Koos picture small

Koos van den Hout

Welcome. This is my homepage where I write about my opinion, projects, things I note, things I try and other random stuff. Newsitems have tags for a bit of structure.

Latest news/thoughts/geeking/rants/notablog

2016-02-11 Xs4all VDSL met DrayTek Vigor 130 VDSL modem en PPP eindpunt op Linux (ubuntu) server 2 hours ago
Omdat ik ten opzichte van het eerdere verhaal Configuratie voor VDSL van xs4all met het eindpunt op een linux server toch wat wijzigingen heb, een keer weer alles op een rijtje.

De configuratie is natuurlijk afgeleid van Eigen router achter een XS4ALL-VDSL-aansluiting (3) - Harold Schoenmaker die een Mikrotik router gebruikt met een eigen configuratietaal.

Wat op dit moment nog niet werkt is de MTU van de ppp verbinding terug naar 1500 bytes. Iets in de keten server / switches / VDSL modem laat de iets grotere PPPoE packets niet door.
Read the rest of Xs4all VDSL met DrayTek Vigor 130 VDSL modem en PPP eindpunt op Linux (ubuntu) server

Tags: , ,
2016-02-11 Vigor VDSL modem in gebruik 8 hours ago
Het Vigor VDSL modem is in gebruik. Omzetten was een kwestie van wat regeltjes in /etc/network/interfaces wijzigen en aanmaken.

Wat nog niet lukt is de MTU terug naar 1500, ergens in de hele keten komen vergrote ethernet packets er nog niet door. Dus die staat nog even op 1492.

Verder werkt een en ander. De Vigor heeft een telnet interface die me erg doet denken aan die van de Thompson modems. Het script wat de VDSL snelheid uit het modem haalt is dus ook weer een telnet expect script gebaseerd op de code die ik ooit voor de Speedtouch/home gebruikte.

Account:admin

Password: ***********************

Type ? for command help

> show adsl
  ---------------------- ATU-R Info (hw: annex A, f/w: annex A/B/C) -----------
   Running Mode            :      17A       State                : SHOWTIME
   DS Actual Rate          : 75927000 bps   US Actual Rate       : 31370000 bps
   DS Attainable Rate      :111621000 bps   US Attainable Rate   : 43919000 bps
   DS Path Mode            :        Fast    US Path Mode         :  Interleave
   DS Interleave Depth     :        1       US Interleave Depth  :      285
   NE Current Attenuation  :        9 dB    Cur SNR Margin       :       17  dB
   DS actual PSD           :    -4.-1 dB    US actual PSD        :    13. 1  dB
   NE CRC Count            :        0       FE CRC Count         :       31
   NE ES Count             :        0       FE  ES Count         :        3
   Xdsl Reset Times        :        0       Xdsl Link  Times     :        2
   ITU Version[0]          : b5004946       ITU Version[1]       : 544e0000
   VDSL Firmware Version   : 05-07-01-0A-01-07   [with Vectoring support]
   Power Management Mode   : DSL_G997_PMS_L0
   Test Mode               : DISABLE
  -------------------------------- ATU-C Info ---------------------------------
   Far Current Attenuation :        0 dB    Far SNR Margin       :        5  dB
   CO ITU Version[0]       : b5004244       CO ITU Version[1]    : 434db0c7
   DSLAM CHIPSET VENDOR    : < BDCM >
>
Het verschil wat in mijn grafiekjes opvalt is dat de 'upstream path mode' interleaved is wat een paar milliseconden(!) verschil geeft op de latency.

Ook wat verschillen in maximale snelheden, maar die vallen ruim binnen de marges van het abonnement wat ik heb.

Tags: ,
2016-02-10 And now vectored VDSL doesn't mind transmitting 1 day ago

Vectored VDSL spectrum as reported by the Fritz!Box 7360. The earlier interference seen starting around 16.5 MHz isn't visible.
After a restart of the modem the interference starting around 16.5 MHz hasn't returned. The interesting fact is that now transmitting on 14.070 MHz PSK31 does show in the signal/noise graph of the modem but there was no connection hickup the first time I did that, the bits/carrier just adjusted down and things went on fine.

Tags: , ,
2016-02-10 VDSL modem besteld en geleverd 1 day ago
Het bestelde DrayTek Vigor 130 VDSL2 / ADSL2/2+ modem/router is geleverd (met dank aan Azerty) en nu ben ik even bezig met het instellen. Gelijk maar een firmware opgezet die geoptimaliseerd is voor vectored VDSL2 en de pppoe configuratie klaargezet op de server.

Pluspuntje van dit modem: het heeft een echte aan/uit schakelaar dus zal het na een stroomstoring weer gewoon opstarten.

Tags: ,
2016-02-07 Some interesting recent 'firsts' in amateur radio recently 3 days ago
I had a day with for me special contacts recently. First with UT1FG/MM, Yuri who is a captain on a freight ship and crosses the ocean with some spare time to make amateur satellite and HF contacts. I had a contact with him while his ship was nearing Gibraltar from the Atlantic Ocean, which is my first 'sea' gridsquare. I hope to contact him again via satellite or HF!

Second with 7X3WPL, Sahara DX Amateur Radio Club. I have seen them a lot, tried to answer them every time (I was trying to reach them when I made a contact with Indonesia) and this time it worked.

And a contact on 20 meter PSK31 at 22:57 localtime with IK0OEF Claudio in Italy, way past sundown. I am used to propagation on 20 meter dropping when the sun sets so this was quite remarkable.

And a few days later a contact with 9H1KR on the island of Malta, also a new country for me.

Tags: ,
2016-02-05 Tijd voor een VDSL modem wat mijn setup gewoon ondersteunt 6 days ago
Gisteren heeft een groot deel van de dag de Internet verbinding thuis er uit gelegen. Vermoedelijk bracht een korte VDSL hik het modem in een status waarbij processen op het modem niet meer de pppoe zaken doorlieten. Pas 's avonds kon de zaak hersteld worden. Blijkbaar is de fritzbox 06.20 firmware hardnekkiger in het herstarten van processen als dsld dan 06.04.

Maar dit is wel het moment om te kiezen voor een modem waarbij een verplaatst PPPOE endpoint een ondersteunde setup is, wat volgens de omschrijving meer een setup voor de zakelijke markt is. Dan ben ik maar een zakelijke gebruiker. Ik kom terecht op de DrayTek Vigor 130 VDSL2 / ADSL2/2+ modem/router die ook pppoe forwarding ondersteund, bijvoorbeeld zoals besproken in Eigen router achter een XS4ALL-VDSL-aansluiting (3) - Harold Schoemaker al doe ik het deel erachter 'gewoon' met Linux en niet met een MikroTik router. Tijd om wat hardware te bestellen.

Opmerkelijk is dat er in de firmware download van de Vigor 130 7 versies(!) Annex A firmware zijn waarvan 4 voor diverse implementaties vectored VDSL. Dat geeft toch het gevoel dat vectored VDSL een nieuwe en nog niet zo uitgekristalliseerde technologie is.

Tags: ,
2016-02-05 (Finally caught the misleading advertising and someone nearby helped search for the screenshot magic ...) 6 days ago
Google+Koos van den Hout : Finally caught the misleading advertising and someone nearby helped search for the screenshot magic button combination. Note one of them is for a 12 euro per week subscription 
2016-02-03 (500 Stack Overflow mispaste A suggestion I made on an irc channel somewhere: in the 500 (or other relevant...) 1 week ago
Google+Koos van den Hout : 500 Stack Overflow mispaste

A suggestion I made on an irc channel somewhere: in the 500 (or other relevant 50x series errors) that will show on your -dev webserver on a serious coding error, show 'Stack Overflow mispaste'.
2016-02-02 Humor van nu.nl 1 week ago
In lynx krijg ik ook de melding over een adblocker van nu.nl. Nee, ik heb geen adblocker in lynx!

Tags: ,
2016-02-01 A virus targetting people who think faxes are still a thing 1 week ago
In this morning, a virus targetting people who think faxes are still a thing.

Security tip: never trust unsollicited attachments!
A new fax document for you.

You can find your fax document in the attachment.

Scan quality:    200 DPI
File size:       280 Kb
Pages sent:      8
From:            Scott Baird
Processed in:    16 seconds
Document name:   scan-00318314.doc
Scan date:       Sun, 31 Jan 2016 22:46:28 +0300

Thank you for using Interfax!
With an attachment
Archive:  /tmp/scan-00318314.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
     2275  2016-01-31 17:58   scan-00318314.doc.js
---------                     -------
     2275                     1 file
Obfuscated javascript trying to find and exploit vulnerabilities to infect my machine.

Tags: ,
2016-01-30 Amateur radio transmitting influence on vectored VDSL 1 week ago
Our VDSL Internet connection was recently upgraded to vectored VDSL which gives us a lot more speed: attainable speeds are now 117057 kilobit down and 42201 kilobit up. The subscription speeds are much lower, but still very nice for a home Internet connection.

The downside is that VDSL uses a lot of spectrum from nearly 0 Hz up to 17664 kHz which includes several amateur bands and vectored VDSL seems to be highly sensitive to other RF signals. For me at least 20 meter (14 MHz) and 40 meter (7 MHz). I already caused several disconnects by transmitting in these bands and even with more recent firmware this problem remains.

I have been active on the same bands since we got faster speeds without vectoring (in the beginning of November 2015) but it did not influence the VDSL stability when vectoring wasn't enabled. The VDSL profile hasn't changed (17a) so the same frequencies are used.
vectored vdsl spectrum
Vectored VDSL spectrum as reported by the FRITZ!Box 7360. The hole in bits per carrier around 14 MHz is caused by my PSK31 transmitting (I can see the influence on the signal/noise ratio while transmitting). The hole above 16.5 MHz (starting near carrier 3840) is caused by some other source of interference.

Tags: , ,
2016-01-30 (Trustedqsl, the Logbook of the World program from ARRL has recently been updated to allow for the NPOTA...) 1 week ago
Google+Koos van den Hout : Trustedqsl, the Logbook of the World program from ARRL has recently been updated to allow for the NPOTA program. I kindly asked the maintainer of trustedqsl for Ubuntu to make these updates available as Ubuntu packages and he did that, so now trustedqsl 2.2 is available via the ubuntuhams ppa and the kamalmostafa/trustedqsl ppa. Instructions on adding the last ppa (additional software repository) on the linked page.

73 de Koos PD4KH
2016-01-29 Running services on nonstandard ports doesn't change much 1 week ago
shodan.io finding sshd on port 2022 Some people give the advice to run sshd on a different port number to make less attacks happen. But with the constant scanning and automatic service fingerprinting that won't change much.

This example is from shodan.io search engine but any scanner could find this.

I consider shodan.io a good service: I use it at work to find misconfigured systems. The scanning shodan does is like the research any beginning interested attacker would do.

Tags: ,
2016-01-29 Linux dummy network interfaces can be very handy 1 week ago
The recent interruptions in the outside Internet connection made my wish to improve some things in the server at home so internal things keep running through an interruption.

I have to request an IPv6 range for an interface to make wide-dhcpv6-client run, it won't run when I don't configure the interface to assign a /64 to, and my ISP will not route IPv6 when I don't use IPv6 prefix delegation to request the space which is static anyway. But I want the wired and wireless network to have fixed IPv6 ranges so things keep running even when the outside link has a hickup. Solution: request the IPv6 range for a dummy network interface and assign static IPv6 ranges to the ethernet interfaces. In /etc/network/interfaces:
auto dumdh6
iface dumdh6 inet static
    pre-up ip link add name dumdh6 type dummy
    address 0.0.0.0
And in /etc/wide-dhcpv6/dhcp6c.conf:
interface ppp0
{
        send ia-pd 0;

                script "/etc/wide-dhcpv6/dhcp6c-script";
};
id-assoc pd {
        prefix-interface dumdh6 {
                sla-id 3;
        };
};
And there is another dummynet interface to assign the fixed IP addresses to I use for hosting services. This means those services can start (and keep running) even when the link hickups and removes the IP address from the ppp interface. Earlier I did this on an unused vlan interface, but using dummynet feels more tidy.

Tags: , ,
2016-01-28 Andere firmware op fritzbox 1 week ago
Eerst een 06.30 firmware geprobeerd via de officiele weg en die deed het wel en gaf een stabiele verbinding (bij een korte test..) maar de 06.30 versie (de laatste versie op dit moment) heeft helemaal geen opties meer voor telnet / pppoe met pppd op een apart systeem wat ik wel wil.

Na veel zoeken een 06.20 firmware voor de fritzbox 7360 gevonden waarop met de uitleg uit eerdere gedachten hierover het wel werkend te krijgen was.

Heel stabiel en prettig is het niet, ik moet na een VDSL hik met de hand wat dingen uit debug.cfg uitvoeren (dat lukt dus niet van buitenaf..).

Op een bepaalde frequentie in de 20 meter band kom ik ook een draaggolf tegen en toen ik daar zelf op ging zenden herstartte ook de VDSL compleet.

Een definitieve oplossing hiervoor is toch een Fritzbox met goeie support voor een extern pppoe endpoint (wat voor AVM misschien in een verre toekomst zit) of een Draytek Vigor 130 VDSL2 modem.

Update: voorlopig is het geheel stabiel, de tellers voor fouten blijven de hele nacht op 0 staan.
Read the rest of Andere firmware op fritzbox

Tags: ,
2016-01-28 Shodan using the IPv6 ntp pool to find active IPv6 addresses 2 weeks ago
Recently posted: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes. So I tried:
ntpdate -d -u 2a03:b0c0:3:d0::18:b001
And indeed:
Jan 28 14:42:25 server kernel: [1187976.106758] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=49717 DPT=55554 WINDOW=54358 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107191] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34680 DPT=50070 WINDOW=26315 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107256] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=49717 DPT=32764 WINDOW=15398 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107309] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=41249 DPT=44818 WINDOW=15146 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107380] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=52 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=13864 DPT=30718 LEN=12 
Jan 28 14:42:25 server kernel: [1187976.107427] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=59140 DPT=25565 WINDOW=53087 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.108613] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=55 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=32950 DPT=8888 LEN=15 
Jan 28 14:42:25 server kernel: [1187976.110197] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=39721 DPT=64738 LEN=20 
Jan 28 14:42:25 server kernel: [1187976.110315] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=50 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=46499 DPT=5632 LEN=10 
Jan 28 14:42:25 server kernel: [1187976.110405] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=65 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=21934 DPT=47808 LEN=25 
Jan 28 14:42:31 server kernel: [1187981.938880] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34235 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:31 server kernel: [1187982.030058] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34235 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:31 server kernel: [1187982.197203] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34237 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:33 server kernel: [1187984.398977] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34245 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:34 server kernel: [1187984.620836] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34244 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
I would have expected more ports tested.

Tags: , , ,
2016-01-28 VDSL instabiliteit uren later 2 weeks ago
En circa 6 uur na het inschakelen van Vectored VDSL is de hele VDSL instabiel en duurt het regelmatig lang voor data overkomt. Regelmatig valt de hele ppp sessie weg en het is al gebeurd dat de ppp sessie opkwam zonder IPv4 maar met IPv6 (gelukkig kon ik toen via IPv6 inloggen en een herstart forceren om weer IPv4 te krijgen).

De ultieme hik kwam toen ik ging zenden op 14.070 MHz (20meter PSK31 frequentie) wat binnen het VDSL2 spectrum valt. Toen verbrak de verbinding compleet en werd opnieuw de snelheid onderhandeld, waardoor er toch waardes anders werden. Maar de instabiliteit was er al voor deze actie.
 		Receive Direction 	Send Direction
Max. DSLAM throughput	kbit/s	111216	33032
Min. DSLAM throughput	kbit/s	784	232
Attainable data rate	kbit/s	76636	43379
Current throughput	kbit/s	76023	32056
Seamless rate adaptation		off	off
 			
Latency		4 ms	8 ms
Impulse Noise Protection		72	2
G.inp		on	off
 			
Signal-to-noise ratio	dB	6	5
Bitswap		on	off
Line attenuation	dB	9	3
 			
Profile	17a		
G.Vector		on	on
 			
Carrier record		A43	A43

Het lijkt er op dat ik nieuwere firmware op het modem moet installeren om de stabiliteit met vectored VDSL weer te verbeteren. Maar nieuwere firmware geeft weer meer moeite om mijn pppoe hacks mogelijk te maken.

Tags: , ,
2016-01-27 VDSL met vectoring, nog meer snelheid 2 weeks ago
Vandaag in de middag is vectoring ingeschakeld op de VDSL. Dit heeft vooral erg leuke gevolgen gehad voor de upstream snelheid:
 		Receive Direction 	Send Direction
Max. DSLAM throughput	kbit/s	111216	33032
Min. DSLAM throughput	kbit/s	784	232
Attainable data rate	kbit/s	114042	49851
Current throughput	kbit/s	76748	29514
Seamless rate adaptation		off	off
 			
Latency		4 ms	8 ms
Impulse Noise Protection		74	2
G.inp		on	off
 			
Signal-to-noise ratio	dB	17	7
Bitswap		off	on
Line attenuation	dB	9	3
 			
Profile	17a		
G.Vector		on	on
 			
Carrier record		V43	V43
Het leuke effect is ook dat daar waar de downstream snelheid voor Internet verkeer ergens wordt afgeknepen tot de snelheid van het abonnement (circa 20 megabit), dat met de upload niet gebeurd en ik dus nu ongeveer 20 megabit downstream en 27 megabit upstream heb.

Tags: ,
2016-01-27 Virus mail on the rise 2 weeks ago
The last weeks the virus mail trying to make me open Word/Excel files with macro virusses is on a serious rise. Mostly attached (so mail virus scanners seem to be losing again) and sometimes trying to make me download the file from some website. Abusing names of well-established companies.

The most devious type I saw was trying to convince the receiver he/she had damaged a car and had to pay up soon or police would be involved, find the pictures (with .jpg.exe names) at this link.

Any document sent to you unsollicited is suspect.

And from the stupid e-mail disclaimer copied from the 'innocent' company:
E-mail may be susceptible to data corruption, interception, unauthorised amendment, viruses and unforeseen delays, and we do not accept liability for any such data corruption, interception, unauthorised amendment, viruses and delays or the consequences thereof. Accordingly, this e-mail and any attachments are opened at your own risk.
As if they had seen this coming! And they should learn about digital signatures.

Tags: , ,
2016-01-26 Weer spam voor een Belg 2 weeks ago
Deze keren spam voor een Belg van: Eerder, eerder, eerder.

Tags: ,
2016-01-23 (Whoever connected the transformer for our doorbell originally took an interesting shortcut. I moved ...) 2 weeks ago
Google+Koos van den Hout : Whoever connected the transformer for our doorbell originally took an interesting shortcut. I moved the doorbell so we should hear it better. 
2016-01-21 Sniffing insecure wireless networks 2 weeks ago
For an upcoming demonstration about security I plan to play with sniffing insecure wireless networks.

I currently have a 'WiFi Pineapple' to play with which makes this quite easy. I created an open wireless network with the SSID of a very popular open network which should be 'attractive' to the visitors of the demonstration and I play with tools to show what can be found in the passing datastream.

First of all dsniff for decoding usernames/passwords in a lot of open protocols, like:
dsniff: listening on
-----------------
01/21/16 21:54:47 tcp xx.yy.zz.60683 -> ftp3.xs4all.net.21 (ftp)
USER ftp
PASS koos@

-----------------
01/21/16 22:05:49 tcp xx.yy.zz.35913 -> pop.xs4all.nl.110 (pop3)
USER bestaatniet
PASS weetikniet
It took me a while to get dsniff working: it does not 'see' connections that originate on the system it is running on, which was my 'preferred' way to test it.

And a more visual one: driftnet for picking out all images from passing traffic. It's a strong visual thing when you see the images from a site you visit popping up in another screen.

Tags: , ,
2016-01-20 (A contest and a rare DX opportunity: the first Iranian ham radio contest, in the first 10 days of February...) 3 weeks ago
Google+Koos van den Hout : A contest and a rare DX opportunity: the first Iranian ham radio contest, in the first 10 days of February.
2016-01-20 Testing protocol-relative hyperlinks with letsencrypt in mind 3 weeks ago
I am pondering making my websites available via https using a Let's Encrypt certificate which are free and support multiple servernames. Currently I have one HTTPS site running with a certificate signed by my own CA which is only trusted by my own systems.

Chances are that I will find lots of places where I will get mixed-content warnings and things that will break. So switching to https-only will have to wait.

But the good news is that it's possible to omit the protocol from a hyperlink, leading to the following bit of HTML code in Nice APRS track this morning:

<img src="//idefix.net/~koos/pics/aprs-PD4KH-20160108.png" alt="APRS track PD4KH 20160108" title="APRS track PD4KH 20160108"><br>
This will keep working when idefix.net becomes reachable via https and will not give a mixed-content warning. I just have to make sure the http and https versions of idefix.net work exactly the same.

At the moment this works fine, even when viewing the RSS feed using sage. According to Can I change all my http:// links to just //? on stackoverflow the number of browsers that don't support this is very small.

Tags: , ,
2016-01-16 Hidden in the contest: a new distance record 3 weeks ago
eQSL card from contact with YB1AR Adding the extra data for the contacts I made in the recent UBA PSK63 Prefix Contest 2016 I noticed I had a new distance record: the contact with YB1AR was over a distance of 11468 kilometers. In the heat of the contest I didn't even notice it was Indonesia, let alone such a distance.

Tags: ,
2016-01-14 Searching for radio interference 3 weeks ago
One of the reasons for shutting down the homeserver was that I have a constant heavy noise on several amateur radio bands, at least on 10/20/40 meters. The noise is always at level S7/S8. I wanted to eliminate the server / UPS / network switch as possible source of the noise.

Rebooting the server also helped reset the video mode back to 80x50 so the earlier problem with interference caused by the video mode is now gone, even with the video cable plugged in. But there is still a lot of other noise left.

Tags: ,
2016-01-14 Boot-time IPv6 on the homeserver not working 3 weeks ago
I shutdown and rebooted the homeserver to get an updated kernel and look at some other things. After booting up again I noticed the problem with IPv6 not active on interfaces that started early was happening again. No linklocal addresses configured, no global addresses configured. This affects all ethernet interfaces and ppp0 for the link to the outside world. I also noticed this problem after the upgrade, see Upgrading the homeserver to Ubuntu 12.04 but the problem remains even with an updated kernel (currently 3.2.0-97-generic).

I have no idea what causes this and how to fix it. It seems related to Debian bug #726569: haproxy doesn't start on boot due to missing IPv6 address on interface but in that case the address is configured but just not available to applications to bind to. Related Beware the IPv6 DAD Race Condition - Andrew Ayer suggests the same (duplicate address detection race condition) but has disabling duplicate address detection (DAD) as workaround.

Tags: , ,
2016-01-12 I participated UBA PSK63 Prefix Contest 2016 4 weeks ago
So I recovered the complete logs for the UBA PSK63 Prefix Contest 2016 and generated a cabrillo export for entering in the contest.

The planning and preparing for this contest helped, macro's worked as planned. The negative side was that the ionospheric propagation dropped sharply after sunset which closed the 20 meter band. I switched to the 40 meter band but almost all activity was below 7.050 MHz, where I am not allowed to transmit. After sunrise and a good breakfast on Sunday morning I worked some more on the score and improved things.

The results: 94 contacts (QSO's) in total, 87 on the 20 meter band and 7 on the 40 meter band. I decided to enter in the single operator 20 meter category since I expect my score to end relatively higher in that category compared to the single operator all band category. Claimed score: 87 qso's * 67 unique prefixes = 5829 points. Looking at the previous years scores that would put me at the 15th spot for single operator 20 meter.

My soapbox comments:
SOAPBOX: Entered as SO20 because almost all 40M activity was outside my
SOAPBOX: allowed band segment (Dutch novice starts at 7.050 MHz)
SOAPBOX: Propagation dropped fast after sunset
SOAPBOX: Something hickupped in my outgoing serial counter

Update: The UBA PSK63 Prefix Contest 2016 logs received overview has me listed with claimed score 6956 which means they included my 7 contacts on the 40 meter band in the calculation. I hope they correct this in the real score calculation.

Tags: , ,

News archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016

The person

Father, cat owned/owner, Unix/Linux fan, Internet user, reader, recumbent byciclist, snowboarder, ipv6 fan. For those who don't speak Dutch: how to pronounce Koos van den Hout.

The job

Specialist information security at Utrecht University with a modern Profile page.
 

Search idefix.net

Custom Search

Visitor using legacy IPv4

Your IPv4 address is 54.146.221.231 in United States

Other webprojects I work on

Weather projects

Weather station

Temperature : 6.1 °C
Humidity : 86.6 %
Airpressure : 999.8 hPa

Contact

Use the e-mail address in the address box and use PGP private secure e-mail when possible.

Pages on specific projects

Loads more pages


Koos van den Hout, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 2C66 3B5D F0D7 C263 local copy PGP key 2C66 3B5D F0D7 C263 via keyservers pgp key statistics for 0x2C663B5DF0D7C263 Koos van den Hout
This page is best viewed with any browser in any resolution. Some browsers will wait with rendering most of the page until allmost all HTML is loaded. RSS
Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
This page generated by $Id: index.cgi,v 1.72 2016/01/16 14:50:04 koos Exp $ in 0.082952 seconds.