Koos picture small

Koos van den Hout

Koos van den Hout - Latest news, thoughts, rants, projects and other things to write about.
2019-12-09 Niet alle passwords kunnen uit een password manager komen 12 hours ago
Met alle tips voor het maken van veilige wachtwoorden en die alleen beschikbaar hebben vanuit een wachtwoordmanager loop ik nu tegen websites aan die vragen om een wachtwoord maar vervolgens moet je dat wachtwoord ineens op een fysiek andere plek dan achter je eigen computer intikken.

De eerste keer dat ons dat overkwam was bij een camping van staatsbosbeheer op Ameland. We hadden ons via de website ingeschreven en bij het aanmelden op de camping zelf bleek er een aanmeldscherm te zijn waar je met e-mail adres en wachtwoord moest inloggen. Maar we gebruiken voor dat soort websites altijd gegenereerde wachtwoorden die we niet weten. Met veel zoeken naar de hoek van de camping met een beetje mobiele data dekking konden we bij onze wachtwoordkluis en konden we het wachtwoord opzoeken. Want het aanmeldscherm is omdat de beheerder van de camping er ook maar een uur per dag is.

De tweede keer was bij de bibliotheek in Utrecht. Als je daar in de bibliotheek zelf een reservering wilt maken moet je ook inloggen op een computer met gebruikersnaam en wachtwoord. En ook daar konden we het niet snel opzoeken.

Tags: ,
2019-12-08 Out of IPv4 addresses, way past time to start using IPv6 1 day ago
Based on the fact that RIPE has really run out of IPv4 addresses it is way overdue to start using IPv6.

To help that I wanted to have a way to show visitors to my site whether they can use the new protocol. The current box on the righthandside is based on the connection with the webserver and most browsers prefer the fastest connection to just give the user the best experience. The so-called 'happy eyeballs'.

But I want to show visitors whether their browser/system/network supports the new Internet protocol. So I'm looking into ways to check for IP versions with Javascript. Ages ago their was a test (mainly to test for systems with broken IPv6 connectivity) but that one is gone and not completely what I want.

So I asked around and Iljitsch van Beijnum responded with his version of the IP version test.

So my current version is at ipv6test.idefix.net. Plan is to add an option to have true/false values in javascript available and make updates to parts of the page using that.

I could imagine turning a page black-and-white if you only have 'old' Internet protocols. I just have to learn a lot more javascript to do that.

Tags: ,
2019-12-06 Received ISS SSTV again 3 days ago
This week had an opportunity to receive ISS SSTV pictures. The Russian on the ISS were transmitting SSTV images as part of the Inter-MAI-75 project. ISS SSTV image ISS SSTV image ISS SSTV image

The pass had a partial first image, a nice decode of one full image and the start of a third image. Even the good receives are a bit noisy/unsharp, I'm not sure whether that's an artifact of the PD120 mode or some local noise ending up in the image.

This is one of the rare occasions where living close to Russia is a good thing: the Russians time the passes to optimize reception in Russia.

Tags: , ,
2019-12-02 Remembering the IBM PC RT.. and its powerusage 1 week ago
For a number of years between 1993 and 1997 I not only had a BBS running at home but also an IBM RT 6150 computer. It was a bigtower I got for free including the system floppy disks. I had to reinstall it because I had no idea of the root password and the only contact at the previous owners wasn't willing to give it up. So I swapped 1.2 megabyte 5.25 inch floppies for a while until I had a complete running system with AIX complete with graphical environment and a working TCP/IP stack.

The IBM RT 6150 I had came with 3 builtin harddisks (full-height). For as far as I remember those were 70 megabyte each. Eventually I had enough AIX installed to also have a working compiler.

One downside of this system was the powerusage. It used quite a lot of electricity.

The rest of BBS Koos z'n Doos also used a lot of power. When I moved out of my parents' house in a December month the effect on the electricity bill was remarkable. Next December my parents got a call about what changed because the electricity bill had halved. And I did put 'computers' on the form for the new electricity contract but that same december I received a bill because the electricity for that house was double what the electricity company expected.

Tags: , ,
2019-12-01 Better audio for learning morse 1 week ago
I installed xcwcp from the unixcw packages on a different system and noticed it did not use PulseAudio. It said it could not find PulseAudio and skipped to ALSA. The downside of ALSA in xcwcp is that it pushes audio 10 characters ahead, with PulseAudio the buffer is smaller.

Some searching using strace found that xcwcp tries to open libpulse-simple.so which wasn't found on that system. It is available on my laptop, as part of:
$ dpkg -S /usr/lib/x86_64-linux-gnu/libpulse-simple.so
libpulse-dev:amd64: /usr/lib/x86_64-linux-gnu/libpulse-simple.so
while the files linked to a part of the runtime package:
$ dpkg -S /usr/lib/x86_64-linux-gnu/libpulse-simple.so.0
libpulse0:amd64: /usr/lib/x86_64-linux-gnu/libpulse-simple.so.0
$ dpkg -S /usr/lib/x86_64-linux-gnu/libpulse-simple.so.0.1.1
libpulse0:amd64: /usr/lib/x86_64-linux-gnu/libpulse-simple.so.0.1.1
But I don't have package libpulse-dev on that other system.

Solution: make the symlink by hand in /usr/lib/x86_64-linux-gnu with:
user@system:/usr/lib/x86_64-linux-gnu$ sudo ln -sf libpulse-simple.so.0 libpulse-simple.so
And I reported it as a bug for ubuntu: Bug #1854630: xcwcp doesn't use pulseaudio but given the list of bugs in Ubuntu I reported or commented on before with a lot of 'undecided' and not a lot of progress I'm not sure anything will happen.

Back to practising morse after this diversion!

Tags: , ,
2019-11-24 Morse with the Kenwood TS-480 and remoterig 2 weeks ago
The next thing I want to get working is morse with the remoterig and the Kenwood TS-480. The good thing is that the remoterig has a built-in morse keyer to overcome jitter problems.

And that keyer has the option to make a winkeyer usb interface available. I did some minor testing with the winkeydaemon driver together with the paddle and it works. So I can use both the keyer from the computer and the paddle at the same time, just like with the nanokeyer and the FT-857 radio.

There is one strange thing though: this keyer responds somewhat different from the nanokeyer when I do a fast dah-dit. I expect the dit to follow after the dah even when I already stopped touching the left paddle (dit) before the dah ends.

Tags: ,
2019-11-23 PC control of the TS-480 radio working again, including for remoterig 2 weeks ago
I dug into the "why isn't remote CAT control not working" on the Kenwood TS-480SAT with the remoterig setup and as the debugging session progressed I found out it wasn't even working locally. The Kenwood TS-480 radios have a male db9 connector just like the PC had, and the non-intuitive part is that it needs a straight-through cable with data lines and hardware flow control.

I had a bunch of serial cables and adapters cobbled together to get from DB9 female to DB9 female with wires 2 and 3 coming out uncrossed, but it did not have hardware flow control and that had worked one evening before but now it decided to go on strike.

Thanks to the visit to the "Dag van de radio amateur" (DvdRA) ham convention and the extra parts ordered on-line from Conrad I had enough parts to make my own serial cable with the right wiring, including covers for the connectors with the cable coming out on the side.

So my skills in building right serial cables using a soldering iron, flexible wire and an amount of patience were recalled. I am very sure I haven't done that yet this century. Old CAT-5E cables are a good source of flexible cable with 8 wires.

When I had a finished cable with hardware flow control I first did a local test before I started putting the covers on the connectors and when that did work fine I put the covers on, redid the test and switched to testing over the remoterig connection. That also worked.

Update: And for the laptop which doesn't have serial ports I activated the COM port to USB translation on the control side. It took a bit of searching before I found that /dev/ttyACM0 was the active port, so now I can run CQRLOG on the laptop with full control of the radio.

Tags: , ,
2019-11-22 Finished the remoterig setup and made the first contact 2 weeks ago
I finished the setup of the remoterig system. The second part is with lots of wires, first setting jumper wires in the radio box and the control box and after that connecting lots of wires to radio, frontpanel, microphone and other parts.

It took a bit of browsing the manual, checking my jumper wires under good light and redoing the checks but eventually it got all connected.

After that it was setting the software parameters for the specific radio and the connection to the control panel. And the next step: pressing the power button on the frontpanel on the control box and seeing it become active and hearing audio from the radio.

So it's now working. The bit that doesn't work yet is CAT control of the radio (Computer Assisted Tuning, where I can read the status and give commands over the serial port). The forwarding of the CAT port to a USB serial port on the other side did not give me any communication on the connected computer. I'm sure I'll get that fixed.

Next step was to spin the dial and find someone searching for a contact. Not a lot of activity on the 40 meter band, but I heard a greek station calling, answered it and got into the log.
Read the rest of Finished the remoterig setup and made the first contact

Tags: ,
2019-11-22 Spam vanaf dailyboxoffice.co 2 weeks ago
Aardige hoeveelheden spam vanaf dailyboxoffice.co. In het Nederlands. Voor een adres wat ik niet publiek gebruik, dus er is weer eens een hele oude spamlist of zo opgegraven.

Wat me opvalt is dat er niets over te vinden is, dus begin ik er zelf maar eens over.

Tags: ,
2019-11-21 First setup of the remoterig interfaces 2 weeks ago
The remoterig set I ordered arrived.

At first I found the box somewhat empty: no manuals. But the entire manual can be found on-line: User manuals - RemoteRig. The manual is about 200 pages so printing it would be a bad idea. The remoterig site is somewhat slow so I downloaded the PDF manual to my computer.

Most of the setup is done via a webinterface, but the initial network setup needs either the right IP addresses hardcoded or a USB connection and the Microbit setup software which is only available for Windows. I did try to see whether one of the four com-ports via USB that showed up would allow me to do a minimal setup via a terminal program but that wasn't true. So I booted Windows to change the units to DHCP. For the radio-side I made an address allocation in the DHCP server, for the client side it is fine to have any usable address.

And for my next minor issue: they only use IPv4. So my inner linux and networking geek is a bit dissapointed, but my inner radio geek will do just fine.

After that bit I went back to Linux, the rest of the software setup is via a webbrowser. For the hardware setup, which is how it connects to the radio (which pin has audio, which pin has power) it needs a number of internal jumpers and jumper wires connected.

Tags: , , ,
2019-11-17 Pointing the Arrow antenna at SO-50 again 3 weeks ago
HF propagation has been really bad the last weeks. At least on the moments I had time to look at the radio. The maximum usable frequency was dropping below 14 MHz as soon as it started getting dark. This means that I can only make contacts on the lowest band (40 meters) with the endfed antenna set up outside and the experience from earlier weekends was that it was still a lot of work to get contacts on FT8.

So this weekend I did some 2 meter FT8 and made contacts with some new call signs. I was lucky: the 2 meter interference stopped after dark. My computer decoded one Danish callsign but I wasn't near it at that moment.

And I tried a pass of the SO-50 satellite. A pure southwest-northeast pas was coming up at the start of the evening, so I planned to be outside in the cold with antenna and handheld radio. I was hoping to get some country to the south of me in the log, but I ended up with a southeasterly contact: Croatia. I heard 9A2EY in a contact so I called him and made the contact.

Tags: , ,
2019-11-16 Getting distracted by weird noises and listening to data from car tires 3 weeks ago
I was tuning across the 70cm amateur band and heard lots of weird noises around 433.92 MHz. Which is logical: that's the ISM band (industrial, scientific and medical) so lots of unlicensed low-power signals there.

That triggered me to update rtl_433 and see what I could receive. The answer after some searching how to build a running version: a lot. Including tire pressure monitoring sensors (TPMS) on a nearby car:

time      : 2019-11-16 15:33:25
model     : Toyota       type      : TPMS          id        : fb8c8bf9
status    : 128          pressure_PSI: 38.500      temperature_C: 6.000
mic       : CRC
There is indeed a Toyota parked across the street. I see three different values for 'id' suggesting that three wheels are 'awake' and reporting tire pressure data about every two minutes. According to eavesdropping the wheels, a close look at TPMS signals the sensors should only activate when the car is going faster than 40 km/h or when a special LF signal is active.
Read the rest of Getting distracted by weird noises and listening to data from car tires

Tags: , ,
2019-11-15 Suricata IDS showing amusing results 3 weeks ago
Some things noticed by Suricata IDS are amusing to me. When looking at lines like:
11/15/2019-13:14:35.001691  [**] [1:2402000:5363] ET DROP Dshield Block Listed Source group 1 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:46843 -> 82.95.196.202:41505
11/15/2019-13:15:06.794357  [**] [1:2402000:5363] ET DROP Dshield Block Listed Source group 1 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.102:42131 -> 82.95.196.202:8703
11/15/2019-13:15:06.794357  [**] [1:2403384:53195] ET CINS Active Threat Intelligence Poor Reputation IP group 85 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.102:42131 -> 82.95.196.202:8703
11/15/2019-13:15:20.065796  [**] [1:2403393:53195] ET CINS Active Threat Intelligence Poor Reputation IP group 94 [**] [Classification: Misc Attack] [Priority: 2] {UDP} 93.174.95.106:27221 -> 82.95.196.202:7
11/15/2019-13:15:32.845110  [**] [1:2402000:5363] ET DROP Dshield Block Listed Source group 1 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:44503 -> 82.95.196.202:43935
11/15/2019-13:16:23.399397  [**] [1:2402000:5363] ET DROP Dshield Block Listed Source group 1 [**] [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:58989 -> 82.95.196.202:53166
All 'Dshield Block Listed' and 'Poor Reputation IP' traffic is port scans to ports that are blocked. So it's not a surprise those IPs have a poor reputation or a Dshield listing.

Tags: ,
2019-11-13 Trying Suricata intrusion detection system (IDS) 3 weeks ago
After hearing about intrusion detection systems a few times I decided to give one a try at home. Although a lot of attacks are blocked I sometimes see weird attacks and it would be nice to have a better idea of what exactly the attack was.

Yes, I have weird interests sometimes. I'm glad I have an ISP (xs4all) where I can select the option 'give me the completely unfiltered Internet connection' so I even see SMB protocol attempts.

I first tried 'snort' but that doesn't deal with PPP interfaces by default. It can be recompiled to accept those but I did not want that. The next option I heard about is 'Suricata' which is running at the moment.

I was amused by the reports of DDoS-like NTP traffic. Those are caused by the NTP statistics gathering. I know NTP can be abused for generating DDoS traffic but all security reports about NTP servers I manage have been false positives.

Anyway it's running and complaining a lot about the traffic it sees. For example the IPv6 port scan/network mapping attempts I noticed two months ago are still active.
11/13/2019-15:06:59.703451  [**] [1:2002911:6] ET SCAN Potential VNC Scan 5900-5920 [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 240e:00f7:4f01:000c:0000:0000:0000:0003:6050 -> 2001:0980:14ca:0001:020d:56ff:fece:ffe1:5901
11/13/2019-15:08:39.645780  [**] [1:2002911:6] ET SCAN Potential VNC Scan 5900-5920 [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 240e:00f7:4f01:000c:0000:0000:0000:0003:5167 -> 2001:0980:14ca:0001:020d:56ff:fece:ffe6:5901

Tags: , ,
2019-11-13 More investment in remote HF operation 3 weeks ago
So the order for the remoterig duo to work on my remote HF operation plans is out the door. I ordered them with HamShop to get Dutch warranty rules.

I also ordered some other stuff from Conrad to be able to get everything cabled correctly. I may have missed something but I hope to have enough to get going and be able to have frontpanel and main radio hardware separated by Internet.

Tags: , ,

News archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019

The person

Father, cat owned/owner, Linux fan, Internet user, book reader, radio amateur, recumbent bicyclist, snowboarder, ipv6 fan. For those who don't speak Dutch: how to pronounce Koos van den Hout.

The job

Specialist information security at Utrecht University with a modern Profile page.
 

Search idefix.net

Custom Search

Visitor using IPv4

Your IPv4 address is 3.214.184.124 in United States

Other webprojects I work on

Contact

Use the e-mail address in the address box and use PGP private secure e-mail when possible.

Pages on specific projects

Loads more pages


Koos van den Hout, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
This page is best viewed with any browser in any resolution. Some browsers will wait with rendering most of the page until allmost all HTML is loaded. RSS
Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
This page generated by $Id: index.cgi,v 1.115 2019/10/22 16:24:52 koos Exp $ in 0.025712 seconds.