News archive December 2013 - Koos van den Hout

Archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021 | 2022

2013-12-31 (#)
Nu ik bezig ben met ritchie als weerstation computer en tegelijkertijd even keek in mijn Linux Counter entry naar wat 'oude' systemen. Wat ooit een topsysteem was (500 MHz pentium III met 512 Mb geheugen) is nu oud ijzer en ongeveer dezelfde specificaties (500 MHz AMD Geode met 256 Mb geheugen) is een minimaal systeem met verminderd energiegebruik. Grappig hoe de zaken veranderen.

Tags: , , ,
2013-12-30 (#)
First attempt to reinstall the alix.1c system named ritchie as the 'shed' computer. Since I had a lousy image on a lcd monitor I chose 'flat panel' in the setup which gave me no image at all. So I had to look in the PCEngines Alix.1c manual to see which jumper resets the bios settings back to failsafe defaults.

The debian installer boots fine, detects the hardware, uses a good framebuffer driver which gives a crisp image on the lcd monitor and even finds the wireless card (atheros chipset, ath5k drivers). I decided to select 'wlan0' as network device for the rest of the install and it is working fine after typing the complete wpa2 key for our home wireless network.

The box contains a 40 Gb ex-laptop disk. Guided partitioning suggested a 500 Mb swap partition which should work fine.

At the moment there isn't a specific Geode kernel loaded, I'll see after reboot whether one is available or has to be built. If I need to built stuff I will do the compiling on a different system with more cpu.

Update: The installation did not save the wireless config so I had to set it up again. This was easy with the example in Wifi/HowToUse debian wiki. IPv6 connectivity is no problem at all so I can now log in via ssh and do the rest remote.

Tags: , ,
2013-12-30 The wonderful world of week number standards
The wonderful thing about standards:
$ date "+%u %w %U %V %W"
1 1 52 01 52
And the explanations:

%u day of week (1..7); 1 is Monday

%w day of week (0..6); 0 is Sunday

%U week number of year, with Sunday as first day of week (00..53)

%V ISO week number, with Monday as first day of week (01..53)

%W week number of year, with Monday as first day of week (00..53)

And it's easy to find days with 3 different week numbers:
31 dec 1990 is 52 01 53
03 jan 1993 is 01 53 00
02 jan 1994 is 01 52 00
01 jan 1995 is 01 52 00
30 dec 1996 is 52 01 53
31 dec 1996 is 52 01 53
03 jan 1999 is 01 53 00
02 jan 2000 is 01 52 00
02 jan 2005 is 01 53 00
01 jan 2006 is 01 52 00
31 dec 2007 is 52 01 53
03 jan 2010 is 01 53 00
02 jan 2011 is 01 52 00
01 jan 2012 is 01 52 00
03 jan 2016 is 01 53 00
01 jan 2017 is 01 52 00
31 dec 2018 is 52 01 53
03 jan 2021 is 01 53 00
02 jan 2022 is 01 52 00
01 jan 2023 is 01 52 00
30 dec 2024 is 52 01 53
31 dec 2024 is 52 01 53
03 jan 2027 is 01 53 00
02 jan 2028 is 01 52 00
31 dec 2029 is 52 01 53
Calendering software, including the one from a software developer quite known for not following standards has converged on the ISO week number.

Tags: , ,
2013-12-28 A contact between the International Space Station and a Dutch scouting group
Today I listened to an amateur radio on the International Space Station (ARISS) contact: Saturday 28 December, ARISS contact planned with Scout group in The Netherlands. This time I listened in the backyard at home, which is a lot more enclosed by other buildings than the location I used on the previous pass, the roof of a 4-floor building at work.

Reasonable reception started in the answer to the 7th question and dropped away in the answer to the 14th question.

Good to hear scouting and ham-radio being used in such a way!

Tags: , ,
2013-12-27 (Nice work on upgrading an amateur radio repeater)
Google+Koos van den Hout : Nice work on upgrading an amateur radio repeater´╗┐
2013-12-27 (#)
When I get around to wardriving lately I use the wigle app for android, so I decided to repurpose the wardrive box as shednet computer. This will also mean I can stop using PLC network to link the shed computer to the rest of the network, replacing it with wifi. Using PLC offends the radio amateur in me and people at the radio club now ask me whether I dumped it already. So, time for different hardware which as a plus will also use less power.

I already built in a laptop harddisk in the wardrive box and removed the compact flash holding the wardriving box image (I'll save it so I can restart using the wardriving box if needed). The alix 1c can work nicely with an IDE laptop harddisk.
2.5 inch laptop harddisk in ritchie
The laptop harddisk built into the ritchie mini-itx case

The installation will probably be done with a recent debian jessie distribution.

Plans for the new shednet computer include an ntp server, but since the current gps unit (gpskit) seems to fail after running for a few days in the test setup that may have to wait.

Tags: , , , ,
2013-12-26 (I would call this misleading advertising: "upgrade". Screenshot from an application with built-in ads...)
Google+Koos van den Hout : I would call this misleading advertising: "upgrade". Screenshot from an application with built-in ads.
2013-12-24 (#)
Modelled after the ntp server statistics at I created years ago I recently started gathering stats on my own. Today I had some time to spare to actually create some graphs from those ntp stats: NTP server stats.

Tags: , ,
2013-12-20 (Excellent article, part sleuth, part methodology, all around cool. "At this point, we loaded up a black...)
Google+Koos van den Hout : A bit of software radio and a good story of radio signal detective work added
2013-12-20 (#)
Tools which change the system state should work on the principle of least surprise: don't change defaults from one version to the next and whenever something goes wrong revert to a safe state.

Today I found out grub 0.97 can get in a confused state about menu.lst and it will do the sane thing when running update-grub: not update menu.lst. Good. It also did not warn about this state, so no new kernels were added to the list, leading to confusion.

As a workaround I renamed menu.lst, ran update-grub again which gave me a warning the file was missing and it would be recreated. I looked at the differences in default options afterward and applied them. All the installed kernels were back in the list and things were back to normal so I could fix the next problem.

Tags: ,
2013-12-18 (#)
Using SSL should secure your services, but it needs to be configured correctly to avoid several attacks and keep the chances low that third parties can decrypt the traffic. With the SSL Server test from Qualys SSL Labs you can check the intimate details of your https SSL configuration.

And when you wonder what to use to improve your score when using Apache mod_ssl, here is a configuration snippet shared by the right people at Tilburg University:
SSLEngine on
SSLProtocol all -SSLv2
# advies Wessel Dankers kub
SSLHonorCipherOrder on

Tags: , , ,
2013-12-18 (#)
Recently I had a security incident where a site was flagged as hosting malware but it took quite some searching to find the actual source of the problem. Access with a windows webbrowser with Avast security gave a big fat security alert mentioning 'js-hideme-h trj'.

I couldn't find the offending code until I checked the site with Sucuri SiteCheck website security scanner which found:
Known javascript malware.
t='';}}x[l-a]=z;}document.write('<'+x[0]+' '+x[4]+'>.'+x[2]+'{'+x[1]+'}</'+x[0]+'>');}dnnViewState(); 
This is a bit of obfuscated javascript code. Some more searching found the full code:
autson javascript
Sorry about the inline image for this code but I found out some virus scanners don't like even the text version of this javascript code. Also available: autson javascript obfuscated css. When your virusscanner stops you from accessing that javascript: look for a virusscanner that doesn't protect your browser from code which wants to mislead search-engine bots.
To run this bit of code in spidermonkey I need to change the document.write to print and test it:
koos@vm-u-04:~$ js test.js
<style undefined>.dnn{position:absolute;top:-9999px}</style>
Now that is CSS (cascading style sheet) code to hide a bit of page from the browser (outside the viewport) and this is indeed a sign of evil SEO (search engine optimization) tricks happening. There was only one link after that bit of css, and it was:
<p class="dnn">By A <a href="" title="web design company">Web Design</a></p>
Which indeed uses that CSS class dnn. A websearch for '' found me Malicious Joomla Extensions which explains the problem more clearly and shows that in a different version of the extension the code to be shown is fetched from a server which means even worse code can be included.

Be careful with your joomla (or other CMS) plugins.

Tags: , ,
2013-12-17 (#)
I looked up the details of the right configuration for ntpd to allow a reset of the packet counters without restarting ntpd for the ntp server project. Relevant part of /etc/ntp.conf:
keys /etc/ntp/ntp.keys
trustedkey 10
requestkey 10
controlkey 10
And in /etc/ntp/ntp.keys is one key 10. And it works:
ntpdc> syss
time since restart:     12
time since reset:       12
packets received:       10
packets processed:      8
current version:        8
previous version:       0
ntpdc> reset sys
Keyid: 10
MD5 Password: 
ntpdc> syss
time since restart:     19
time since reset:       3
packets received:       2
packets processed:      1
current version:        1
previous version:       0
Learned from How do I configure remote administration - ntp faq and miscellaneous commands and options - ntpd.

Tags: , ,
2013-12-17 (#)
End of an era: just shut down which was timeserver for from August 2003 to August 2006 and still saw active ntp traffic today. The complete history of timekeeping at is at Ntp events log -

Tags: ,
2013-12-17 (#)
Slowly but surely IPv4 keeps trying authenticated smtp on one server. The connection is kept open and there is 4 minutes between each attempt, probably to avoid detection. Searching for the IPv4 address gives multiple sites listing it for smtp auth attempts.

And the server doesn't need username/password based smtp authentication anyway, so I disabled all the mechanisms. In format:
define(`confAUTH_MECHANISMS', `')dnl

Tags: ,
2013-12-16 (#)
Ik vroeg me recent af wat het aanbod is in access-points voor thuis met dual-radio support, dus tegelijkertijd actief op 2.4 GHz en 5 GHz. Op de 5 GHz band is minder storing maar niet alle apparaten die wifi gebruiken ondersteunen 5 GHz. En 802.11n op 2.4 GHz doen is volgens mij asociaal omdat je dan helemaal andere netwerken in de buurt stoort.

Toevallig blijkt het agentschap telecom het met me eens te zijn: Met een combi-router ben je goed voorbereid op de Wi-Fi van de toekomst - Agentschap Telecom.

Dus liefst heb ik een access-point met dual-radio, 802.11n ondersteuning alleen op 5 GHz, WPA2 en niet te veel stroomgebruik. Het lijkt soms dat 2 access-points met verschillende settings wel eens goedkoper in aanschaf kunnen zijn dan eentje met al deze opties, alleen dan vast in stroomgebruik niet.

Tags: , , ,
2013-12-12 (Interesting review of the recent "Last man standing" episode in which hamradio played a role and a pile...)
Google+Koos van den Hout : Interesting review of the recent "Last man standing" episode in which hamradio played a role and a pile-up was created from the voices of real radio amateurs. Major digressions into the subject of whether or not to keep a tv cable subscription (in the US market).
2013-12-11 (#)
Berichtje in webwereld: Beveiliging blijft lastig, ook voor ex-DigiNotar - webwereld.

Je kunt moord en brand roepen over niet-kloppende certificaten, maar je kunt ook naar de details kijken. Gewoon een gevolg van een SSL certificaat voor maar een deel van de namen op een shared webhosting platform:
$ dig +short
$ dig +short
$ dig +short
$ dig +short
Het certificaat wat op poort 443 gepresenteerd wordt bevat alleen als 'Subject Alternative Name' waardes,

Als de beheerder van die server creatief is zet zij/hij nu even een pagina neer voor _default_:443 dat je geen spijkers op laag water moet zoeken.

En de reden dat ik dit niet intik op het reactieformulier bij webwereld: de logins werken niet. Misschien omdat ik third-party cookies blokkeer.

Tags: ,
2013-12-11 (Too funny to skip: the five word tech horrors. The preview of this url catches the best one I saw sofar...)
Google+Koos van den Hout : Too funny to skip: the five word tech horrors. The preview of this url catches the best one I saw sofar exactly.
More five word tech horror stories right now via

2013-12-10 (#)
Conrad maakt in z'n laatste mailing reclame voor een Conrad POF thuisnetwerkkabel starterkit. Alleen ik kan nergens terugvinden hoe snel data over plastic optic fiber (POF) kan. Ik dacht uit het verleden dat dit beperkt was tot 100 megabit maar misschien is er een nieuwe standaard die wel tot gigabit gaat.

Plastic optic fiber kan een goeie aanpak zijn om in huis langere afstanden te overbruggen zonder terug te vallen op ethernet over stroomnet. In de voordelen van plastic optic fiber noemt Conrad ook Geen afstraling (elektrosmog). Ik zou 'geen radiostoring' een betere omschrijving vinden, maar dit spreekt natuurlijk meer aan.

Tags: , ,
2013-12-06 (#)
En twee maanden na het proberen van de spam af te komen van vw bedrijfswagens komt er een enquete hoe tevreden ik was over het contact met de klantenservice toen. Een makkelijk antwoord: Zeer ontevreden, afhandeling duurde veel te lang! En hoe waarschijnlijk het is dat ik vw bedrijfswagens zou aanraden aan een ander. Zeer onwaarschijnlijk dus.

Tags: , ,
2013-12-03 (Interesting piece about amateur radio, ham spirit, DXing, history of amateur radio. From morse key and...)
Google+Koos van den Hout : Interesting piece about amateur radio, ham spirit, DXing, history of amateur radio. From morse key and big dials to PCs and sdr. German television (Bayerischen Rundfunk).
Balanced, very good production. It is in the german language!
2013-12-02 (#)
It seems pump-and-dump spam is back. Penny stock being abused by some criminal to make a big profit from the people who actually believe the 'advice' in the spam e-mail. This time it's about 'registered express corporation'. Notable to me is that the latest round says the trading symbol is 'R_G-T_X'. When I search for that exact term I find wordpress blogs which are either automatically fed from spam e-mails or posted to by the scammers.

And Dynamoo has the right details: Registered Express Corporation (RGTX) pump and dump spam - Dynamoo's Blog.

Update 2013-12-04 It gets funny when the 'dump' part isn't working as hoped and the spam returns a few times. Seeing it again today. But even with several spam runs the rates of earlier days aren't met meaning the spammers are losing money.

Tags: , ,
2013-12-01 (#)
Na de stevige stroomstoring ruim een week geleden ging de UPS ineens piepen dat de accu vervangen moest worden. Zes dagen later midden in de nacht. Het bleek toen ook dat bij die stroomstoring de UPS helemaal niet goed gefunctioneerd had. Het gepiep dat het tijd is voor een nieuwe accu kan niet uitgezet worden, dus ik de UPS er vlot tussenuit gehaald en uitgeschakeld. Tijd voor een nieuwe accu, waarbij voor een APC Back-UPS CS 350 de keuze is tussen 'APC' en 'aftermarket'. Het prijsverschil is dusdanig dat ik toch maar voor 'aftermarket' gekozen heb. Daarna was het nog even zoeken hoe ik de 'battery date' van de UPS reset. Dat blijkt prima te kunnen met apctest die gewoon een menu optie heeft om de batterij datum in te stellen. Daarna de UPS er weer tussen, en alles draait weer en heeft in theorie bij stroomstoring 30 minuten op accu.

Tags: ,

IPv6 check

Running test...
, reachable as PGP encrypted e-mail preferred. PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers

Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: morenews.cgi,v 1.53 2022/02/15 21:48:18 koos Exp $ in 0.038726 seconds.