Wednesday, April 12, 2006

Palm PDA and Lotus Notes

My old Palm m105 for some reason inexplicably stopped syncing over the serially connected cradle. I not too terribly surprise that this functionality died. After all, I soaked the Palm PDA in water twice and had this product for over 3 years. I absolutely relied on my Palm PDA for my calendar entries. The last two companies that I've been with both use Lotus Notes. I managed to write a Java conduit to sync up the calendar entry with Lotus Notes and my old Palm m105 PDA. I kind of like my custom conduit because I can control what type of information to transfer over to the palm datebook and format the data in the calendar entry the way I want. So this situation with the un-sync-able Palm presented me with a dilemma. I have a ViewSonic V37 PocketPC that I received free courtesy of a MSDN subscription that I have purchased. But to get that to sync up with Lotus Notes required me to shell out $100 bucks to buy the Lotus Notes synch software. I did not want to shell out $100 to purchase that software. I looked for alternatives and saw that Palm sells a cheap PDA in their Palm Zire 22 product for around $100. So I got the hardware instead. To my chagrin, I could not get the Java conduit to work with Palm Zire 22. Palm's new SDK did not have any sample java code or documentation on how to write java conduit to their new Palm OS platforms. Needless to say, I was not too happy about this situation. Now I have two PDA that I can't get talking to Notes. I already sunk $100 dollars into this and now I really do not want to spend another $100 for the software. I googled around for a solution out of my self inflicted situation and found an answer in Michael Radwin's Palm-PDA perl package. (His package can be found here : http://www.hebcal.com/dist/Palm-DBA.pm) With this package, I manage to write a perl script to extract the calendar info from Lotus Notes via Note's COM interface and create a Palm datebook archive file. I then import the datebook archive into Palm Desktop and sync the calendar that way. While the new process is more cumbersome then simply clicking on the HotSync button on the PDA, it works for me and its cheap. Plus the calendar entry information is formatted exactly the way I like it.

Tuesday, April 11, 2006

Tripwire and Security

I notice that some of the servers in DMZ zone are installed with Tripwire. While I have heard of this term before, I never really looked into how it works. Well, I did some investigation and know understand the technological underpinning behind Tripwire product. Tripwire basically takes a snapshot of your file system by checking each file and generating a file signature and then store all that information in a database. Then you can run reports off the database to see what files got added, deleted or modified. If you see that some system binary files got changed, then your system is probably hacked into. Now I'm wondering if there's a version for my windows PC at home. I suppose that to be secured, I'll need at least 2 servers at home. The windows box that my kids uses can be installed with a tripwire like software and the database hosted on a second pc, possibly a linux box with mysql on it. Since I have a router and a wireless router, I can setup a dmz zone with the windows pc in the dmz zone and the linux server behind the second router to further secure the linux box and the database from tampering. With all the security holes in a Windows box, why don't I put the linux in the dmz as a bastion host? Well, that's because my kids want to go to the internet and play games or look at trailers on the Windows box. That's the more vulnerable box that I want to secure prevent it from spreading virus to other computers in my home network, so isolating that box in the dmz makes more sense to me. I plan to research some more on a tripwire like software for the PC and post the results here. If they don't have one, maybe it's time for me to write one myself.