Wednesday, April 29, 2009


There are things that happened in my life that I am not proud of but 2 days ago, the window of opportunity for redemption was opened and I'm taking it along with gratitude to those who pointed me to it.

I'm doing this for myself, not for anyone else because trying to meet up to other people's expectation is a selfish act as it only means you are doing it to get approval of others, not your own.

If I am right, that window will continue to be opened and lead me to another one.

Thursday, April 23, 2009

Ubuntu 9.04 Desktop Edition

Just released a few hours ago. My laptop is already running it. All I need to do is to simply upgrade from the previous version through the Update Manager. It's a breeze.

Ubuntu Desktop is my preferred desktop OS. It is pleasing, easy to use and has almost all that you need. If you are pretty savvy, as in you know how to install stuff and all, then switching to Linux is not that hard. It's a matter of getting use to something totally different.

Wednesday, April 15, 2009

Time to wake up

New bills were passed recently in parliament.

Parliament passes new Bill to manage law and order

The ones that are a cause for concern are

- police officers have new powers to issue pre-emptive "move-on" orders, which will be in written form, ordering demonstrators not to congregate at the intended rally area, or give them a chance to leave without getting arrested.

- police will also have powers to stop the filming of ongoing security operations and seize such materials so that operations are not compromised.

First of all, I would to comment on the article itself because reading it made me feel like puking. Instead of being a neutral party, they sounded supportive towards the justification of the passing of the new bills when it is not their job in the first place.

The two new bills mentioned above means the police can simply ask you to take your leave from where you are. They can also simply confiscate your recording devices. All these at their sole discretion. It is so highly subjected to abuse because it can be any vicinity and any 'security' operations.

Let me give you a scenario. Under the law, any public protest of at least five people without a police permit is deemed illegal but we all know that don't matter. The police can still lock you up even if you are alone. They have other laws to do that. Previously, video recordings by those arrested provided an alternative view of what actually happened, countering those by the police. With the new bills, they can prevent the recording of an incident and no one will know what actually happened.

The new bills are similar to many laws in Singapore that has got to do with civil rights. Many were so vague like the Miscellaneous Offences Act which can be used if nothings else can to charge you.

Make full use of that voting slip people before that is taken away from you too.

How to build your own hot spot, the right way.

The following is taken from an article on CNET entitled How to be an ISP: Build your own hot spot
(Note: I have informed CNET of the mistake and the writer has since updated his article)

"The easiest way to do this is to use two routers. The first router is used for your home to create a private network. With most existing Internet providers, this router will act as a gateway with NAT. You don't need to worry about what passwords or data travel over this network (you can allow Windows file sharing, or you might telnet from one local machine to another) because only trusted people have physical access to the network. If this router is wireless-capable, you will need to encrypt the connection to make sure only trusted people can connect to the network.

The second router is the wireless router that you want to use to offer access to the public. This router needs, in turn, to have NAT function of its own. This means once plugged in the first router, the second router will take the connection to the Internet from the first router and create a captive local network of its own, separate from that of the first router. In short, the NAT function of the second router acts as a firewall that separates the two networks"

There were no topology in his guide but if I understand the writer correctly, based on a typical home setup, what he suggested should look like the following

If I am right, then the above mentioned part of his article is totally wrong.

By having another network behind a router and NAT does not protect the network in front of it. In fact, the protection is the other way round. This is the case with any typical home network where being behind the NAT provides somewhat of a 'protection' from the Internet, and not the other way round.

Building two totally separate and secured network is not that hard but not as simply as relying on NAT. But based on this article, the right way is to actually reverse the function of the two routers. In other words, the first router is the wireless router that you want to use to offer access to the public and the second router is used for your home to create a private network. The NAT on the second router will provide the private network protection from the hot spot network.

The only problem then is the double NAT which makes hosting services in the private network a real pain in the ass.

Tuesday, April 7, 2009

Configuring Cisco for SingNet Bizlink


You switched to SingNet Bizlink static IP plan and were given a Cisco 877. You have your own router and/or firewall in your current setup and all you need is an ADSL modem to replace your current CPE. This way, you can keep everything else in place and simply do an IP change.


You have searched for configuration samples for the Cisco and tried in vain to get it to work as a transparent bridge but failed. You need to use the Cisco because that is the only device you have that can connect you to the ADSL service.


Go the routing way by creating another routing subnet between the Cisco and your existing router.

So the topology will look like this


1. Set Cisco ATM interface as required with your public WAN IP eg

interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
interface ATM0.1 point-to-point
ip address
ip nat outside
pvc 8/35
encapsulation aal5snap

2. Set the VLAN interface with a small subnet private ip that is not part of your own private IP eg

interface VLAN1
ip address
ip nat inside

3. Set your own router WAN interface within the same range as the Cisco VLAN interface, in this case

4. Set your own router LAN interface with the public LAN IP assigned by SingTel eg

5. Add a route on the Cisco for all traffic to point to SingTel side and another route to your public LAN network behind your own router/firewall.

ip route
ip route

6. Do a static NAT for your own router/firewall using the public WAN IP. This way traffic from the Internet will see the public WAN IP as your current router/firewall, as if the Cisco does no exist.

ip nat inside source static


- You keep everything as it is and only need to change IP address.
- As good as configuring the Cisco as a bridge.

- You MAY run into IP routing problem if you have private networks using the same range as the private IP assigned to the VLAN1 interface. However, by using the smallest network you can, this is quite unlikely.
- You have additional route when you do a traceroute from the inside.

Wednesday, April 1, 2009

Lovehunters - Sambutlah Kasihku

Another beautiful song. Lovehunters is another local band fronted by Yazid, another great local vocalist, that did not get its due recognition.

Tak pernah ku menduga
Gelora jiwa sesal di dada
Aku jatuh dan aku merindu tanpa kepastian
Bagaimanakah nantinya
Aku dapat menyakinkan
Rasa cinta di hatiku
Hanyalah untukmu kekasihku

Mendung dalam sinar matamu
Kenangan duka masa lalu

Tak ku hiraukan panas mentari lagi
Demi cinta kurela menanti
Takkan goyah walau badai kan melanda
Seribu tahun kutetap setia

Lupakanlah dukamu yang silam
Hulur tanganmu sambut kasihku
Mari bersama kita melangkah
Membina cinta abadi