Koos picture small

Koos van den Hout

Koos van den Hout - Latest news, thoughts, rants, projects and other things to write about.
2019-10-20 Restored the webcam site and archives 14 hours ago
I was looking at the overview of most requested but not available URLs and noticed there is still traffic to http://webcam.idefix.net/.

So I dug up the archived images and scripts, cleaned them up and made them available again. There are no fresh images, just the aged archives.

Currently I have no access to a decent location for a webcam. Should that ever change I may rethink this.

Tags: , , ,
2019-10-17 Tested incremental DNSSEC signing 3 days ago
I noticed some really unused records in one zone which is now DNSSEC signed. For example I still had gplus.idefix.net to point at my Google+ page.

So I removed them and did the signing after increasing the serial number. Indeed the records that had no update kept their original signature and the records that where changed (such as the SOA because of the serial number) were signed with new signatures.

Tags: , ,
2019-10-16 The signatures for the first DNSSEC signed zone expired, and I signed the rest 4 days ago
Today I was reminded of the first zone I signed with DNSSEC and did the check again with DNSViz. And I saw a lot of error messages. Some searching found that I let all the signatures expire (after the default time of 30 days).

Solution: re-sign the zone and have a careful look at when I need to sign the zones again. Officially just in time for expiry time of the signature (default 30 days) minus TTL of the record.

Obviously this process has to be automated. In the first go I decided to force new signatures after 21 days. But I tested some things later and decided to go for more regular checks of the ages of the signatures and refresh the signatures that are about to expire. This is usually reserved for 'big' zones with lots of resolvers querying them but I decided to implement this myself to avoid problems, and learn more about DNSSEC.

The magic signing command is now:
-zone-signedserial:
    named-checkzone $* $^
    ./SOA.pl $^
    dnssec-signzone -S -K /etc/bind/keys -g -a -r /dev/random -D -S -e +2592000 -i 604800 -j 86400 -o $* $^
    rndc reload $*
    touch $@
The expiry is set with -e at 30 days, the checkinterval with -i at 7 days and the jitter factor with -j at 1 day.

Now there is a special part in the Makefile to be called from cron on a regular basis. It won't produce any output when there is nothing to update.
agecheck:
    @for zone in $(SIGNEDZONES); do if [ `find $${zone}-signedserial -mtime +7 -print` ]; then touch $${zone}-zone ; $(MAKE) --no-print-directory $${zone}-signedserial; fi ;done
The Make variable SIGNEDZONES is filled with the zonenames of the zones that have to be kept DNSSEC signed. File structure for each forward zone is as listed in first zone with valid DNSSEC signatures.

So now almost all my domains are DNSSEC signed. A learning experience and a good level of security.

Tags: , , ,
2019-10-14 Sharing some of my CQRLOG scripts 6 days ago
Since January 2015 I've been using CQRLOG as the main amateur radio logging program. So each contact that I make ends up in the databases of this program eventually.

Being the person I am I added some scripts of my own to export data from CQRLOG to the PE4KH amateur radio station website in several formats.

I've made a few of these scripts available for the public via KHoos/CQRLOG-scripts: A collection of scripts around the CQRLOG amateur radio logging software on github. I've set the license to GPLv2, but I may have to change this as one script contains a lot of imported code.

Anyway, share and enjoy. Maybe these are of use to someone. Or someone adds the enhancements I've been thinking about but never got around to.


Tags: ,
2019-10-11 Slow(ish) syn floods probably targetting Maltese Casino websites 1 week ago
Cybercriminal While looking at some network issues at home I noticed some weird traffic coming in from the outside: forged SYN traffic. Fast enough to trigger my iptables rules to stop being part of tcp syn attacks so all traffic gets dropped. Searching for a bit finds Hell of a Handshake: Abusing TCP forReflective Amplification DDoS Attacks - usenix which discusses this kind of attack.

At the moment it's about 1 or 2 packets per second. The traffic itself isn't notable on my connection and even without the firewall rules it still wouldn't impact my system. But do this with a lot of systems on the Internet running some tcp service and quite some traffic will go to the targeted IP address.

I guess someone doesn't like some Maltese Casino website. I don't like casino websites either because they promote addictive behaviour but I'm not about to use a DDoS.

Tags: ,
2019-10-06 A new HF radio, with plans for remote operation 2 weeks ago
The last years I've been dealing with increasing levels of interference on the HF bands at home. One clear source is the rising numbers of solar panel installations, with a clear difference between hiring the cheapest installer versus hiring a good installer but paying more.

I don't want to start discussions with all neighbours about their solar installation and the latest news seems to be that the Dutch telecoms regulator takes the stance of solar panels being needed for our economy so radio amateurs have to accept the interference.

Moving house is not in our plans for the coming years so I started reading about the options for remote operations, where I can sit at home with the microphone and morse key looking at the display of the radio and hearing the audio while the receiving/sending part is at a remote site with a lot less interference.

I found out about RemoteRig which does just that, and with the right choice of radio allows complete remote operation over the Internet. With their offering I started looking at compatible HF radios and found a nice secondhand Kenwood TS480SAT. This radio has better filtering options for SSB and morse than my Yaesu FT-857D.

The radio is now at home and I made the first few SSB contacts with it. The filtering already helped me understand stations better.

Now for the next steps, cables, remoterig units and other things. And a remote location. I have an offer from a fellow radio amateur to do the first tests at his house. When all that works out I'll go and find a nearby location to do the complete installation.

Tags: , ,
2019-09-27 SSH user names are not very creative 3 weeks ago
A search for the top 10 tried usernames for ssh gives a nice list:
     52 admin
     23 pi
     19 test
      7 oracle
      6 support
      6 nagios
      5 user
      5 ubnt
      4 ftpuser
      3 virtualbookcase

Tags: ,
2019-09-22 First morse contact, trying FT4 for the first time and participating in the BARTG Sprint75 contest 4 weeks ago
This weekend is the BARTG Sprint75 RTTY contest. I set up my endfed antenna on Friday evening. On Friday I listened around the band for any morse special event stations and found LZ304EW active. The station was calling with a morse speed of about 21 words per minute and I answered my callsign with 12 words per minute. And no, I can't decode morse at 21 words per minute, I used the computer (fldigi) to help me decode the morse and the nanoKeyer to help me send my callsign and the 5nn TU 73 to finish the 'contact'. I felt secure enough in hearing my own callsign in morse to be able to do this.

Most of Saturday I made a number of FT8 contacts all over Europe. Nothing really exciting, just trying to get a number of new calls in the log. I think I saw some new gridsquares.

The planned amateur radio activity was the British Amateur Radio Teledata Group Sprint75 contest on Sunday evening (17:00 utc to 20:59 utc which is 19:00 - 22:59 local time). I set up the radio Sunday afternoon and listened on 14.080 MHz, which is the default frequency for RTTY on the 20 meter band for as far as I know. I saw different signals, which turned out to be FT4 signals, the relatively new mode in WSJT-X. It's been around for a while, I just never got around to playing with it.

So I started WSJT-X and tried FT4. I made three contacts, one with an amateur in England, one with 4S6NCH in Sri Lanka which is a new country for me, and one with an amateur in India, which was a new 20 meter country for me. Not bad for trying a mode for the first time.

After dinner it was time for the contest and that was a misery. I made 17 contacts in total, 4 on the 20 meter band and 13 on the 40 meter band. Propagation was not cooperating at all, mostly just giving noise and sometimes signals faded in and I had to work hard to get a contact.

Update: The bartg sprint75 rtty contest was a weekend earlier! Only when I tried to submit my results and the website told me all my contacts were outside of the contest timeframe I noticed my error. I guess some more radio amateurs had the wrong date as I have seen 'CQ BART SPRINT75' calls. And 75 baud RTTY mode is also rare. I notified the BARTG contest manageress to let her know. Not to complain since it was my error, but to make her aware of the problem.

Tags: , ,

News archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019

The person

Father, cat owned/owner, Linux fan, Internet user, book reader, radio amateur, recumbent bicyclist, snowboarder, ipv6 fan. For those who don't speak Dutch: how to pronounce Koos van den Hout.

The job

Specialist information security at Utrecht University with a modern Profile page.
 

Search idefix.net

Custom Search

Visitor using IPv4

Your IPv4 address is 18.210.22.132 in United States

Other webprojects I work on

Contact

Use the e-mail address in the address box and use PGP private secure e-mail when possible.

Pages on specific projects

Loads more pages


Koos van den Hout, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
This page is best viewed with any browser in any resolution. Some browsers will wait with rendering most of the page until allmost all HTML is loaded. RSS
Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
This page generated by $Id: index.cgi,v 1.113 2019/10/20 15:42:02 koos Exp $ in 0.016837 seconds.