E-mail with subject starting with "Please find attached our purchase order number" and a zip, with a zip in it with in that zip an .exe file.

Archive:  PO185 - 188207 X.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
   341805  2017-07-19 04:55   PO362 - 867977 X.zip
---------                     -------
   341805                     1 file

Archive:  PO362 - 867977 X.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
   431458  2017-07-19 15:32   PO362 - 867977 X.exe
---------                     -------
   431458                     1 file

I guess the .exe will cause some serious damage in Windows operating systems. The size is huge, where is the time virus writes tried to stay below 1024 bytes!

Recently the wireless access-point decided that I should not have access to the management interface. I even tried both the IPv4 address I assigned and the default IPv4 address it gets. And the last days I noticed strange delays, which may have been caused by channel overlaps. So I wanted access to the management interface to check the channel settings. I noticed the management interface decided to respond again on the IPv4 address I assigned, and I saw new firmware available which should also help with some stability issues.

Firmware upgraded, and after the upgrade and automatic reboot my access was gone again. Time for the suggested factory reset to get everything back to normal. Done, and I was able to set it up again from scratch with the right configuration.

Maybe I should start running some kind of wiki or something to keep internal documentation of my home network. I had a hard time remembering several details of my own setup recently.

I removed rdnssd and resolvconf and fixed the symlink linking /var/run/NetworkManager/resolv.conf and /etc/resolv.conf by hand. The file /etc/NetworkManager/NetworkManager.conf now says:

dns=none
rc-manager=file

But now I run into the 'NetworkManager prefers IPv4 resolvers' again, leaving me with the resolvers from the DHCP answer before those from the IPv6 route advertisment. The search domains are fine now.

This evening I noticed incoming FT8 QSO's in eQSL, so the mode is now recognized there. But I needed to retry uploading all FT8 contacts to get them to upload. It took a bit of experimenting, but finally the right SQL command to mark the contacts as not uploaded was:

$ mysql -S /home/koos/.config/cqrlog/database/sock cqrlog002
mysql> update cqrlog_main set eqsl_qslsdate = NULL where mode='FT8';
Query OK, 24 rows affected (0.02 sec)
Rows matched: 26  Changed: 24  Warnings: 0

And now they are all uploaded.

That is about a week between first seeing mentions of FT8 in radio amateur news and the first confirmed contacts.

Or maybe I should use the word 'played' again: 6 contacts. It was a weekend with not much time for radio and when that time did happen propagation wasn't cooperating very well. The advantage of contests is that there are a lot of stations who want to hear every other station, so I used the last 20 minutes of this contest just to answer a few calls and get in the log.

Jul 16 04:17:01 greenblatt sshd[9365]: reverse mapping checking getaddrinfo for 121-124-124-73.youiwe.co.kr [121.124.124.73] failed - POSSIBLE BREAK-IN ATTEMPT!
Jul 16 04:17:01 greenblatt sshd[9365]: Invalid user 1234 from 121.124.124.73
Jul 16 04:17:01 greenblatt sshd[9365]: input_userauth_request: invalid user 1234 [preauth]
Jul 16 04:17:01 greenblatt sshd[9365]: Received disconnect from 121.124.124.73: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]

That last bit is not from my sshd but an error message related to a java library for ssh, as noted in Reasons for com.jcraft.jsch.JSchException: Auth fail | Maximilian Böhm which correctly notes that attacks are a reason.

I was reading Debian Stretch - Het Lab Henk van de Kamer (in Dutch) which mentions removing package rdnssd to avoid a dependency problem. But I like rdnssd as it helps use the nameservers available via IPv6 in a network with only SLAAC and no DHCPv6.

Right away I had to check on my own laptop with Ubuntu 16.04 and noticed all traffic was going to the IPv4 address of the local resolver. Which is not what I want, I want to prefer IPv6 when possible. Searching found Bug #936712 “NetworkManager should put IPv6 DNS servers before I...” : Bugs : network-manager package : Ubuntu which is indeed what I saw, and it's still showing in Ubuntu 16.04 Xenial.

My solution was to stop using dnsmasq, and switch to a generated resolv.conf from NetworkManager. To do that I had to update /etc/NetworkManager/NetworkManager.conf to have:

#dns=dnsmasq
dns=none
rc-manager=file

And now I have a resolv.conf with only 3 IPv6 nameservers and no search domains. Not exactly what I want, but at least IPv6 is preferred. I considered something using only the first three resolvers because that is a maximum somewhere but just advertising two resolvers via radvd also makes two show up in the generated resolv.conf. This is not perfect. The generated resolv.conf has comments that it is generated by resolvconf so maybe this is a conflict between resolvconf and NetworkManager not in 'use resolvconf' mode.

Haven't seen this before:

Jul 13 09:29:45 greenblatt sshd[24232]: Invalid user  from 193.105.134.187
Jul 13 09:29:45 greenblatt sshd[24232]: input_userauth_request: invalid user  [preauth]
Jul 13 09:29:59 greenblatt sshd[24232]: Disconnecting: Change of username or service not allowed: (,ssh-connection) -> (admin,ssh-connection) [preauth]

I have seen user '' (empty) before, but a change of username is new to me. Searching finds very little information, only one mention: Which ssh exploit works by changing the user name in the middle of the process? - Information Security stack exchange where the assumption was that this was some kind of attack.

This week there was a sudden 'buzz' about a new digital mode for amateur radio from Joe Taylor, K1JT. It's like JT65, with a very minimal exchange (callsign, locator, signal report) but with a lot faster timing: each turn is 15 seconds and from what I can see somewhat more than 13 seconds transmitting. I made the first few contacts today after downloading wsjtx from WSJTX-Development : Greg Beam as Ubuntu package.

They are now in my log, but uploading to eQSL / Logbook of The World is not possible yet as 'FT8' is not seen as a valid mode yet. The solution for LoTW seems to be to change to 'DATA' but this solution does not work for eQSL. I'll have to upload those contacts later when the mode is recognized.

First contact was with IZ8GNR and I also had contacts with club members PA2RG and PD3RFR.

With JT65/JT9 I sometimes get distracted waiting 50 seconds before it's my turn to react again, with FT8 it's more high-speed work (somewhat less than 2 seconds to react to a CQ or an answer). WSJT-X now has an auto-sequence feature which will step through the exchange automatically.

Just happening:

Err http://mirrordirector.raspbian.org/raspbian/ jessie/main libgcrypt20 armhf 1.6.3-2+deb8u4
  Cannot initiate the connection to raspbian.42.fr:80 (163.172.250.246). - connect (101: Network is unreachable) [IP: 163.172.250.246 80]

It seems mirrordirector.raspbian.org redirects to IPv4-only sites even when the client connects via IPv6. My Raspberry Pi systems have IPv4 disabled. It's a known problem in Bug #1595563 “Native IPv6 client redirected to IPv4-only mirror” : Bugs : Raspbian where people seem to rather ignore the problem. I could reverse the statement there to "a service that can only be accessed by v4 nodes cannot be reasonablly considered to be available on the internet." but I guess that's "different".

My activity in radio contesting has been in digital mode contests, with one exception in a mixed-mode contest where I also made some voice contacts: the ARI International DX Contest in 2016.

But this weekend I seriously entered the IARU HF Championship in 'phone' (speech) mode. I made 59 contacts, 50 on the 20 meter band and 9 on the 40 meter band. I managed to work a lot of the HQ stations I heard active for the various national radio clubs. I heard no serious DX, but the local noise at home is prohibitive for voice contacts anyway. My personal reason for entering this contest was reading about its role in the world radio team championship in the book Contact Sport: A Story of Champions, Airwaves, and a One-Day Race around the World by J.K. George.

I used yfktest for the contest logging and found the biggest fixed font I can use which makes the 25*80 xterm almost fill the entire screen. See the screenshot.

Claimed results according to yfktest:

Band    QSO    Qpts   Dupes   Mult1   Mult2
-------------------------------------------
  20     50     112       0      23       0
  40      9      13       0       8       0
-------------------------------------------
 ALL     58     124       1      31       0
===========================================
 Total Score: 3,875

The last week I had a problem with the FT-857 radio rebooting when I started transmitting in digital radio modes (PSK31 or JT65). The reboot showed as the radio giving the standard beep and the display and backlight switching off and on. Searching for clues suggested that some form of radio frequency interference would probably be the source.

So I wondered what I changed recently around the radio and remembered I changed something in the power distribution to have connectors available for powering my SARK100 antenna analyzer with a 12 volt battery.

Reseating all those power connectors and fixing some wires seems to have stopped the problem.