleanup – Optimization in metadata table
4. XUL Interface + CSS major improvements
5. Added support for Firefox 3.7a6pre
The addon was just uploaded, thus is available through https://addons.mozilla.org/en-US/firefox/downloads/file/92313/pwgen-0.4.5-fx.xpi – Once it has been reviewed by Firefox AMO Editors, it will then be available on the addon’s main page.
Cheers,
Ali
Hello,
This is just to announce that the blog is now available through IPv6. To be more precise through proto41 as this is just an experiment.
[aabbas@mig ~]$ host alouche.net
alouche.net has address 69.72.186.60
alouche.net has IPv6 address 2001:470:1f07:a4e::2
[root@srv1 ~]#ip -6 route sh
xxxx:xxx:xxxx:xxxx::/64 via :: dev t-ipv6 proto kernel metric 256 mtu 1480 advmss 1420 hoplimit 4294967295
2001:470:1f07:a4e::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 via :: dev t-ipv6 proto kernel metric 256 mtu 1480 advmss 1420 hoplimit 4294967295
ff00::/8 dev eth0 metric 256 mtu 1500 advmss 1440 hoplimit 4294967295
ff00::/8 dev t-ipv6 metric 256 mtu 1480 advmss 1420 hoplimit 4294967295
default dev t-ipv6 metric 1024 mtu 1480 advmss 1420 hoplimit 4294967295
(tunnel IP has been obfuscated)
Nginx (the webserver serving this blog) has been recompiled to support IPv6 and is now serving requests for this domain on both IPv4 and IPv6.
Cheers,
Ali
Hi there!
Jeremy on “evilrouters.net” issued a post regarding a white-paper published on the GCIH website, the paper is entitled “IOSTrojan: Who really owns your router?“. The pdf is available at this link and is about 26 pages. Being curious as to all things IT, especially in the domains of Networking and Unix, I dived in and read the pdf in its integrality and here is my take
In the major part of this article, the author mainly focus on demonstrating how a tcl script executed could lure the user into being in an ios shell and not tcl shell by parsing and handling most of the IOS commands. While the author makes a good point for anyone not being aware of the tcl script setup, it makes me wonder as to which extend, a scenario as such would take place in a production environment and whether this would qualify as such as a Trojan, since the code process of execution is not hidden from the user’s view, which itself brings me to the following question: “who does run a tcl script on a production network equipment without source reading it?”
Last but not least, yet again another reminder that the weakest link in a deployed environment (whether it be a deployed network or server farms) is the design and maintenance of the security guideline and practices.