Koos picture small

Koos van den Hout

Welcome. This is my homepage where I write about my opinion, projects, things I note, things I try and other random stuff. Newsitems have tags for a bit of structure.

Latest news/thoughts/geeking/rants/notablog

2017-11-15 Lots and lots of distributed SSH scanning 2 days ago
I am noticing lots and lots of distributed SSH scanning, not doing enough attempts from one IP address to trigger fail2ban. Timing and choice of login names used suggest a strong link between the ssh attempts even when source IPs are very different. Login names also refer to websites hosted on the same address.

At a given moment I started wondering if this was just me, but others reported the same and exchanging IP address lists showed a lot of matches between attacks on totally unrelated systems.

Tags: ,
2017-11-13 Linux and enabling NFSv4 name mapping 5 days ago
When I shared my article on NFSv4 on the synology I noticed I left out the fundamentals about Linux and NFSv4 with name mapping. All kernels I nowadays run into have the same preference to disable using names over NFSv4 because somewhere the decision was made to assume most Linux systems will be in an environment with centralized UID/GID management.

In any environment with devices with their own UID/GID management (such as synology devices without central LDAP) this will not be true. So the defaults need an override.

The runtime way to change this is, for the nfs client kernel process:
# echo N > /sys/module/nfs/parameters/nfs4_disable_idmapping
And for the nfsd server kernel process:
# echo N > /sys/module/nfsd/parameters/nfs4_disable_idmapping
Notice the one letter difference.

To make this change more permanent, set up a file with a name like /etc/modprobe.d/local-config.conf with
options nfs nfs4_disable_idmapping=0
options nfsd nfs4_disable_idmapping=0
And you still need to set /etc/idmapd.conf on all systems involved (both clients and servers) with the same value for the 'Domain'. I obviously have:

Verbosity = 0
Pipefs-Directory = /run/rpc_pipefs
# set your own domain here, if id differs from FQDN minus hostname
Domain = idefix.net


Nobody-User = nobody
Nobody-Group = nogroup
And enable idmapd. How you enable this depends on your Linux distribution. In ubuntu server it's in /etc/default/nfs-common with
# Do you want to start the idmapd daemon? It is only needed for NFSv4.

Tags: ,
2017-11-13 The television version of "The Cuckoo's Egg" 5 days ago
I read the Dutch version of "The Cuckoo's Egg" when it came out in 1989. Later I bought the English version.

Via a complete diversion I found out this weekend the book was made into a TV documentary: The KGB, the Computer and Me which has a lot less personal diversions than the book. It is played by Clifford Stoll himself and others involved in the original story. Although the CIA guys look a bit more stereotypical than they come out in the book.

A very interesting part is there is a closing remark in the documentary by Markus Hess. Now I want to get a view of the movie of the other side, '23'.

The funny part is that I found this documentary from following news related to amateur radio: Cliff Stoll -- K7TA -- Has THE KNACK. And a GREAT NOVA Video. Clifford Stoll does have a callsign: K7TA

Tags: , , ,
2017-11-10 Really disabling framebuffer on a modern linux 1 week ago
Framebuffer is nice but I want it really disabled on my new homeserver 2017 because that will end up in the attic where I don't want a repeat of the earlier Linux-related radio interference problem. And for virtual machines it's a bit of overkill too.

To disable framebuffer in both grub and the running Linux it has to be disabled twice. Both in /etc/default/grub which now has these two lines:


Tags: , ,
2017-11-10 NFSv4 on the synology isn't complete NFSv4 until you do some special configuration 1 week ago
This solution fails at the moment I start using rsync to sync directories to the Synology. Update when I find out where that goes wrong.

I am now using a synology for storage in the home network. Linux clients use NFS to access the Synology, and nowadays the default NFS version is version 4, which does things quite differently from version 3. NFS version 4 is supposed to use user names with NFS domain names and rpc.idmapd instead of numeric user and group IDs.

After serious debugging I found out NFSv4 with the synology doesn't use names as I expected. I kept looking at nfs client settings but eventually I used tcpdump, wireshark and tshark to find out owner names aren't used at all. Numerical UIDs are used as text in the NFSv4 answers, even for files that have an owner that is known in the synology. As if the nfs4_disable_idmapping=0 is never set for the NFS server.

I confirmed this with capturing the NFS traffic with tcpdump and analyzing the pcap files with wireshark and tshark. I indeed see:
                        reco_attr: Owner (36)
                            fattr4_owner: 1026
                                length: 4
                                contents: 1026

A lot of google searching confirms this, including anyone have nfsv4 actually working? - Synology Forum. The next step is to adjust the idmapping in the running kernel on the synology, using:
# echo N > /sys/module/nfsd/parameters/nfs4_disable_idmapping
Now I indeed see the right strings in the NFSv4 traffic, but the idmapd on the client doesn't translate for some reason. Fixing the /etc/idmapd.conf file helped.

The next step is to make this change permanent on the synology. Adding a file /etc/modules.local.conf with
does the trick. This I learned from reading the startup file /etc/rc.subr which loads the kernel modules.

And now I see the right data in the NFS traffic:
                        reco_attr: Owner (36)
                            fattr4_owner: koos@idefix.net
                                length: 15
                                contents: koos@idefix.net
And the user mapping works. On an older system I have UID 501, on the synology I have UID 1026 and on a new system I have UID 1000, and I'm owner of the files everywhere.

Tags: , ,
2017-11-08 Trying to receive Fox-1A (AO85) telemetry 1 week ago
I decided to try to receive telemetry data from the Fox-1A (AO85) satellite to prepare for receiving telemetry from the new RadFxSat right after launch. The FoxTelem program is ready to receive data from all the Fox series satellites so this was a good way to test my receiving setup.

This afternoon there was a reasonable pass so I decided to give it a try. With the FT-857D radio tuned to the downlink frequency 145.978 MHz in FM packet mode. While I did hear the conversations on the satellite in the noise the program did not seem to receive anything. And then I noticed the sound display in the program reacted strongly when I tapped the microphone connected to the mixing board. I chose the wrong audio device. I have two USB audio devices connected to the computer, one feeds audio from a mixing desk and one feeds audio from the radio. Normally I can keep them apart but FoxTelem was only showing one of them.

The solution was to set FoxTelem to the audio device 'default' and use pavucontrol to switch the input of the application to the right USB audio device. But by the time I figured that out the satellite was already too far to receive any useful telemetry data.

Time to find another nice pass with useful elevation (above 10 degrees) to try this again. And it's a good preparation for the launch of Fox-1B.

Tags: , ,
2017-11-07 Waiting for the launch of RadFxSat (Fox 1B) 1 week ago
The subset of radio amateurs that is interested in amateur satellites is waiting for the launch of RadFxSat / Fox 1B. The name 'RadFxSat' stands for 'Radiation Effects Satellite'. The primary mission is in cooperation with Vanderbilt University ISDE studying radiation effects on commercial off the shelf components.

The amateur radio mission is a FM U/v repeater with CTCSS, which means it can be used by radio amateurs to make long distance contacts.

As any new satellite, the first phase after launch is a lot of testing before any experiments or radio services are started. During the testing phase the satellite will transmit short radio messages (audio with data mixed in as low frequency tones) with telemetry data. By receiving the telemetry data and forwarding it to the operators radio amateurs can help the testing. This telemetry includes voltages and temperatures which allow the operator to find out if the satellite operates as designed and whether the power budget (generated power from solar panels minus used power) is good.

To receive telemetry from the Fox series satellites and forward it a program has been developed named FoxTelem and I am glad to see a linux version is available. This allows me to receive the satellite unattended and forward the data. I will at least try to participate in the 'Launch and Early Orbit program' during the first few days.

Current launch date is planned at November 14th.

More information:

Tags: , ,
2017-11-07 Spammers using old lists 1 week ago
I'm easily amused by the rejects in the maillog clearly caused by spammers using ancient lists.

For example, I'm still seeing attempts to mail the address that I used for signing up to linkedin. When the first spam came after the linkedin breach in 2012, I changed the address and disabled the original address. But spam for that address still came in this week.

Tags: , ,
2017-11-01 DAB services scan 1 November 2017 2 weeks ago
DAB+ logo Tijd om weer eens een DAB services scan te doen. Een extra reden was omdat bij de scan op de Pure DAB+ radio zelfs de Vlaamse multiplex binnenkwam.

Bij de scan met de Noxon USB stick kwamen die niet meer binnen (en waren tegelijkertijd aan het wegvallen op de Pure radio), maar die heeft weer even de Duitse landelijke multiplex gezien. Maar de regio's Noord/Oost en Zuid kwamen dit keer niet in de scan. De typische volgorde van kanalen komt trouwens omdat de Noxon software de scanvolgorde nog altijd geoptimaliseerd heeft voor de Duitse situatie en dus de scan begint bij 5C.

Met alle testen met lokale radio via DAB+ is dat nog steeds niet in de buurt actief geworden.

Opvallend is dat MTVNL op 5B opduikt. Op 12B had ik wel MTVNL maar volgens Muxxi zonder services (0 CU in gebruik).
Read the rest of DAB services scan 1 November 2017

Tags: , ,
2017-10-31 Spammers overdoing it a bit 2 weeks ago
Dear Professor Epocafe,
Yes, there is an e-mail address that looks like repocafe@ but it's not a person.

Tags: , ,
2017-10-30 I am a paranoid bastard 2 weeks ago
PGP lock logo I needed to look up some gpg commands and found GPG Cheat Sheet and it had what I was looking for.

Looking at this page I found this gem:
Ok, so what if you're a paranoid bastard and want to encrypt some of your own files, so nobody can break into your computer and get them? Simply encrypt them using yourself as the recipient.
That makes me a paranoid bastard since I use this to store passwords and other secrets.

Tags: , ,
2017-10-30 I participated in the CQWW DX contest 2 weeks ago
This weekend was the CQ World Wide DX Contest. This is indeed another phone (voice) contest, so I connected headset, footswitch and the remote head of my radio. I had some time to participate on Sunday early afternoon and Sunday evening. On Sunday afternoon the logical band to try was 20 meters, on Sunday evening 40 meters. In the end I made 51 contacts.

All I did was 'search and pounce', checking for stations calling CQ that I could understand good enough and transmit my call back to them in the hope they would hear me. Some stations had me on the first try, some took several tries and some never heard me. The DX that got away was a Kazakhstan station who could not decode my call even after several tries.

I used the yfktest contest software for Linux again. This wasn't very hard as yfktest has a standard definition for the CQWW DX contest.

I heard both serious contest stations and single operators just calling CQ on the air. Interesting was to work OH1LWZ/M who according to his qrz page is really contesting mobile from his car or bicycle.

For next time I have to check the compression and gain settings for SSB on my Yaesu FT-857D radio when using the headset.

Claimed results:
Band    QSO    Qpts   Dupes Countries Zones
  20     40      48       0      15       5
  40     11      19       0       9       6
 ALL     51      67       0      24      11
 Total Score: 2,345
A few times I heard the contest call PA0AA of my radio club who worked very hard to get the antenna at the club ready for contesting, but only in the background when I was trying other calls. It would have been nice to get them in the log.

Tags: , , ,
2017-10-23 De spam voor een Belg gaat maar niet dood 3 weeks ago
Ondertussen leven we op ruim 5 jaar sinds de eerste spam die te herleiden was tot een belgische lijst maar er kwam er vandaag weer een binnen van een belgisch bedrijf met kenmerken die lijken op de eerste spam die binnenkwam. Dus ook Kleurstempel.be gebruikt spamlijsten. Die ondertussen oud zijn.

Eerder, eerder, eerder, eerder.

Tags: , ,
2017-10-21 (Radioselfie from an earlier mobile activity) 3 weeks ago
Google+Koos van den Hout : Radioselfie from an earlier mobile activity
2017-10-20 (I had time this week to test the fibermast I ordered and found a nice but remote location to do it. ...) 4 weeks ago
Google+Koos van den Hout : I had time this week to test the fibermast I ordered and found a nice but remote location to do it. Learned a lot about setting up the mast on my own and made a few nice radio contacts.
2017-10-20 (I had time this week to test the fibermast I ordered and found a nice but remote location to do it. ...) 4 weeks ago
Google+Koos van den Hout : I had time this week to test the fibermast I ordered and found a nice but remote location to do it. Learned a lot about setting up the mast on my own and made a few nice radio contacts.
2017-10-20 Testing the new fibermast from a remote location 4 weeks ago
I had time this week to test the fibermast I ordered and I wanted to do this at a location away from houses. Someone suggested the location 'Trintelhaven' which is a small harbour in the dike between Enkhuizen and Lelystad. This is a harbour of refuge in which ships on the Ijsselmeer can find a safe location to spend the night or wait out a storm.

Usually I do my outdoor radio activities at cycling distance, but this was an interesting location, I had the day available and I felt like going a bit further.

The Trintelhaven is originally an island created for the construction of the dike between Enkhuizen and Lelystad, which was going to form the 'Markerwaard'. But that plan was cancelled and now it is the 'Markermeer' (lake) with a new project to bring more life into it.

In the end I learned things about the new fiber mast, played radio, enjoyed the outdoors and had fun.
Read the rest of Testing the new fibermast from a remote location

Tags: , ,

News archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017

The person

Father, cat owned/owner, Unix/Linux fan, Internet user, reader, recumbent byciclist, snowboarder, ipv6 fan. For those who don't speak Dutch: how to pronounce Koos van den Hout.

The job

Specialist information security at Utrecht University with a modern Profile page.

Search idefix.net

Custom Search

Encrypted connection

Congratulations, your connection to this website is encrypted and cannot be tapped on the network!
The mixed-content warning is due to not all content (images, audio) being available over TLS encrypted transport.

Visitor using IPv4

Your IPv4 address is in United States

Other webprojects I work on

Weather projects

Weather station

Temperature : 10.6 °C
Humidity : 84.1 %
Airpressure : 1007.9 hPa


Use the e-mail address in the address box and use PGP private secure e-mail when possible.

Pages on specific projects

Loads more pages

Koos van den Hout, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
This page is best viewed with any browser in any resolution. Some browsers will wait with rendering most of the page until allmost all HTML is loaded. RSS
Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
This page generated by $Id: index.cgi,v 1.87 2017/07/11 13:07:45 koos Exp $ in 0.082964 seconds.