News archive December 2011 - Koos van den Hout

Archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021 | 2022

2011-12-31 (#)
After the earlier tries with reception on the NOXON DAB USB stick I tried today with the USB stick directly in the computer and an antenna extension cable between the little antenna and the stick. Which makes it only find the Publieke Omroep ensemble on 12C (no MTVNL) and the reception interrupts from time to time. So for really interesting scans I'll need a better antenna.

Tags: , ,
2011-12-31 (#)
Interesting stuff in my logs when someone in Italy roams around with a device which thinks it should be registered in Just the first and last logentry for each IPv4 address:
Dec 25 07:50:09 greenblatt named[19563]: client update '' denied
Dec 26 22:10:48 greenblatt named[19563]: client update '' denied
Dec 26 23:10:49 greenblatt named[19563]: client update '' denied
Dec 26 23:21:41 greenblatt named[19563]: client update '' denied
Dec 26 23:42:35 greenblatt named[19563]: client update '' denied
Dec 27 01:22:42 greenblatt named[19563]: client update '' denied
Dec 27 03:22:42 greenblatt named[19563]: client update '' denied
Dec 28 05:01:50 greenblatt named[19563]: client update '' denied
Dec 28 06:01:46 greenblatt named[19563]: client update '' denied
Dec 29 02:21:48 greenblatt named[19563]: client update '' denied
Dec 29 03:21:43 greenblatt named[19563]: client update '' denied
Dec 29 14:54:37 greenblatt named[19563]: client updating zone '': update failed: nas: prerequisite name is out of zone (NOTZONE)
Dec 29 15:15:49 greenblatt named[19563]: client update '' denied
Dec 31 21:31:23 greenblatt named[19563]: client update '' denied
Dec 31 22:10:19 greenblatt named[19563]: client update '' denied
Jan  2 01:37:30 greenblatt named[19563]: client update '' denied
Jan  2 03:36:13 greenblatt named[19563]: client update '' denied
Jan  2 23:09:15 greenblatt named[19563]: client update '' denied
Jan  2 23:52:23 greenblatt named[19563]: client update '' denied
Jan  4 02:00:12 greenblatt named[19563]: client update '' denied
Jan  5 14:55:57 greenblatt named[19563]: client update '' denied
Jan  5 22:42:59 greenblatt named[19563]: client update '' denied
Jan  6 09:07:15 greenblatt named[19563]: client update '' denied
Jan  6 09:07:20 greenblatt named[19563]: client update '' denied
I guessed the christmas holiday trip would end after new years, but it still goes on. The Italian christmas school holiday ends 8 January.

Tags: , ,
2011-12-31 (#)
Interesting security news: QR Code Malware Picks Up Steam - Dark reading. The article discusses specific malware for certain mobile platforms, or phishing sites which use the fact that mobile browsers don't have a lot of room to show you whether you are actually visiting the site of your bank.

I can imagine several abuses like the ones mentioned in the article. Phishing for student logins at work will probably also be easy with this method.

Via Malicious QR Code Use On the Rise - Slashdot.

Tags: ,
2011-12-30 (#)
Browsing the tables for Digitenne at DTV monitor shows the transport stream 12 I noticed still listed. Pick one of the transport streams at the left, and open Tables, NIT-actual, Network ID 8720 (Digitenne). When I try the same on several of the muxes here I get no mention of TS 12 in the network information table. According to DTV monitor the analysis was done today, so some interesting things going on? My best guess is that DTV Monitor does the scanning from somewhere near Den Haag.

Tags: , ,
2011-12-30 (#)
Iemand heeft een e-mail adres van mij bij een first-impressions site ingevuld en prompt is het raak: eerst een 'eenmalige bevestigingsmail' en vervolgens spam (ongewenste e-mail, dus de eenmalige bevestigingsmail was ook al een leugen) zonder enige verdere controle of het adres geldig is, over aanbiedingen ziektekostenverzekeringen van FBTO, Zilverenkruis en Zekur. En een poging tot afmelden heeft geen effect, de volgende dag komt er weer een spam specifiek over FBTO. Waarmee dus duidelijk is dat bedrijven als FBTO zaken doen met gewone spammers. Er is niet veel veranderd sinds de Nederlandse spampraktijken waar Karin Spaink in 2003 over schreef. De enige verandering is dat het percentage spam hoger geworden is. Wat vooral niet veranderd is: spammers liegen.

Klachtenmelding gedaan naar de provider, naar en naar FBTO. Bedrijven die zaken doen met spammers zijn ongewenst.

Update 2011-12-31: Nu zelfs casino spam via first impressions. Ze zijn wel heel diep gezakt daar.

Tags: , ,
2011-12-28 (#)
So the Noxon DAB USB stick indeed showed up as a christmas present. I directly tried it in Zuid-Limburg the southern part of the country where I found several countries' DAB ensembles before. No such luck with the Noxon DAB USB stick and its own antenna. Searching for other experiences in English or Dutch found nothing, but searching in German for noxon dab usb kein empfang found DAB+ USB Stick Terratec Noxon which has several mentions of the accompanying antenna not being great for VHF band III and being susceptible to interference from the computer. I also had the Pure One Mini receiver with me which found most expected ensembles without a problem. The Deutschlandradio ensemble was missing this time.

Back at home I saw the same problem: on the top floor of the house where the Pure One Mini finds both the Publieke Omroep ensemble on 12C and MTVNL on 11A the Noxon DAB USB stick in default configuration finds nothing. Switching to the antenna I built myself for DVB-T scanning or to the Funke DSC310 antenna does give me both ensembles in the scan with good reception for 12C and good/average reception for 11A.

One tip in the above forum was to move the antenna away from the computer. I tried this with a long USB-cable and that helped a bit: the Publieke Omroep ensemble showed up.

So the accompanying antenna is bad, or the input sensitivity of the receiver in the stick isn't that great, or both. Which doesn't make it a great stick for trying to discover distant DAB ensembles just making it through. Or for bringing it along on trips.
Update 2011-12-29: Today I had the Pure One Mini playing a DAB station and booted the laptop and the reception completely stopped for a few seconds and returned with a drop in quality. Solution: move the radio away from the laptop. So VHF band III reception is quite susceptible to interference from computers.

Tags: , , ,
2011-12-28 (#)
@ringel some people can turn any recipe into 'uses every utensil in the kitchen'
2011-12-28 (#)
Radio #top2000 op DAB heeft nogsteeds de top2000 van 2010. Maar radio2 op DAB doet het prima!
2011-12-27 (#)
I answer an e-mail from someone with an address, and I get the error message:
<<< blocked by ldap:ou=rblmx,dc=att,dc=net
<<< 550 Error - Blocked for abuse. See
554 5.0.0 Service unavailable
But is useless in finding out why would think my IPv4 address is a spam source. The available options seem to be I am the responsible admin for this system and I did (x and y) to stop the well-known spamflood or I am an end-user and I will wait nicely for the admins to sort this out.

The second option does give an e-mail message after a while which is not very informational:
We are writing to let you know that we are blocking messages addressed to one of our customers at the domain by one of your customers at domain The stream of messages coming from your system appears to consist mostly of unwanted commercial e-mail (UCE, or "spam"). To protect our system a nd to ensure that it operates well for all of our customers, we have decided to block all messages originating from your system.

Please consult your logs to see what might be causing this situation and how it can be fixed. Then visit to request a remo val of the block. Most requests for removal are honored within two days.

The specific error message received by your customer was: blocked by ldap:ou=rblmx,dc=att,dc=net

Thank you for your assistance in helping our respective customers communicate.
All I see in the logs with / is incoming spam.

So I will request a delisting with as reason 'no OUTGOING spam found in the logs'.

Tags: , ,
2011-12-24 (#)
With DVB based television it is quite possible to temporarily add a service, given available bandwidth within the transport streams. Service BNN 101.TV is at the moment temporarily available in Digitenne as part of the Serious Request event. The capacity was used earlier for RTV Drenthe after the collapse of the transmitter tower at Hoogersmilde.

3FM Serious Request gratis voor KPN klanten op zender 101TV - KPN news stream (Dutch). The detail missed in this press release is that 101TV on DVB-T (Digitenne) is free-to-air.

Logo Cultura24 via DVB-T capture 2011-12-29 Update 2011-12-29: The next event is now happening: Top2000 editie 2011 is on Radio 2 at the moment and Digitenne now has service Cultura24 with the accompanying live view of the radio studio. So I captured the logo since it is free-to-air.

Tags: , ,
2011-12-23 (#)
RT @twitjeb: If I ever need a secure source of entropy again I'm basing it on airline fares.
2011-12-21 (#)
@bitsoffreedom "Gencrypteerde" ? schrijf dan gewoon "versleutelde"
2011-12-21 (#)
A co-worker from years ago at Cetis sent me LinkedIn invites and I decided to give LinkedIn a go. People reading this who are on LinkedIn and want to 'add me to their professional network' are very welcome!

LinkedIn profile Koos van den Hout.

Tags: , ,
2011-12-19 (#)
Muxx Inspector decode of 'radio top 2000' DAB ensembles worldwide pointed me to Muxx Inspector for decoding and interpreting the DAB datafiles from the Noxon DAB USB stick which shows exactly the kind of deep detail I want to know about the available DAB ensembles. Only in Windows at the moment, but I can boot the laptop into Windows from time to time if that allows me to play with the detailed information I want to get.

And I expect such a DAB USB stick for christmas so I'll be able to do my own scans and datadumps. And I could have a look into the fileformat myself so I can do my own interpretations.

And if you want to look at ensembles you can't receive at home / during your travels: a collection of dab scan files has already been set up. There I got the file used in the screenshot above, 2011-11_5C_DR-DEU_12D_NRW_12A_VRT_12B_RTBF_12C_PubliekeOmroep.dat and I really wonder what the location was of that scan as it includes both the Dutch Publieke Omroep ensemble and the RTBF ensemble. Probably somewhere between the transmitters Mierlo, the southernmost transmitter with 12C Publieke Omroep and Liège (Lüttich/Luik), the nearest transmitter with 12B RTBF.

Tags: ,
2011-12-19 (#)
@Wilboard ik zou niet zo de soldeerbout vasthouden...
2011-12-15 (#)
Tried a few DVB-T service scans today in the rainy weather and unsurprisingly rain degrades the UHF reception. Even the Digitenne Flevoland multiplex wasn't always error-free enough to show in the scan.

DVB-T service scan for 2011-12-15.

Tags: , , ,
2011-12-14 (#)
At work we found a set APC AP7920 switched rack PDUs. A power distribution unit with a console / telnet / ssh / web interface. But they didn't accept the DHCP offers at work, I found out from the documentation they need a vendor specific dhcp option set. Which I can disable in the configuration, after I get access via the network (the serial access requires a special cable).

DHCP in homeserver greenblatt to the rescue. Added to the configuration of ISC DHCP server:
option apc-vendor-cookie code 43 = string;
option apc-vendor-cookie 01:04:31:41:50:43;
and the unit accepts the DHCP offer and I can switch that option off in the configuration. They are nice units, especially for far away server rooms. Including the option to delay power-on of each outlet to avoid high power surges and dependency problems.

Update 2012-01-01: Later I noticed a PC booting via PXE using the heavy duty boot environment was confused by the apc option being set for all devices. Better solution for the above:
option apc-vendor-cookie code 43 = string;

if substring (option vendor-class-identifier, 0, 3) = "APC" {
	option apc-vendor-cookie 01:04:31:41:50:43;

Tags: , ,
2011-12-14 (#)
After starting with using rdnssd to use IPv6 resolvers on my laptop I sometimes note the following in the logs on the server:
Dec 14 17:55:24 greenblatt named[16213]: client fe80::21f:e1ff:fe45:2894%5#35985: query (cache) 'local/SOA/IN' denied
I guess my laptop uses link-local IPv6 addresses for the first few dns queries. Strange, because it only knows the address of the resolver because it has received a router announcement. The most logical explanation is that the system is still trying to detect duplicate addresses before actually assigning the global IP, but DNS traffic is already going out because some script in my browser is very anxious to fetch updates. Anyway, configuring the resolver to see fe80::/10 as a local network which is allowed to do queries does not help.

Tags: , ,
2011-12-14 (#)
Amusing or a serious attack? IPv4 address triggered the fail2ban thresholds with ssh attempts on both and within minutes of each other, machines with quite different IPv4 addresses. Listings for this IPv4 address like DroneBL lookup for make me think this system does more things like this.

Tags: ,
2011-12-14 (#)
@dubnieuws "Femke Halsema wordt twitterprof" ik dacht even dat ik @despeld las
2011-12-12 (#)
@pndc .. if you're allowed to fastforward through them at all
2011-12-12 (#)
Reader's Digest is met de tijd meegegaan: ze stoppen nu ook e-mail boxen vol met ongewenste rommel. En zijn niet te beroerd om te liegen over de herkomst van het e-mail adres:
U ontvangt deze email van Reader's Digest i.s.m. E2Ma op koos .., omdat u
zich bij Reader's Digest heeft ingeschreven.
Dat heb ik niet, iemand heeft dat e-mail adres ingevuld ergens bij Reader's Digest (of bij een ander bedrijf wat een bestand heeft verkocht aan Reader's Digest) en nu krijg ik als eigenaar van dat adres de spam van Reader's Digest omdat ze nooit gecontroleerd hebben of dat adres wel geldig is en spam van Reader's Digest wil ontvangen.

Zou ik nu vaak genoeg Reader's Digest genoemd hebben om een relevant zoekresultaat opgeleverd te hebben?

Update 2011-12-21: En het 'uitschrijven uit de verzendlijst' heeft niet geholpen, ik krijg weer spam van ze.

Update 2012-01-20: Stug volhouden: nogsteeds spam. Stug volhouden met spamklachten sturen, dus.

Tags: , ,
2011-12-12 (#)
Google may be very careful with making their services available via IPv6, but internally they are going further already: Usenix: Google deploys IPv6 for internal network - ITWorld.
Google has learned that an IPv6 migration involves more than just updating the software and hardware. It also requires buy-in from management and staff, particularly administrators who already are juggling too many tasks. And, for early adopters, it requires a lot of work with vendors to get them to fix buggy and still-unfinished code.
The migration to IPv6 is not an L3 problem. It is more of an L7-9 problem: resources, vendor relation-ship/management, and organizational buy-in.
Paper: Deploying IPv6 in the Google Enterprise Network. Lessons learned. Haythum Babiker, Irena Nikolova, Kiran Kumar Chittimaneni.

The paper notes that a big problem with "IPv6 support" in networking devices means "support in software" which will cause CPU load at real usage. Some interesting bugs in IPv6 implementations were also showing, such as router announcement packets leaking from one wireless VLAN to the other. My best guess: a not-too-brilliant implementation of multicast.

Google also received the big vendor IPv6 lie:
When trying to talk to the ven-dors they were always saying - if there is a demand for IPv6 support at all, we’ve never heard it before.
That is what they tell every client with questions about IPv6.

Found via Google Deploys IPv6 For Internal Network - Slashdot.

Tags: ,
2011-12-09 (Showing that being Weird Al is not just fun and games, it is actual hard work! Great timelapse, and ...)
Google+Koos van den Hout : Showing that being Weird Al is not just fun and games, it is actual hard work!
Great timelapse, and the music is an added bonus.
2011-12-09 (#)
Another weird thing recorded on the SIP honeypot: Something which to me sounds like a recording of a voice artist (or 'golden voice'). It was an attempt to use the server from a Palestinian IP to reach +1-404-260-5390, a US phone number for a conferencing system. The recording is attached: note that the audio is very choppy, probably due to packet-loss between the originator in Palestina and my server.
Listen to audio attachment:
MP3 media: Wrong number incoming golden voice (rightclick, select save-as to download)

Tags: , , ,
2011-12-08 (#)
@Fenrir als je het lagedrukgebied van bovenaf wilt zien: en zoom in op Schotland
2011-12-07 (#)
I haven't had to fight this behaviour yet, but I'm glad somebody did the searching and ranting already: Fear and Loathing in Debian/Ubuntu (or: who needs /etc/motd) on a blog appropriately named 'Blindly Accept the Defaults'.

Via @fanf: Who looked at /etc/motd on ubuntu and thought, HEY, I KNOW WHAT THIS NEEDS – SHELL SCRIPTS!?

Tags: , ,
2011-12-07 (#)
@XS4ALL_storing eerste glasvezelstoringsmelding? (dus het product is volwassen!)
2011-12-07 (#)
It took a bit of searching but it is possible to send the Magic SysRq key for Linux kernels over an AdderView CatX IP kvm server. It took a bit of searching in the manual but I found the right way: send the keycodes Alt+Printscreen+s, Alt+Printscreen+u, Alt+Printscreen+b for sync, umount, boot.

Tags: , ,
2011-12-07 (#)
@Milkshake complete netwerkstoring #uu
2011-12-05 (#)
The following packages will be upgraded:

Do you want to continue [Y/n]? 
I think I see a small inconsistency here!

Tags: ,
2011-12-05 (#)
2011-12-04 (#)
Goede antwoord staat er niet bij bij de gps vraag van de #wetenschapsquiz: zowel snelheid als zwaartekracht.
2011-12-04 (#)
I just rescanned the Network Information Table of Digitenne Mux 1 to see if the strange multiplex 12 being listed for digitenne 6 months ago still shows up. It doesn't, the whole transportstream 12 is gone from the NIT. Artefacts of some test by Digitenne?

Listed transport streams:
    Transport_stream_ID: 2211 (0x08a3)
    Transport_stream_ID: 2212 (0x08a4)
    Transport_stream_ID: 2213 (0x08a5)
    Transport_stream_ID: 2214 (0x08a6)
    Transport_stream_ID: 2244 (0x08c4)
DVB-T services scan for 2011-12-04.

Tags: , ,
2011-12-04 (#)
Dear "you must renew your domain now! (and transfer it to us costing 7 times as much as your current registrar)" scammers: you could at least try and look at the expiry date and not ass-ume it is a year after the last modified date. This makes you look like an even bigger scammer/idiot than you already are.

In this case:

Tags: , ,
2011-12-01 (#)
In de brievenbus vandaag: "Een kado van Ziggo", een chocolade afstandsbediening. Grappig, maar geen woord uitleg erbij. Een briefje met "voor onze trouwe klanten" had het net even wat duidelijker gemaakt en volgens mij wat meer aandacht opgelevert.
Update: het was een surprise! bij het weggooien van het doosje bleek de uitleg aan de binnenkant te zitten. Je kunt een reis naar Madrid winnen.

Tags: ,

IPv6 check

Running test...
, reachable as PGP encrypted e-mail preferred. PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers

Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: morenews.cgi,v 1.53 2022/02/15 21:48:18 koos Exp $ in 0.045243 seconds.