News archive December 2011 - Koos van den Hout

Archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020

2011-12-31 (#) 8 years ago
After the earlier tries with reception on the NOXON DAB USB stick I tried today with the USB stick directly in the computer and an antenna extension cable between the little antenna and the stick. Which makes it only find the Publieke Omroep ensemble on 12C (no MTVNL) and the reception interrupts from time to time. So for really interesting scans I'll need a better antenna.

Tags: , ,
2011-12-31 (#) 8 years ago
Interesting stuff in my logs when someone in Italy roams around with a device which thinks it should be registered in idefix.net. Just the first and last logentry for each IPv4 address:
Dec 25 07:50:09 greenblatt named[19563]: client 79.17.238.49#57139: update 'idefix.net/IN' denied
Dec 26 22:10:48 greenblatt named[19563]: client 79.17.238.49#53452: update 'idefix.net/IN' denied
Dec 26 23:10:49 greenblatt named[19563]: client 79.6.235.15#56769: update 'idefix.net/IN' denied
Dec 26 23:21:41 greenblatt named[19563]: client 79.6.235.15#57989: update 'idefix.net/IN' denied
Dec 26 23:42:35 greenblatt named[19563]: client 95.232.234.253#49356: update 'idefix.net/IN' denied
Dec 27 01:22:42 greenblatt named[19563]: client 95.232.234.253#58084: update 'idefix.net/IN' denied
Dec 27 03:22:42 greenblatt named[19563]: client 82.48.221.21#58175: update 'idefix.net/IN' denied
Dec 28 05:01:50 greenblatt named[19563]: client 82.52.174.211#53969: update 'idefix.net/IN' denied
Dec 28 06:01:46 greenblatt named[19563]: client 95.244.236.111#51994: update 'idefix.net/IN' denied
Dec 29 02:21:48 greenblatt named[19563]: client 95.244.236.111#50178: update 'idefix.net/IN' denied
Dec 29 03:21:43 greenblatt named[19563]: client 80.182.55.35#52412: update 'idefix.net/IN' denied
Dec 29 14:54:37 greenblatt named[19563]: client 80.182.55.35#54399: updating zone 'idefix.net/IN': update failed: nas: prerequisite name is out of zone (NOTZONE)
Dec 29 15:15:49 greenblatt named[19563]: client 95.252.62.66#49259: update 'idefix.net/IN' denied
Dec 31 21:31:23 greenblatt named[19563]: client 95.252.62.66#50845: update 'idefix.net/IN' denied
Dec 31 22:10:19 greenblatt named[19563]: client 87.14.25.228#54146: update 'idefix.net/IN' denied
Jan  2 01:37:30 greenblatt named[19563]: client 87.14.25.228#56610: update 'idefix.net/IN' denied
Jan  2 03:36:13 greenblatt named[19563]: client 80.181.64.31#57264: update 'idefix.net/IN' denied
Jan  2 23:09:15 greenblatt named[19563]: client 80.181.64.31#54406: update 'idefix.net/IN' denied
Jan  2 23:52:23 greenblatt named[19563]: client 79.24.236.97#52405: update 'idefix.net/IN' denied
Jan  4 02:00:12 greenblatt named[19563]: client 79.24.236.97#50225: update 'idefix.net/IN' denied
Jan  5 14:55:57 greenblatt named[19563]: client 95.244.2.15#50781: update 'idefix.net/IN' denied
Jan  5 22:42:59 greenblatt named[19563]: client 95.244.2.15#58717: update 'idefix.net/IN' denied
Jan  6 09:07:15 greenblatt named[19563]: client 79.0.235.84#56013: update 'idefix.net/IN' denied
Jan  6 09:07:20 greenblatt named[19563]: client 79.0.235.84#56013: update 'idefix.net/IN' denied
I guessed the christmas holiday trip would end after new years, but it still goes on. The Italian christmas school holiday ends 8 January.

Tags: , ,
2011-12-31 (#) 8 years ago
Interesting security news: QR Code Malware Picks Up Steam - Dark reading. The article discusses specific malware for certain mobile platforms, or phishing sites which use the fact that mobile browsers don't have a lot of room to show you whether you are actually visiting the site of your bank.

I can imagine several abuses like the ones mentioned in the article. Phishing for student logins at work will probably also be easy with this method.

Via Malicious QR Code Use On the Rise - Slashdot.

Tags: ,
2011-12-30 (#) 8 years ago
Browsing the tables for Digitenne at DTV monitor shows the transport stream 12 I noticed still listed. Pick one of the transport streams at the left, and open Tables, NIT-actual, Network ID 8720 (Digitenne). When I try the same on several of the muxes here I get no mention of TS 12 in the network information table. According to DTV monitor the analysis was done today, so some interesting things going on? My best guess is that DTV Monitor does the scanning from somewhere near Den Haag.

Tags: , ,
2011-12-30 (#) 8 years ago
Iemand heeft een e-mail adres van mij bij een first-impressions site ingevuld en prompt is het raak: eerst een 'eenmalige bevestigingsmail' en vervolgens spam (ongewenste e-mail, dus de eenmalige bevestigingsmail was ook al een leugen) zonder enige verdere controle of het adres geldig is, over aanbiedingen ziektekostenverzekeringen van FBTO, Zilverenkruis en Zekur. En een poging tot afmelden heeft geen effect, de volgende dag komt er weer een spam specifiek over FBTO. Waarmee dus duidelijk is dat bedrijven als FBTO zaken doen met gewone spammers. Er is niet veel veranderd sinds de Nederlandse spampraktijken waar Karin Spaink in 2003 over schreef. De enige verandering is dat het percentage spam hoger geworden is. Wat vooral niet veranderd is: spammers liegen.

Klachtenmelding gedaan naar de provider, naar spamklacht.nl en naar FBTO. Bedrijven die zaken doen met spammers zijn ongewenst.

Update 2011-12-31: Nu zelfs casino spam via first impressions. Ze zijn wel heel diep gezakt daar.

Tags: , ,
2011-12-28 (#) 8 years ago
So the Noxon DAB USB stick indeed showed up as a christmas present. I directly tried it in Zuid-Limburg the southern part of the country where I found several countries' DAB ensembles before. No such luck with the Noxon DAB USB stick and its own antenna. Searching for other experiences in English or Dutch found nothing, but searching in German for noxon dab usb kein empfang found DAB+ USB Stick Terratec Noxon which has several mentions of the accompanying antenna not being great for VHF band III and being susceptible to interference from the computer. I also had the Pure One Mini receiver with me which found most expected ensembles without a problem. The Deutschlandradio ensemble was missing this time.

Back at home I saw the same problem: on the top floor of the house where the Pure One Mini finds both the Publieke Omroep ensemble on 12C and MTVNL on 11A the Noxon DAB USB stick in default configuration finds nothing. Switching to the antenna I built myself for DVB-T scanning or to the Funke DSC310 antenna does give me both ensembles in the scan with good reception for 12C and good/average reception for 11A.

One tip in the above forum was to move the antenna away from the computer. I tried this with a long USB-cable and that helped a bit: the Publieke Omroep ensemble showed up.

So the accompanying antenna is bad, or the input sensitivity of the receiver in the stick isn't that great, or both. Which doesn't make it a great stick for trying to discover distant DAB ensembles just making it through. Or for bringing it along on trips.
Update 2011-12-29: Today I had the Pure One Mini playing a DAB station and booted the laptop and the reception completely stopped for a few seconds and returned with a drop in quality. Solution: move the radio away from the laptop. So VHF band III reception is quite susceptible to interference from computers.

Tags: , , ,
2011-12-28 (#) 8 years ago
@ringel some people can turn any recipe into 'uses every utensil in the kitchen'
2011-12-28 (#) 8 years ago
Radio #top2000 op DAB heeft nogsteeds de top2000 van 2010. Maar radio2 op DAB doet het prima!
2011-12-27 (#) 8 years ago
I answer an e-mail from someone with an @bellsouth.net address, and I get the error message:
<<< 550-aa.bb.cc.dd blocked by ldap:ou=rblmx,dc=att,dc=net
<<< 550 Error - Blocked for abuse. See http://att.net/blocks
554 5.0.0 Service unavailable
But http://att.net/blocks is useless in finding out why att.net would think my IPv4 address is a spam source. The available options seem to be I am the responsible admin for this system and I did (x and y) to stop the well-known spamflood or I am an end-user and I will wait nicely for the admins to sort this out.

The second option does give an e-mail message after a while which is not very informational:
We are writing to let you know that we are blocking messages addressed to one of our customers at the domain bellsouth.net by one of your customers at domain kzdoos.xs4all.nl. The stream of messages coming from your system appears to consist mostly of unwanted commercial e-mail (UCE, or "spam"). To protect our system a nd to ensure that it operates well for all of our customers, we have decided to block all messages originating from your system.

Please consult your logs to see what might be causing this situation and how it can be fixed. Then visit http://rbl.att.net/block_inquiry.html to request a remo val of the block. Most requests for removal are honored within two days.

The specific error message received by your customer was: 550-aa.bb.cc.dd blocked by ldap:ou=rblmx,dc=att,dc=net

Thank you for your assistance in helping our respective customers communicate.
All I see in the logs with att.net / bellsouth.net is incoming spam.

So I will request a delisting with as reason 'no OUTGOING spam found in the logs'.

Tags: , ,
2011-12-24 (#) 8 years ago
With DVB based television it is quite possible to temporarily add a service, given available bandwidth within the transport streams. Service BNN 101.TV is at the moment temporarily available in Digitenne as part of the Serious Request event. The capacity was used earlier for RTV Drenthe after the collapse of the transmitter tower at Hoogersmilde.

3FM Serious Request gratis voor KPN klanten op zender 101TV - KPN news stream (Dutch). The detail missed in this press release is that 101TV on DVB-T (Digitenne) is free-to-air.

Logo Cultura24 via DVB-T capture 2011-12-29 Update 2011-12-29: The next event is now happening: Top2000 editie 2011 is on Radio 2 at the moment and Digitenne now has service Cultura24 with the accompanying live view of the radio studio. So I captured the logo since it is free-to-air.

Tags: , ,
2011-12-23 (#) 8 years ago
RT @twitjeb: If I ever need a secure source of entropy again I'm basing it on airline fares.
2011-12-21 (#) 8 years ago
@bitsoffreedom "Geëncrypteerde" ? schrijf dan gewoon "versleutelde"
2011-12-21 (#) 8 years ago
A co-worker from years ago at Cetis sent me LinkedIn invites and I decided to give LinkedIn a go. People reading this who are on LinkedIn and want to 'add me to their professional network' are very welcome!

LinkedIn profile Koos van den Hout.

Tags: , ,
2011-12-19 (#) 8 years ago
Muxx Inspector decode of 'radio top 2000' DAB ensembles worldwide pointed me to Muxx Inspector for decoding and interpreting the DAB datafiles from the Noxon DAB USB stick which shows exactly the kind of deep detail I want to know about the available DAB ensembles. Only in Windows at the moment, but I can boot the laptop into Windows from time to time if that allows me to play with the detailed information I want to get.

And I expect such a DAB USB stick for christmas so I'll be able to do my own scans and datadumps. And I could have a look into the fileformat myself so I can do my own interpretations.

And if you want to look at ensembles you can't receive at home / during your travels: a collection of dab scan files has already been set up. There I got the file used in the screenshot above, 2011-11_5C_DR-DEU_12D_NRW_12A_VRT_12B_RTBF_12C_PubliekeOmroep.dat and I really wonder what the location was of that scan as it includes both the Dutch Publieke Omroep ensemble and the RTBF ensemble. Probably somewhere between the transmitters Mierlo, the southernmost transmitter with 12C Publieke Omroep and Liège (Lüttich/Luik), the nearest transmitter with 12B RTBF.

Tags: ,
2011-12-19 (#) 8 years ago
@Wilboard ik zou niet zo de soldeerbout vasthouden...
2011-12-15 (#) 8 years ago
Tried a few DVB-T service scans today in the rainy weather and unsurprisingly rain degrades the UHF reception. Even the Digitenne Flevoland multiplex wasn't always error-free enough to show in the scan.

DVB-T service scan for 2011-12-15.

Tags: , , ,
2011-12-14 (#) 8 years ago
At work we found a set APC AP7920 switched rack PDUs. A power distribution unit with a console / telnet / ssh / web interface. But they didn't accept the DHCP offers at work, I found out from the documentation they need a vendor specific dhcp option set. Which I can disable in the configuration, after I get access via the network (the serial access requires a special cable).

DHCP in homeserver greenblatt to the rescue. Added to the configuration of ISC DHCP server:
option apc-vendor-cookie code 43 = string;
option apc-vendor-cookie 01:04:31:41:50:43;
and the unit accepts the DHCP offer and I can switch that option off in the configuration. They are nice units, especially for far away server rooms. Including the option to delay power-on of each outlet to avoid high power surges and dependency problems.

Update 2012-01-01: Later I noticed a PC booting via PXE using the heavy duty boot environment was confused by the apc option being set for all devices. Better solution for the above:
option apc-vendor-cookie code 43 = string;

if substring (option vendor-class-identifier, 0, 3) = "APC" {
	option apc-vendor-cookie 01:04:31:41:50:43;
}

Tags: , ,
2011-12-14 (#) 8 years ago
After starting with using rdnssd to use IPv6 resolvers on my laptop I sometimes note the following in the logs on the server:
Dec 14 17:55:24 greenblatt named[16213]: client fe80::21f:e1ff:fe45:2894%5#35985: query (cache) 'local/SOA/IN' denied
I guess my laptop uses link-local IPv6 addresses for the first few dns queries. Strange, because it only knows the address of the resolver because it has received a router announcement. The most logical explanation is that the system is still trying to detect duplicate addresses before actually assigning the global IP, but DNS traffic is already going out because some script in my browser is very anxious to fetch updates. Anyway, configuring the resolver to see fe80::/10 as a local network which is allowed to do queries does not help.

Tags: , ,
2011-12-14 (#) 8 years ago
Amusing or a serious attack? IPv4 address 70.38.12.106 triggered the fail2ban thresholds with ssh attempts on both koos.idefix.net and abaris.idefix.net within minutes of each other, machines with quite different IPv4 addresses. Listings for this IPv4 address like DroneBL lookup for 70.38.12.106 make me think this system does more things like this.

Tags: ,
2011-12-14 (#) 8 years ago
@dubnieuws "Femke Halsema wordt twitterprof" ik dacht even dat ik @despeld las
2011-12-12 (#) 8 years ago
@pndc .. if you're allowed to fastforward through them at all
2011-12-12 (#) 8 years ago
Reader's Digest is met de tijd meegegaan: ze stoppen nu ook e-mail boxen vol met ongewenste rommel. En zijn niet te beroerd om te liegen over de herkomst van het e-mail adres:
U ontvangt deze email van Reader's Digest i.s.m. E2Ma op koos .. xs4all.nl, omdat u
zich bij Reader's Digest heeft ingeschreven.
Dat heb ik niet, iemand heeft dat e-mail adres ingevuld ergens bij Reader's Digest (of bij een ander bedrijf wat een bestand heeft verkocht aan Reader's Digest) en nu krijg ik als eigenaar van dat adres de spam van Reader's Digest omdat ze nooit gecontroleerd hebben of dat adres wel geldig is en spam van Reader's Digest wil ontvangen.

Zou ik nu vaak genoeg Reader's Digest genoemd hebben om een relevant zoekresultaat opgeleverd te hebben?

Update 2011-12-21: En het 'uitschrijven uit de verzendlijst' heeft niet geholpen, ik krijg weer spam van ze.

Update 2012-01-20: Stug volhouden: nogsteeds spam. Stug volhouden met spamklachten sturen, dus.

Tags: , ,
2011-12-12 (#) 8 years ago
Google may be very careful with making their services available via IPv6, but internally they are going further already: Usenix: Google deploys IPv6 for internal network - ITWorld.
Google has learned that an IPv6 migration involves more than just updating the software and hardware. It also requires buy-in from management and staff, particularly administrators who already are juggling too many tasks. And, for early adopters, it requires a lot of work with vendors to get them to fix buggy and still-unfinished code.
The migration to IPv6 is not an L3 problem. It is more of an L7-9 problem: resources, vendor relation-ship/management, and organizational buy-in.
Paper: Deploying IPv6 in the Google Enterprise Network. Lessons learned. Haythum Babiker, Irena Nikolova, Kiran Kumar Chittimaneni.

The paper notes that a big problem with "IPv6 support" in networking devices means "support in software" which will cause CPU load at real usage. Some interesting bugs in IPv6 implementations were also showing, such as router announcement packets leaking from one wireless VLAN to the other. My best guess: a not-too-brilliant implementation of multicast.

Google also received the big vendor IPv6 lie:
When trying to talk to the ven-dors they were always saying - if there is a demand for IPv6 support at all, we’ve never heard it before.
That is what they tell every client with questions about IPv6.

Found via Google Deploys IPv6 For Internal Network - Slashdot.

Tags: ,
2011-12-09 (Showing that being Weird Al is not just fun and games, it is actual hard work! Great timelapse, and ...) 8 years ago
Google+Koos van den Hout : Showing that being Weird Al is not just fun and games, it is actual hard work!
Great timelapse, and the music is an added bonus.
2011-12-09 (#) 8 years ago
Another weird thing recorded on the SIP honeypot: Something which to me sounds like a recording of a voice artist (or 'golden voice'). It was an attempt to use the server from a Palestinian IP to reach +1-404-260-5390, a US phone number for a conferencing system. The recording is attached: note that the audio is very choppy, probably due to packet-loss between the originator in Palestina and my server.
Listen to audio attachment:
MP3 media: Wrong number incoming golden voice (rightclick, select save-as to download)

Tags: , , ,
2011-12-08 (#) 8 years ago
@Fenrir als je het lagedrukgebied van bovenaf wilt zien: http://t.co/MjVOeDT0 en zoom in op Schotland
2011-12-07 (#) 8 years ago
I haven't had to fight this behaviour yet, but I'm glad somebody did the searching and ranting already: Fear and Loathing in Debian/Ubuntu (or: who needs /etc/motd) on a blog appropriately named 'Blindly Accept the Defaults'.

Via @fanf: Who looked at /etc/motd on ubuntu and thought, HEY, I KNOW WHAT THIS NEEDS – SHELL SCRIPTS!?

Tags: , ,
2011-12-07 (#) 8 years ago
@XS4ALL_storing eerste glasvezelstoringsmelding? (dus het product is volwassen!)
2011-12-07 (#) 8 years ago
It took a bit of searching but it is possible to send the Magic SysRq key for Linux kernels over an AdderView CatX IP kvm server. It took a bit of searching in the manual but I found the right way: send the keycodes Alt+Printscreen+s, Alt+Printscreen+u, Alt+Printscreen+b for sync, umount, boot.

Tags: , ,
2011-12-07 (#) 8 years ago
@Milkshake complete netwerkstoring #uu
2011-12-05 (#) 8 years ago
The following packages will be upgraded:
  unattended-upgrades

Do you want to continue [Y/n]? 
I think I see a small inconsistency here!

Tags: ,
2011-12-05 (#) 8 years ago
RT @chrisrowe: ANNOYING_DYNAMIC_HTML_SNOW.JS
2011-12-04 (#) 8 years ago
Goede antwoord staat er niet bij bij de gps vraag van de #wetenschapsquiz: zowel snelheid als zwaartekracht. http://t.co/6dvkylLB
2011-12-04 (#) 8 years ago
I just rescanned the Network Information Table of Digitenne Mux 1 to see if the strange multiplex 12 being listed for digitenne 6 months ago still shows up. It doesn't, the whole transportstream 12 is gone from the NIT. Artefacts of some test by Digitenne?

Listed transport streams:
    Transport_stream_ID: 2211 (0x08a3)
    Transport_stream_ID: 2212 (0x08a4)
    Transport_stream_ID: 2213 (0x08a5)
    Transport_stream_ID: 2214 (0x08a6)
    Transport_stream_ID: 2244 (0x08c4)
DVB-T services scan for 2011-12-04.

Tags: , ,
2011-12-04 (#) 8 years ago
Dear "you must renew your domain now! (and transfer it to us costing 7 times as much as your current registrar)" scammers: you could at least try and look at the expiry date and not ass-ume it is a year after the last modified date. This makes you look like an even bigger scammer/idiot than you already are.

In this case: domannual.com.

Tags: , ,
2011-12-01 (#) 8 years ago
In de brievenbus vandaag: "Een kado van Ziggo", een chocolade afstandsbediening. Grappig, maar geen woord uitleg erbij. Een briefje met "voor onze trouwe klanten" had het net even wat duidelijker gemaakt en volgens mij wat meer aandacht opgelevert.
Update: het was een surprise! bij het weggooien van het doosje bleek de uitleg aan de binnenkant te zitten. Je kunt een reis naar Madrid winnen.

Tags: ,


, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
RSS
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: morenews.cgi,v 1.46 2019/10/20 15:42:02 koos Exp $ in 0.037298 seconds.