Koos van den Hout
Koos van den Hout - Latest news, thoughts, rants, projects and other things to write about.
2023-05-29 I participated in the CQ WPX CW Contest
Last weekend was the CQ World Wide WPX Contest CW organized by CQ Amateur Radio magazine. The term 'WPX' stands for 'Worked All Prefixes'. The objective of this contest is to get contacts and exchange information with as many different other radio amateurs using morse code. Points are awarded for each contact, based on which amateur band and whether they are in the same or different continents. Multipliers are calculated from the number of different prefixes contacted. The prefix of my callsign PE4KH is PE4. The score in this contest is calculated from the points per contact multiplied by the number of unique prefixes. This makes a station with a rare prefix popular so radio amateurs get special calls or go to special places to be that rare prefix. This is also one of the big contests with a lot of participation from all around the world. In the days before the contest there were already a number of stations set up in special places busy on the air making contacts, testing their equipment and their setup to get the maximum score in the contest. This testing in the days before the contest already allowed me to get a number of new countries in morse in my log: Azerbaijan, Antigua, Argentina, Madagascar and Hong Kong. In the contest I made 171 contacts: 33 on the 10 meter band and 138 on the 20 meter band. With 215 qso points, 138 multiplier my claimed score is 29670 points at the moment. I had fun in the contest and all the practice with callsigns and serial numbers in morse has helped! During the contest I added Australia, Qatar and Kaliningrad as new countries in morse in the log. I have now had morse contacts with 101 countries in the world, and now I'm waiting for confirmations via Logbook Of the World.
UpdateI received a very fast confirmation for Australia already from VJ3A Steve. That was a 16490 kilometer contact with morse!
ThoughtsIn preparing for this contest I considered adding an antenna to get access to the 15 meter band. Now looking back I think I might get different contacts (more countries maybe) on 15 meters, but it would not have added a lot of contacts.
2023-05-21 I participated in the King of Spain CW Contest
This weekend was the His Majesty The King of Spain CW Contest and I participated. There wasn't a lot of time due to other things in the weekend, I was making contacts in the contest for less than four hours on Saturday evening and less than two hours Sunday. I made 77 contacts, 7 on the 10 meter band, 55 on the 20 meter band and 15 on the 40 meter band. Propagation wasn't cooperating very well although there were some interesting openings. One opening on the 10 meter band resulted in a contact with Nepal on the 10 meter band, a completely new country in amateur radio for me.
UpdateAnd the contact with 9N7AA Robert in Nepal is already confirmed! Thank you!
Update 2023-05-26I had a contact with HZ1TT Ali in this contest and that contact is now confirmed, adding country number 85 to the list of confirmed countries in Morse.
2023-05-16 Maybe YouTube isn't completely on to me...
I sometimes think YouTube is quite good at suggesting new videos to me with interesting subjects. For a while I've been seeing Tom Scott videos and Connections Museum videos. But only today YouTube suggested to me this video, Tom Scott at the Connections Museum! So maybe YouTube isn't completely on to me. Of course with Sarah from the Connections Museum explaining things.
2023-05-15 Maybe I should get asterisk going again, to play with old phone exchanges
There is a museum in Seattle called the Connections Museum and it is on my "If I ever visit that part of the world" list. The reason I found it because one of the volunteers likes to make videos for youtube about the equipment in the museum and the youtube suggestions are on to me. with an interest in phone phreaking in my history this is a very interesting channel. They recently had a video on how blue boxing *actually* worked, including a demonstration of how the switch actually responds to the blue box tones. This made me go "oh now I get it" for details on blue boxing. In the latest youtube video is an explanation that they run asterisk as one way of connecting all their historic phone exchanges. The historic phone exchanges are also connected using direct interconnects. Video announced in In case you haven't seen the latest bit of ridiculous hacking ;) - Connections Museum on Twitter. Video at Is this the world's oldest Linux peripheral? - Connections Museum If I understand the remark about asterisk and Collectors' Net / Phreak Net correctly it should be possible to dial into the old exchanges at the museum from either of those networks. From 2008 to 2013 I played for a while on the Collectors' Net to test my asterisk experiments but when I got less interested and reduced my phone setup at home to a simple voip base again I stopped being a member of Collectors' Net. Maybe I should get back on one of those networks and get something going again! It would be awesome to have an option to dial into the old hardware at the Connections Museum and actually end up in a phone switch from 1923 using a VoIP phone on my side. Or dig up a pulse-dial capable ATA and dial in using the original T65 rotary phone.
2023-05-12 A good evening for morse contacts
Yesterday evening I turned on the radio and looked for some interesting morse contacts. With some help from the Reverse Beacon Network I searched for interesting stations. I had contacts with a few special event stations. There are extra special event stations active from the United Kingdom to celebrate the coronation. And two new countries in morse for me. One was Saudi Arabia where HZ1TT Ali was calling and I managed to get through this time. I've tried contacting him in morse but failed earlier. The other one was DL5CW Andreas active as MJ/DL5CW from the island of Jersey, and Jersey counts as a separate DXCC entity. I also had a short chat in morse with a station in Ukraine. This was much more of a personal contact than the short contacts with special event stations or rare countries.Read the rest of A good evening for morse contacts
2023-05-10 Repetitive SSH attempts are still on
I noticed in 2016 that putting services like ssh on a different port does not change much in the attacks and the last few days I noticed this is true as ever. I use fail2ban for sshd and other services that are prone to brute-force attempts. I've been using influxdb and grafana to visualize measurements and I use telegraf to gather a lot of system data. I recently enabled gathering fail2ban statistics and it's interesting to see the numbers of blocked addresses is very similar for the sshd on port 22 and the sshd on port 2022. It's not exactly the same number and interestingly not the same attackers but the numbers are within 5%. And yes the numbers are high enough to make the output of fail2ban-client status sshd several screenfulls of IP addresses.
2023-05-07 New entity in the log: San Andres & Providencia island
I saw a DX Cluster spot today for a country/entity I hadn't had a contact with before, or not even heard of at all: Archipelago of San Andrés, Providencia and Santa Catalina which consists of two island groups in the Carribean and it's a part of the country of Columbia. But a separate entity in amateur radio terms. This is again a bit of geography I was never told during my education, but amateur radio has a lot of these geographical surprises. Brazilian radio amateur PY8WW Renato is active there this weekend and as the qrz page shows he likes going on DXpeditions. This brings the number of entities in amateur radio I have had contacts with up to 170, half of the current total of 340. I can probably add that I'm now starting with the difficult half!Read the rest of New entity in the log: San Andres & Providencia island
2023-05-01 I was banned from discord... for creating an account
For a lot of things discord seems to be the place to interact with people. I didn't want to create an account there for a long time because I didn't want to interact with yet another service. But for certain subjects it is the place to be. One such subject is the hack the box CTFs, the post-deadline discussion where all the write-ups are shared is mostly on discord. So in May 2022 I finally created an account, wanting to view the discussion. Directly discord wanted a phone number to finish logging in. I decided I didn't like that so I left it at that. In the beginning of April I saw that part of the discussion about the proxmark (NFC security tool) is in discord. So I decided to give in and finish the login procedure. So on 6 april 2023 I added a phone number, received the SMS and entered the received code. Right after that I was logged out with the message 'Your account has been disabled'. I also received an e-mail about this block, with very general reasons why the account was disabled. Nothing specific, just 'we block accounts due to spam and/or abuse'. So I requested more information on why the account was blocked, received a ticket number in autoreply and that was it. Three weeks later still no answer, even after a friendly reminder. I have no idea what is wrong, discord does not communicate and I am left thinking this is a very unreliable service if they can block for no verifyable reason without explanation. I could try to create a new account, but from what I can find discord stores IP addresses and phonenumbers of blocked accounts and blocks those on the next account creation, so that's no use.
Update 2023-05-06Finally an "answer" from discord. Which says they can't find the account associated with my e-mail address and I should only communicate about accounts from the e-mail address associated with the account. With a standard text about anonymizing accounts that are banned after 14-30 days. Which suggests that the anonymizing includes forgetting the e-mail address because it says:if your account was disabled for a violation of our Terms of Service and Community Guidelines, we'd have no record of that account existing.So this "we can't find the account" is caused by their own slowness in responding, the response is 30 days after the block. To the day. But they probably keep other data such as phone numbers or IP addresses (see above) so I don't think it is worth the effort to restart the whole circus. This is probably not completely GDPR compliant.
2023-04-30 I participated in the UK/EI DX Contest CW
I was looking for an opportunity for morse contacts and saw the UK/EI DX Contest CW 2023 in the calender for this weekend. So I participated, with some last minute additions to my contest logger. My original idea for this contest was that this would make stations from all parts of the United Kingdom active in Morse, including entities I still want to get in the log. From the parts of the UK I don't have Guernsey and Jersey in morse and I'd like to get Northern Ireland confirmed. That plan did not work out, from the UK I only heard stations from England and Schotland. Checking the Reverse Beacon Network confirmed this, very little activity from those parts of the UK. I made 68 contacts total, 48 on the 20 meter band and 20 on the 40 meter band. What did work out is that all the practising I did in morse at contest speeds seems to help, I had less trouble decoding callsigns and serial numbers. I regularly practise contest morse with the Contest trainer by Hanz YL3JD.Read the rest of I participated in the UK/EI DX Contest CW
2023-04-28 Fixing settings/drivers for Digitus Gigabit Ethernet adapter USB-C
I recently bought a Digitus Gigabit Ethernet adapter USB-C, mainly because my work laptop has no wired ethernet connection which I really want sometimes. As I don't like having Windows-only hardware I did check before ordering that it can also be used with Linux. It contains a Realtek r8152 chip so I searched and found Fixing performance issues with Realtek RTL8156B 2.5GbE USB dongle in Ubuntu - CNX Software which mentions that loading the listed udev rules makes Linux select the right driver and improves performance. And indeed the 'wrong' driver was chosen initially. I fetched r8152/50-usb-realtek-net.rules at master · bb-qq/r8152 · GitHub like:root@moore:~# cd /etc/udev/rules.d/ root@moore:/etc/udev/rules.d# wget https://raw.githubusercontent.com/bb-qq/r8152/master/50-usb-realtek-net.rules root@moore:/etc/udev/rules.d# cd root@moore:~# udevadm control --reload-rules root@moore:~# udevadm triggerAnd now things are as I wish, the right driver is loaded:Device-3: Realtek USB 10/100/1G/2.5G LAN type: USB driver: r8152 IF: enx3c49deadbeef state: down mac: 3c:49:de:ad:be:ef
2023-04-21 Using the network switch in the shed as remote powerswitch
One of the wishes we have for the home network is good wifi coverage in the back garden so we can sit outside on nice days to work without running UTP cables. The access-point in the central place in the house doesn't cover the back garden. Ideally I would also like a separate 'guest' wireless network at home. These wishes was taken into consideration when upgrading the fiber to the shed network with a Netgear GS310TP switch. This switch has Power over Ethernet (PoE) support so it can power an acccess-point. The next step was to find an access-point supporting VLANs and multiple SSIDs. Recently I borrowed a Mikrotik Wap.AC to test the options. It took me a bit to get used to the RouterOS userinterface but I managed to get it all working in an ideal configuration: Management via one VLAN, a 2.4 GHz wireless network bridged to the trusted wireless network, a 2.4 GHz wireless network bridged to the guest wireless, a 5 GHz wireless network bridged to the trusted wireless network and a 5 GHz wireless network bridged to the guest wireless. The final test was with the Mikrotik Wap.AC in the shed with power over the network cable. This worked! Ideally the wireless network in the backyard is 'on demand' because we only use it when working from home or sitting in the backyard and we can save the power at other times. So the idea of a button 'wifi in backyard' and an automatic shutdown in the evening is nice. I searched and it is indeed possible to control the Power over Ethernet in the Netgear GS310TP switch with snmp. Based on GS110TP deactivate PoE over SNMP for specific Ports I soon had working snmpset commands to disable/enable power to a specific port, and the Mikrotik followed nicely. Value '1' is PoE on and value '2' is PoE off:$ # switch PoE on for port 8 $ snmpset -v2c -c ******** ******* 22.214.171.124.126.96.36.199.188.8.131.52.8 integer 1 iso.184.108.40.206.220.127.116.11.18.104.22.168 = INTEGER: 1$ # switch PoE off for port 8 $ snmpset -v2c -c ******** ******* 22.214.171.124.126.96.36.199.188.8.131.52.8 integer 2 iso.184.108.40.206.220.127.116.11.18.104.22.168 = INTEGER: 2Ideally there would be a button (zigbee?) near the backdoor to request "On" and a scheduled task every day to switch it off in the evening.
2023-04-17 Refreshed my PGP key
My PGP key expired, but I reset the expiry date. I do this so I have to actively update the key every few years. Should I ever lose access to the private key, it will go away by itself. But this also means I have to ask the users of my key to refresh it by hand because the simple refresh doesn't "see" the update (even though this adds new signatures to the key). So please use the command to receive my key:$ gpg --keyserver pgp.surf.nl --receive-keys 0x5BA9368BE6F334E4This updates the expiry date(s) and the uids. If you have my key and it looks expired and/or still has an old e-mail address with kzdoos in it please do this now. Complete data at pgp.surf.nl: Search results for '0x5BA9368BE6F334E4' where you can see all the details including the revoked bits. Those revoked bits won't show up in normal use.
2023-04-14 Teaching courier-imapd-ssl to use up-to-date encryption
A discussion on irc about how hard it is to set TLS options in some programs made me recall I still wanted courier-imap-ssl to give me the right SSL settings (Only TLS 1.2 and 1.3, and no weak algorithms). This has bothered me for a while but I couldn't find the right answers. Most documentation assumes courier-imap-ssl is compiled with OpenSSL. In Debian/Ubuntu/Devuan it is compiled with GnuTLS. Searching this time found me Bug #1808649 “TLS_CIPHER_LIST and TLS_PROTOCOL Ignored” : Bugs : courier package : Ubuntu which points at debian-server-tools/mail/courier-check at master · szepeviktor/debian-server-tools · GitHub which lists the right parameter TLS_PRIORITY. And that page has usable answers for up to TLS v1.2, with some reading of the output of gnutls-cli --list I can imagine TLS v1.3 settings. So with a minor adjustment to the given example to allow for TLS v1.3 I set this in /etc/courier/imapd-ssl:Read the rest of Teaching courier-imapd-ssl to use up-to-date encryption##NAME: TLS_PRIORITY:0 # # GnuTLS setting only # # Set TLS protocol priority settings (GnuTLS only) # # DEFAULT: NORMAL:-CTYPE-OPENPGP # # This setting is also used to select the available ciphers. # # The actual list of available ciphers depend on the options GnuTLS was # compiled against. The possible ciphers are: # # AES256, 3DES, AES128, ARC128, ARC40, RC2, DES, NULL # # Also, the following aliases: # # HIGH -- all ciphers that use more than a 128 bit key size # MEDIUM -- all ciphers that use a 128 bit key size # LOW -- all ciphers that use fewer than a 128 bit key size, the NULL cipher # is not included # ALL -- all ciphers except the NULL cipher # # See GnuTLS documentation, gnutls_priority_init(3) for additional # documentation. TLS_PRIORITY="NONE:+CHACHA20-POLY1305:+AES-128-GCM:+AES-256-GCM:+AES-128-CBC:+AES-256-CBC:+ECDHE-ECDSA:+ECDHE-RSA:+SHA256:+SHA384:+AEAD:+COMP-NULL:+VERS-TLS1.2:+VERS-TLS1.3:+SIGN-ALL:+CURVE-SECP521R1:+CURVE-SECP384R1:+CURVE-SECP256R1:+CTYPE-X509"And now things are good! All green in sslscan:SSL/TLS Protocols: SSLv2 disabled SSLv3 disabled TLSv1.0 disabled TLSv1.1 disabled TLSv1.2 enabled TLSv1.3 enabled TLS Fallback SCSV: Server supports TLS Fallback SCSV TLS renegotiation: Session renegotiation not supported TLS Compression: Compression disabled Heartbleed: TLSv1.3 not vulnerable to heartbleed TLSv1.2 not vulnerable to heartbleed Supported Server Cipher(s): Preferred TLSv1.3 128 bits TLS_AES_128_GCM_SHA256 Curve P-256 DHE 256 Accepted TLSv1.3 256 bits TLS_AES_256_GCM_SHA384 Curve P-256 DHE 256 Accepted TLSv1.3 256 bits TLS_CHACHA20_POLY1305_SHA256 Curve P-256 DHE 256 Preferred TLSv1.2 256 bits ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-256 DHE 256 Accepted TLSv1.2 256 bits ECDHE-ECDSA-CHACHA20-POLY1305 Curve P-256 DHE 256 Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-256 DHE 256 Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA384 Curve P-256 DHE 256 Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA256 Curve P-256 DHE 256 Server Key Exchange Group(s): TLSv1.3 128 bits secp256r1 (NIST P-256) TLSv1.3 192 bits secp384r1 (NIST P-384) TLSv1.3 260 bits secp521r1 (NIST P-521) TLSv1.2 128 bits secp256r1 (NIST P-256) TLSv1.2 192 bits secp384r1 (NIST P-384) TLSv1.2 260 bits secp521r1 (NIST P-521) SSL Certificate: Signature Algorithm: sha256WithRSAEncryption ECC Curve Name: secp384r1 ECC Key Strength: 192
2023-04-05 I participated in the EA RTTY Contest 2023News archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021 | 2022 | 2023
This year I participated in the EA RTTY Contest again. This is a contest organized by the Spanish Amateur Radio Club Unión de Radioaficionados Españoles and they organize nice contests! I participated Saturday afternoon and Sunday end of the morning. Other things needed my attention in the weekend too. I ended with 56 contacts, 53 on the 20 meter amateur band and 3 on the 40 meter amateur band. The 40 meter amateur band was mostly unusuable during the daytime due to interference. I thought I was going to end the contest with less than 50 contacts, but calling CQ I had a last minute sprint with 11 contacts in 10 minutes.Read the rest of I participated in the EA RTTY Contest 2023
Father, cat owned/owner, Linux fan, Internet user, book reader, radio amateur, recumbent bicyclist, snowboarder, ipv6 fan. For those who don't speak Dutch: how to pronounce Koos van den Hout.
Specialist information security at Utrecht University with a modern Profile page.