Koos picture small

Koos van den Hout

Koos van den Hout - Latest news, thoughts, rants, projects and other things to write about.
2018-06-23 SMART can be wrong 1 day ago
Someone brought me a 'WD My cloud' that does not respond at all. So I took it apart and found out how to access the disk in an i386 Linux system: mount the 4th partition as ext4. When the disk was available I did a smart test:
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED
But while trying to find out how much data is actually on the disk, I get:
[  866.165641] Sense Key : Medium Error [current] [descriptor]
[  866.165645] Descriptor sense data with sense descriptors (in hex):
[  866.165647]         72 03 11 04 00 00 00 0c 00 0a 80 00 00 00 00 00 
[  866.165659]         b0 90 ea 60 
[  866.165664] sd 2:0:0:0: [sda]  
[  866.165668] Add. Sense: Unrecovered read error - auto reallocate failed
So the disk isn't very healthy. But rerunning the smart check still shows nothing is wrong. It is a Western Digital 'RED' harddisk especially for NAS systems so it should return errors earlier to the operating system but this disk is bad, which is probably related to why the 'my cloud' enclosure isn't working.
Read the rest of SMART can be wrong

Tags: ,
2018-06-22 Slow password guessing for imaps 2 days ago
Interesting in the logs:
Jun 19 21:22:29 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.9]
Jun 19 21:23:30 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.9]
Jun 19 21:27:05 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.11]
Jun 19 21:31:58 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.11]
Jun 19 22:27:15 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.9]
Jun 19 22:30:10 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.9]
Jun 19 22:44:17 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.11]

..

Jun 22 14:23:39 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.11]
Jun 22 14:24:35 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.11]
Jun 22 15:20:05 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.9]
Jun 22 15:21:01 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.9]
Jun 22 15:29:18 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.11]
Jun 22 15:30:06 greenblatt imapd-ssl: LOGIN FAILED, method=PLAIN, ip=[::ffff:5.188.207.11]
Every time fail2ban blocks the addresses for a while but the attacker is more persistant than that.

Tags: ,
2018-06-19 I don't run your nameserver 5 days ago
Showing in the logs since a few hours:
Jun 18 12:48:36 server named[16424]: client 92.247.148.230#38664: query '1.3.20.172.in-addr.arpa/PTR/IN' denied
Jun 18 12:48:39 server named[16424]: client 92.247.148.230#38664: query '14.0.20.172.in-addr.arpa/PTR/IN' denied
Jun 18 12:48:45 server named[16424]: client 92.247.148.230#38664: query '41.1.20.172.in-addr.arpa/PTR/IN' denied
Jun 18 12:48:47 server named[16424]: client 92.247.148.230#38664: query '6.1.20.172.in-addr.arpa/PTR/IN' denied
Given earlier reports of the same IPv4 address asking about the same queries this has been seen by at least one other place before. Blacklisted for now, maybe I can think of some answers that can slow down the resolver later.

Tags: ,
2018-06-17 More kilometers distance into Australia 1 week ago
This evening I made an FT8 contact with VK7AC which is a new distance record: 16918 kilometers. Which is an improvement over the previous record: 16581 kilometers to Melbourne.

With Australia being huge I'm not surprised distances can be very different.

The contact was hard to make but callsigns and signal reports got exchanged eventually. This was on the 40 meter band so that's also a new band for that country.

In the rest of the weekend I made more FT8 contacts on different bands and some SSB (voice) contacts to several active stations. Noticable was that several high-power stations were active on the 10 meter band Friday evening enjoying the band opening.

Tags: , ,
2018-06-17 Apache 2.2 Proxy and default block for everything but the .well-known/acme-challenge urls 1 week ago
I'm setting up a website on a new virtual machine on the new homeserver and I want a valid letsencrypt certificate. It's a site I don't want to migrate so I'll have to use the Apache proxy on the 'old' server to allow the site to be accessed via IPv4/IPv6 (for consistency I am now setting up everything via a proxy).

So first I set up a proxy to pass all requests for the new server to the backend, something like:
        ProxyPass / http://newsite-back.idefix.net/
        ProxyPassReverse / http://newsite-back.idefix.net/
But now the requests for /.well-known/acme-challenge also go there and they are blocked needing a username/password since the new site is not open yet.

So to set up the proxy correctly AND avoid the username checks for /.well-known/acme-challenge the order has to be correct. In the ProxyPass rules the rule for the specific URL has to come first and in the Location setup it has to come last.
        ProxyPass /.well-known !
        ProxyPass / http://newsite-back.idefix.net/
        ProxyPassReverse / http://newsite-back.idefix.net/

        <Location />
        Deny from all
        AuthName "Site not open yet"
        [..]
        </Location>

        <Location /.well-known/acme-challenge>
            Order allow,deny
            Allow from all
        </Location>
And now the acme-challenge is done locally on the server and all other requests get forwarded to the backend after authentication.

Tags: , , ,
2018-06-04 First 'Sporadic E' contact on 2 meter 2 weeks ago
As guessed when I got earlier personal distance records with FT8 on the 2 meter band bigger distances are possible with 'Sporadic E', a condition in which even higher frequencies can be propagated through the ionosphere.

This evening G8EOH came back to an FT8 cq on 2 meter and I found out that gave me a new distance record: 342 kilometer.

Tags: , ,
2018-06-04 An active weekend on the 10 meter band, Faroe islands in the log 2 weeks ago
This weekend had enough time available to be active on the radio. And the 10 meter band was open again, just like the evening opening on 10 meters three weeks ago. This weekend the 10 meter band cooperated most of Friday evening, a few hours Saturday morning and most of Sunday afternoon and evening. Especially 10 meters FT8 was busy and I worked a lot of European countries on the 10 meter band. On Thursday evening I had 15 countries confirmed (lotw or paper qsl) on 10 meter for my call PE4KH, on Sunday evening that number was 25.

I added the Faroe islands to the log Sunday (also on 10 meter FT8) when I saw OY1DZ active and had a contact. Not yet confirmed, I have requested a card via the OQRS system in use for OY1DZ and other calls. According to that page the LoTW confirmation will also happen soon.

I also got a few voice contacts in the log: special event calls and world wide flora and fauna activations are always nice to have. The flora and fauna location spff-450 activated by SP5KD/P was hard to understand at home so I used the utwente websdr to receive and the transmitter at home to transmit.

Tags: , ,

News archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018

The person

Father, cat owned/owner, Unix/Linux fan, Internet user, reader, recumbent byciclist, snowboarder, ipv6 fan. For those who don't speak Dutch: how to pronounce Koos van den Hout.

The job

Specialist information security at Utrecht University with a modern Profile page.
 

Search idefix.net

Custom Search

Visitor using IPv4

Your IPv4 address is 54.224.255.17 in United States

Other webprojects I work on

Weather projects

Weather station

Temperature : 17.8 °C
Humidity : 77.3 %
Airpressure : 1013.7 hPa

Contact

Use the e-mail address in the address box and use PGP private secure e-mail when possible.

Pages on specific projects

Loads more pages


Koos van den Hout, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
This page is best viewed with any browser in any resolution. Some browsers will wait with rendering most of the page until allmost all HTML is loaded. RSS
Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
This page generated by $Id: index.cgi,v 1.96 2018/05/24 12:38:19 koos Exp $ in 0.068237 seconds.