ramez hanna's blog

my laptop had some sort of a power failure and it is currently at the service center, so i got my self a macBook as a temp solution

my first impression:

* wow cool a mac !
* looks so elegant and slim, clear crisp screen, desktop looks cool with some nice effects and window decoration
* in general it looks good - sexy ;)

after 1 day:

* i can't tell what those guys thought when they did not include a right-mouse click!
* where is the del button? ah fn+Backspace ! is that really smart?

Bravery is not measured by what we are not afraid of but how we deal with the things we are afraid of

i have quit my position as senior system engineer (senior antikh) at ECC to senior system engineer at Thebetechnology, working for Qlayer

How to take screen shots in linux?
if you are using GNOME or KDE then probably it's an applet or a "print screen" push button.
But what if you are using any other simpler WM? i use enlightenment, and i don't have the screenshot module.
i don't have internet right now to download it.

I press
Ctrl + Alt + F1
to get a console
#import -window root -display :0 screenshot.png
and voila.
pretty simple huh!

Microsoft Exchange Hosted Services is a new service by Microsoft to provide email security services, in short it scans incoming and outgoing mails for SPAM, Virus and policy violations.
what i discovered is that their smtp service is running POSTFIX

rhanna@rhanna:~$ dig somedomain.com MX

; <<>> DiG 9.3.2 <<>> npcegypt.com MX
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13422
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;somedomain.com. IN MX

I wanted to learn more about security so i started to read about vulnerabilities, exploits, penetration testing, etc... but all the time all i could find was very basic and doesn't seem like real life attacks. they seemed so simple and too easy to implement and defend. so i moved to reading about securing the network more than penetrating it, so i went reading about the security best practices and the technical tricks. then it hit me, i wanted to see real scans and attacks, and in the same time my boss wanted to implement an IDS, so IDS it is.

this is a shot at advocating opensource, well not really opensource but more on the right practices in IT as I see it

On launching new applications
The need for a new application at work arises when new requirements occur, maybe there is already an application doing part of the job but the needs are more or maybe their a new requirement in the work flow that needs a new application.
so now the decision is to be made, do we get an application or do we get a developer team to do that application!

Tn the last couple of weeks my qmail server was under heavy traffic that rendered it mostly inaccessible.
the facts
what hapened was that too many smtp sessions were opened sending too many messages to non-existing accounts, we're talking here about 512 incoming smtp connection, over 6000 mails in the queue and over 256 outgoing smtp connection, and if that is not enough over 60 concurrent local deliveris.
the analysis

I have been using qmail for 6 month now on a server hosting over 30 domains - one of them is an ISP - so i think that now i can say something usefull.
i can't argue about qmail's code or performance, it can take whatever you throw at it and it is being used by google's mail already.
qmail is just 3 parts of a big system, it offers only smtp, pop and delivery agent. you still need imap, mailing list, webmail app and probably a DB backend for storing users. all that can be done easily but with a significant amount of work to get everything to work together nicely.

According to Wikipedia Greylisting is a simple method of defending electronic mail users against e-mail spam. In short, a mail transfer agent which uses greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again to send it later, at which time the destination will accept it. If the mail is from a spammer, it will probably not be retried, and spam sources which re-transmit later are more likely to be listed in DNSBLs and distributed signature systems such as Vipul's Razor.