News archive 2016 - Koos van den Hout

Last afternoon I hung up the endfed antenna outside to make some contacts on different radio bands. This morning I noticed it was all covered in frost due to a night with temperatures below freezing and with lots of mist.

So I took the camera for some pictures of the frost on different parts of the antenna, gathered at flickr: img_3365 | Coil in endfed antenna with ice growth | Koos van den Hout | Flickr.

After I took a set of pictures I started transmitting PSK31 on the 20 meter bands at 50 watts power. And my antenna theory tells me that the part of the antenna radiating the best is where the most current of the standing wave happens which is right after the transformer in an endfed antenna.

Which I got confirmed: img_3380 | Endfed antenna with ice growth on transformer | Koos van den Hout | Flickr was taken before I transmitted and img_3378 | Result of using the enfed antenna: ice vaporized | Koos van den Hout | Flickr after. The ice is gone on the first part.

With HF conditions being bad I chose the JT65 mode in the hope of having a chance of making a contact. None happened, and the noise patterns in the waterfall display make it very clear how much local noise there is and how the local noise sources change frequencies and power.

Transmissions take 50 seconds in JT65 and start right at the beginning of the minute, at each yellow horizontal line in the waterfall display. The only valid JT65 signal is in the top right corner right of the '1400' marker.

I wanted to project a videofile with a black screen before and after, with no visible controls on the screen where the video plays, with manual control of when the video starts and with the video starting on the second monitor.

The 'why' is simple: I want to use a videoprojector which has no option to turn the screen black itself and I want the smoothest videoplay possible with no visible controls.

The how was a bit more work, but vlc has enough command line options. I could not find a guess online so I did an estimated count myself:

$ vlc -H --advanced | grep -ce '--'
VLC media player 2.2.2 Weatherwax (revision 2.2.2-0-g6259d80)
1525

This shows 1525 commandline options. So I had to find the right options. Not too much of a problem either:

vlc --image-duration -1 --no-qt-fs-controller --qt-fullscreen-screennumber 1 --no-video-title-show --qt-notification 0 -f --disable-screensaver Downloads/black.png Downloads/VID_20161210_104822.mp4 Downloads/black.png

This lets me use the vlc controls in the systray, starts playing fullscreen on the right screen, plays the static black image until I select 'next', leaves out all the indicators and ends with the other static black image.

The only thing left is the fact that the audio has to select the right audio device too. It turns out vlc plays audio via the alsa emulation in pulseaudio, and I need to change that preference via the pavucontrol program.

This weekend I had some time to 'play radio' and used the LW-10 longwire antenna for 6 to 40 meters because I wanted to try the 30 meter band. But there was no activity on the 30 meter band in PSK modes. So I tried other PSK31 frequencies as programmed in fldigi and ended up at 18.100 MHz and had a few contacts with Greece, Russia and Spain.

The 17 meter band is from 18.068 MHz to 18.168 MHz and one of the WARC bands, named after the World Administrative Radio Conference in 1979 which allocated small parts of the spectrum in 10 MHz (30 meter), 18 MHz (17 meter) and 24 MHz (12 meter) to radio amateurs. Partly on a secondary basis (10 MHz), partly as primary user (18 MHz and 24 MHz).

Currently over half of the incoming TCP SYN packets logged and dropped in my firewall are for port 23 or port 2323. According to on-line sources this is all related to the Mirai botnet and copycats of that botnet.

Vandaag was weer een NL-Alert controlebericht en als ik zo de geschiedenis inkijk van ontvangen infoberichten op mijn telefoontoestel denk ik dat het voorlopig niet verstandig is het 'ouderwetse' luchtalarm uit te schakelen.

Ik heb een dual-sim telefoon, die op de netwerken van Vodafone en T-mobile zit. Dus in theorie krijg ik 2 keer per jaar 2 berichten.

Uit de huidige geschiedenis:

• 2015-12-07 12:00: om 12:01 ontvangen via t-mobile
• 2016-06-06 12:00: niets ontvangen
• 2016-12-05 12:00: om 12:03 ontvangen via vodafone

Op 2016-06-27 was er een echte reden tot nl-alert, en die heb ik via vodafone ontvangen.

Homebrewed QYT KT-8900 programming cable

I finished the homebrewed QYT KT-8900 programming cable by using tiewraps to clamp the two pieces of cable together and using heatshring tube to cover the wires and pack it all together.

More about Creating the homebrewed QYT KT-8900 programming cable and instructions for building a 3-pin programming cable for QYT/BTech/others and the KT-8900 FAQ at Mikklor.com.

QYT KT-8900 radio with homebrewed interface cable, CC-BY-SA

I bought a cheap 2m/70cm mobile/base radio, a QYT KT-8900 which has the special feature of being very small but still able of putting out 25 Watt on the 2 meter VHF band and 20 Watt on the 70 centimeter UHF band.

The display looks a lot like my Wouxun KG-UVD1P, complete with battery status indicator which is not much use when the radio has a constant 13.8V feed. The menus are quite similar, so this is probably not a coincidence.

I bought it via aliexpress and it got shipped at a reasonable speed to my house. In the original listing was mention of a programming cable, but it showed up without one. I asked the seller about this and directly a baofeng programming cable was shipped to me.

But, the QYT KT-8900 has a different programming interface, just a 3.5 millimeter plug with ground, rx and tx data. So I found a very good resource for chinese radios which has the answers: 3 PIN Programming Cable for a BTech, QYT, etc Mobile which has the right pinout. I just cut the Baofeng cable to get at the gnd, rx and tx wires.

Next I had to wait for a cable with the right 3.5mm connector to show up. The connector in the back is sunk into the case and the 3.5mm connectors I had in the junkbox did not fit. But a broken PC speaker set wanted to donate a cable with 3.5mm connectors that were slim enough. Next trying the result with chirp radio programming software under Linux. And suddenly I could copy a list of channels I had and upload it to the radio in 5 minutes, which is a lot faster than manual programming where getting more than one channel programmed in correctly under 5 minutes is hard, see for example Programming Repeaters into the QYT KT8900 Mini Dual Band Mobile Radio Review - AF5DN - Youtube.

At the moment the cable looks very experimental. Now it has been tested I will use tiewraps and heatshrink tube to make it sturdier and make it look a lot better.

As a radio it's ok, but not ideal. I was testing with meetnetwerk baretta - hobbyscoop and the antenna on the roof for 2 meter and 70 centimeter and noticed I had pulsing audio of the output frequency of PI2NOS on the Baretta frequency. Pulsing audio is a known problem in this radio, see KT8900 FAQ at miklor.com but I have no channels with receive CTCSS.

Recently getting some new contacts on amateur radio has been very difficult. And news articles like Sunspot cycle plunges to lowest level in 5 years - Southgate arc which points at source Sunspot cycle at lowest level in 5 years - spaceweather.com tell us things aren't going to improve soon.

But sometimes interesting radio contacts are possible. Last Friday I complained somewhere about propagation being down and the next morning I saw a reply that propagation had improved after 23:00, by which time I was asleep. Yesterday evening I had some time to try the radio after 21:30 and I first added Albania to the list of countries I contacted with a PSK31 contact on 40 meters with ZA5G and later I even had a voice contact with RA3QK who gave me an S5 report.

I kept scanning around the band and heard pileups for some popular stations from the Brazil and the US, who never heard my answer. And later I heard an active net on 7178 kHz with a number of US and Canada stations active. I tried breaking in but they also could not decode my callsign. One of the active members in that net was WA3RSL whose qrz page clearly shows he is a big 40 meter fan and has the space for huge antennas.

Frisian flag, wikimedia commons, CC-BY-SA

Vandaag heb ik geprobeerd mee te doen aan de Friese elfstedencontest 2016 (waarschuwing: pagina met comic sans) en heb in totaal nul (0) contacten gemaakt in die contest. Ik had de hele opstelling al zaterdag gereed gemaakt: endfed antenne naar buiten, headset interface aan de radio, separator kit aan de radio. En ik had tijd gestoken in aanpassingen aan yfktest zodat het het logging formaat voor deze contest snapte.

Deze contest is tussen 11:00 en 14:00 lokale tijd, en ik kon pas later beginnen door andere afspraken. En als ik zo de berichten lees bij Friese 11 steden contest 2016 - zendamateur.com was de meeste kans om nog ergens contact mee te maken in het eerste uur.

Ik heb een roepend station gevonden dankzij de dx-cluster, maar ook die hoorde mijn antwoorden niet.

De ernstig tegenwerkende factor was de slechte NVIS propagatie (radiosignalen wilden niet tegen de ionosfeer recht naar beneden reflecteren). Volgende keer beter natuurlijk, volgens berichtgeving zijn we bij het dieptepunt van de zonnevlekkencyclus en kan het met een paar jaar dus weer beter worden.

An interesting scam mail received in several of my inboxes:

To: abuse@...
Subject: you've been scammed

Your email abuse@... has been hacked and spam is sent to all your contacts!
If you don't have a lawyer, you may contact me at mark.silberman78@gmail.com

Best Regards,
Mark

I guess 'Mark' bought the cheapest available list of spammable addresses and is now trying to profit from the people spammed.

The other variation is with

Subject: You are hacked!

But with everything else exactly the same.

Update: I am getting some responses to this post, other people are seeing this spam too. I guess I was just the first one to write a post about it, since I usually like to link to posts showing I am not the only one. Hello visitors puzzling about this spam!

Update II: It's not just me! Also noted at You are hacked or scammed - hoax.co

In onze keuken hadden we 5 spotjes met halogeen lampjes achter een dimmer om zo op het werkblad goed licht te hebben. Toen kort na elkaar 2 van die lampjes stukgingen was de conclusie dat er binnenkort wel meer stuk zouden gaan en dat dit een mooi moment was om aan LED lampen te beginnen.

Ondertussen zijn er dimbare LED lampen die ook halogeen spotjes kunnen vervangen. Alleen was de gedachte in mijn achterhoofd natuurlijk of ze dat ook kunnen zonder radiostoring op te leveren.

In de Electron, het verenigingsblad van de Veron heeft recent een stukje gestaan van een radio amateur die na eerdere storingen geen storing meer had na het vervangen van goedkope LED lampen door Philips LED lampen. Ik heb het er dus op gewaagd en 5 philips LED lampen gekocht, type LED Spot 8718696483824 van Philips, GU10 fitting, 4W (vervangt 35W) dimbaar, warm wit.

Het licht is inderdaad serieus anders dan van halogeen lampen, dus ze alle 5 tegelijk vervangen was een goed idee. En de storing is minimaal, pas als ik heel dichtbij kom met een kortegolfontvanger krijg ik een storing binnen die net zo goed via de electriciteitsdraden kan komen.

I have two Raspberry Pi's running in the house, currently with IPv4 still enabled on them. They both run Raspbian 8.0. I was wondering whether I can disable IPv4 on the Raspberry Pi, but a google search does not yield very helpful answers, most of the search terms I try still find pages about disabling IPv6. I want to disable the legacy IP protocol.

Only one way to find out: go for it. Now rebooting one with the statement ipv6only in /etc/dhcpcd.conf.

First thing I noticed was that the searchdomain was not set in /etc/resolv.conf which was indeed only available via the DHCP process for IPv4. So now radvd advertises the search domain via the DNSSL option in /etc/radvd.conf:

   RDNSS 2001:980:14ca:42::18 {
   };
   DNSSL idefix.net {
   };

The first results are:

• It turned out the ntp config on the raspberry had one IPv6-only and one IPv4-only server. Added a dual-stack server.
• And ndpmon really does not like the DNSSL option, even when I add it in the config_ndpmon.xml file as

                    <dnssl>
                      <domain lifetime="600">idefix.net</domain>
                    </dnssl>
  

  Fixed by changing it to

                    <dnssl>
                      <domain lifetime="600">^Fidefix^Cnet</domain>
                    </dnssl>
  

  yes, with literal ctrl-F and ctrl-C characters, showing that there is some error in the parsing somewhere.
• rwhod is IPv4-only so the status is not visible in my network anymore. A workaround for that is not disabling IPv4 completely but just removing the default route, not using ipv6only in /etc/dhcpcd.conf but using the option nooption routers.

So the first few tries of a backup to a remote webdav filesystem using amanda have been done.

The result is that the davfs2 filesystem driver is very I/O intensive when writing to the local cache. The fact that amanda creates 2 gigabyte files (actually compressed tar archives) also makes the caching of davfs2 use quite a high amount of diskspace. Eventually things get flushed to the remote filesystem and this fills the uplink completely. During this I/O intensive period certain things are very slow, for example the df command. The running webserver is still fast enough.

It's easy to calculate that it takes a while at 20 megabit to upload a few gigabytes, but it seems clear that this needs a bit more work before I can replace the tape backups. There is also the interesting chicken and egg problem of how to restore from scratch.

En dit keer wel DAB multiplexen ontvangen die eigenlijk te ver weg zijn, zoals MTVNL Noord-Limburg/Noord-Brabant op 9C. Die is zelfs bijna storingsvrij, multiplexen op 6B en 7A worden wel gezien in de scan maar geven geen geluid wegens teveel fouten.

NPO is voor de hoofddiensten (Radio 1 en andere diensten die ook via de FM beschikbaar zijn) overgegaan op betere foutcorrectie (EEP 3-A in plaats van eerder EEP 3-B). Dit was een enorme klacht bij de overgang van de NPO multiplex van DAB op DAB+ in 2013, de foutcorrectie bij de NPO werd minder wat ontvangst aan de rand van de dekkingsgebieden moeilijker maakte.

So I now have some cloudstorage space available also via webdav and I am working on using this for backups. The main idea is to have a daily backup to the cloud service and do the tape backups less often.

I still want incremental backups so I can go back to specific older versions of files. So I want to use amanda for backups. I installed the davfs2 package to be able to mount the webdav filesystem and access it from Linux. The first few clues come from Set Up Virtual Tapes - Amanda Howto but I had to switch to the chg-multi driver as described in Backup to Virtual Tapes on a non-UNIX Filesystem - Amanda Howto because the webdav filesystem does not support symlinks.

I/O performance during the backup isn't ideal and the vdsl uplink is completely full during the filetransfer. Maybe I need to slow down the backup process a bit and ratelimit the webdav transfer.

Just read Internet Architecture Board Statement on IPv6 with:

The IAB expects that the IETF will stop requiring IPv4 compatibility in new or extended protocols. Future IETF protocol work will then optimize for and depend on IPv6.

Preparation for this transition requires ensuring that many different environments are capable of operating completely on IPv6 without being dependent on IPv4 [see RFC 6540]. We recommend that all networking standards assume the use of IPv6, and be written so they do not require IPv4. We recommend that existing standards be reviewed to ensure they will work with IPv6, and use IPv6 examples. Backward connectivity to IPv4, via dual-stack or a transition technology, will be needed for some time.

Recently I noticed one source of radio interference on 40 meter was the lighting in our bathroom. There are two sets of lights in the bathroom, one with a switch which causes heavy interference and one with a dimmer.

The lights in the bathroom are all 12volt based and the transformers are in a weird corner above the bathroom, but accessible for me. So I found out the "osram halotronic htm 70" electronic transformers (the specs read like switching power supplies) are quite audible on the 40 meter band. The other two a lot less than the switched one. Time to complain to Osram and/or replace them. The Osram Halotronic HTM 70 specifications at Osram say the maximum length of the wire after the transformer is 2 meters to keep RF interference below acceptible levels, I am not completely sure the complete wires until the lamps are shorter than that, so it may also be an installation fault.

Searching for "osram halotronic htm 70 interference" finds this interesting bit: Installation LED Leuchten in Spanndecke with:

Aber auch wenn "nur" der Meßwagen der Bundesnetzagentur vorbeikommt und Deine Konstruktion kostenpflichtig stillegt, kommt wenig Freude auf.

The German Bundesnetzagentur is a lot stricter in finding and stopping interference to amateur bands.

I am currently working on a new version of one of the sites I manage in perl, rewriting it from php. I noticed loading times were slower and gave mod_perl a try.

The basic configuration of mod_perl is quite simple. This did not give me the big advantage in web server speed, that came when I added:

PerlModule Apache::DBI

to the apache2 config. The Apache::DBI module caches database connections for supported drivers, this speeds up database-dependent scripts. The module comes from the ubuntu package libapache-dbi-perl and Apache will throw really bad errors at you when the module you want to load is not available.

This is now enabled for my homepage site too. The processing times of the pages don't change much, but the startup of the perl interpreter, modules and scripts is much faster so the waiting time is a lot less.

Ik ontdekte dat de gasmeter niet meer uitgelezen werd in de scripts die de slimme meter bulletins verwerken. Bij het napluizen van de Dutch smart meter standard v4.0 P1 protocol bleek dat het bericht met de gasmeterstand (0-1:24.2.1) bij de 'Capture Time' een timestamp heeft met S voor summertime en W voor wintertime.

Het script is nu aangepast om dit goed te verwerken en nu zie ik weer het gasgebruik.

I noted some weirdness:

tcp        0      0 xx.xx.xx.xx:http    141.138.130.37:http     SYN_RECV   

Variation on earlier Don't try to use my system to attack another. I viewed the traffic with p0f and noticed there isn't variation in the sources now:

95.131.186.32:80 - UNKNOWN [8192:59:1:40:.:.:?:?]
  -> xx.xx.xx.xx:80 (link: unspecified)
95.131.186.32:80 - UNKNOWN [8192:59:1:40:.:.:?:?]
  -> xx.xx.xx.xx:80 (link: unspecified)
141.138.130.37:80 - UNKNOWN [8192:51:1:40:.:.:?:?]
  -> xx.xx.xx.xx:80 (link: unspecified)
141.138.130.37:80 - UNKNOWN [8192:39:1:40:.:.:?:?]
  -> xx.xx.xx.xx:80 (link: unspecified)
141.138.130.37:80 - UNKNOWN [8192:39:1:40:.:.:?:?]
  -> xx.xx.xx.xx:80 (link: unspecified)
95.131.186.32:80 - UNKNOWN [8192:67:1:40:.:.:?:?]
  -> xx.xx.xx.xx:80 (link: unspecified)
95.131.186.32:80 - UNKNOWN [8192:43:1:40:.:.:?:?]
  -> xx.xx.xx.xx:80 (link: unspecified)

All trying to make my system take part in an attack on 141.138.130.37 and 95.131.186.32, both part of "William Hill Organization" on Gibraltar.

The rules saying that I want to limit the amount of outgoing tcp syn/ack packets to one IP are working. Of course the real source of the attack is some network that does not implement BCP38 source address filtering.

Diamond X-30N antenna mounted on painters pole in the window of our dormer, CC-BY-SA

I have the idea to put up an antenna for the 2 meter and 70 centimeter amateur bands on the dormer on our house and camouflage it as best as possible. With this idea in mind I could not resist the offer of a secondhand Diamond X-30N antenna for a very reasonable price. I know there are antennas with a lot better gain but I also wanted to minimize the visual impact. I had the time to test the antenna and used the painters pole I used earlier in TV DX experiments, receiving DVB-T television from 167 kilometres away.

On the painters pole out the window the antenna is even higher than the PA0FBK j-pole antenna, which made me try an experiment: participate in the Zondag Avond Roep Ronde (ZARR) radio amateur net which is operated from Maren-Kessel (near Den Bosch) which is a considerable distance on 2 meter. Earlier I was unable to hear the CQ calls for that net on my own radio while hearing them via a nearby 2 meter SDR (mounted at serious higher elevation than my antenna).

But this time I heard the call when the directional antenna of the net manager was pointed in my general direction and he heard my answer, so I had a nice contact on 2 meter FM.

This position of the antenna is quite temporary and I brought it back in after my participation in the amateur radio net. But this makes a better place for the antenna on the roof of the dormer and some camouflage to make it less visible a good idea.

Today I rebooted the homeserver greenblatt for kernel updates and noticed PPPoE over VDSL did not come up at all.

It turns out allow-hotplug in /etc/network/interfaces which I added after the previous boot to speed up boottime a bit means something else has to trigger the 'ifup' of the interface. So now there is a ifup pppdray & in /etc/rc.local.

Interesting datapoint is that all IPv6 bindings came up perfectly so I guess that IPv6 bug is triggered by some race condition in configurations of interfaces.

I was testing something on my own webserver and noticed the loading time of the page was over 10 seconds. Browsing the log showed me the hostname of the client was logged which was not what I wanted, and the IPv4 address I had at that moment was slow to resolve. It turned out this was caused because the part I was visiting has an authentication check, which looked like:

    <Location />
        Order deny,allow
        Deny from all
        Allow from localhost
        AuthName "Restricted access"
        AuthType basic
        AuthUserFile /...
        AuthGroupFile /dev/null
        Require valid-user
        Satisfy Any
    </Location>

Using the name 'localhost' triggered the resolver. A big speedup was caused by changing to:

    <Location />
        Order deny,allow
        Deny from all
        Allow from 127.0.0.1
        AuthName "Restricted access"
        AuthType basic
        AuthUserFile /...
        AuthGroupFile /dev/null
        Require valid-user
        Satisfy Any
    </Location>

Which let me concentrate on other methods to speed up the site.

Lots of reporting on the recent DDoS attack on Dyn infrastructure tells that (part of) the attack came from insecure "Internet of Things" (IoT) devices.

Lots of devices with some 'Internet' network capabilities are being produced, and the new owners of those devices have little interest in patching them being only a reasonable small part of the DDoS attacks and the makers have little interest in securing them since that will not sell one more device.

In the mean time, I see an increase in scans on ports 23 and 2323 which seem to be the default ports used to remotely access some of the vulnerable devices.

I recently started pondering making the text font on my homepage slightly less black because I saw a lot of pages with different shades of grey looking (to me!) easier on the eyes and more 'modern'. So I finally updated the stylesheet of my homepage (still HTML4, so already outdated) to use a not completely black (#000000) color for all text but something slightly lighter. I changed it to #202020.

And one of the first things I saw right after testing and implementing that change (of course the css file of my homepage is under version control to move it from the development version to the production version) was... How the Web Became Unreadable - Kevin Marks.

I guess I missed the cycle completely. I'll stick with the current colour for a while. I'm not a graphic designer, I am just lagging in sometimes updating design things.

Afgelopen weekend was Jamboree On The Air 2016, dit is een evenement waarbij scouts uit de hele wereld via amateur radio contact maken. Dit evenement is gecombineerd met Jamboree On The Internet (JOTI) waarbij de chat mogelijkheden via Internet gebruikt worden om de scouts met elkaar in contact te brengen.

Sinds de Veron afdeling Centrum een nieuwe locatie heeft bij scouting groep Peka 18 in Utrecht ben ik ook wat meer aan het volgen wat er met de JOTA gebeurt.

Omdat Wijnand PD5WL een kabel zocht die ik had voor zijn JOTA 2016 ATV experimenten kreeg ik ook gelijk de uitnodiging om even te komen kijken op die locatie. Ik ben zaterdagmiddag gaan kijken en het zag er leuk uit, en ik heb met diverse zendamateurs gesproken daar. En er waren zeker enthousiaste scouts bezig met radio!

Zaterdagavond heb ik ook wat PSK verbindingen gemaakt op de 20 meter band waarvan een met een scouting station van de Rover Crofts groep in Bilthoven met callsign PA6RCG/J.

Ook zijn er leden van Veron Centrum actief geweest: Special Event PE18KA/j bij ons clubhuis tijdens JOTA waar vermoedelijk ook nog meer beelden en verslag van komen.

I am a fan and regular visitor of The Transmission Gallery and a photographer. But it is not very often I can submit pictures for The Transmission Gallery as it is aimed at transmitters in the United Kingdom.

But on our recent holiday in the UK lake district I noticed on one campsite I had a direct view of a TV transmitter tower. And good, fast mobile data from the same tower. So I took a walk to photograph the transmitter so I could add something to The Transmission Gallery.

So, now available to the general public: Keswick - Pictures taken August 2016 - The Transmission Gallery.

My previous addition to the gallery was in 2010: Wooler - The Transmission Gallery. We have visited the United Kingdom a few times in between but never got close to a transmitter site or the weather hid the site completely in clouds or fog.

LW-10 HF antenna with earth wire

My full radio amateur privileges let me play on quite a number of radio bands and I haven't activated most of them. Partly due to missing equipment, but partly just not getting around to it.

A fellow amateur pointed out to me that the 15 meter band can be quite interesting for making contacts with some new stations. The 15 meter band is from 21.00 MHz to 21.45 MHz. I sort of do have the equipment for working on that band: the LW-10 longwire antenna for 6 to 40 meters which needs an antenna tuner. In earlier experiments in using the antenna tuner the tuner failed on the 15 meter band.

Today I made sure the balun of the LW-10 antenna was grounded with an earth wire to the nearest heating radiator. Not an ideal RF ground but better than nothing. On the second try the antenna tuner did its magic and the radio was happy with the result. And there were no crashing USB devices! There was one thing: I hear a ticking noise when transmitting trough the tuner. That is an indication of stray RF problems in the tuner itself so I added a ferrite core to the power cable of the tuner which did not fix this problem completely.

One thing I really have to do is try to tune above the frequency I want to use.

So the antenna did want to tune and work and I tried some PSK contacts on that band. And success: I made several contacts, including one with PB0ACU. I had a contact before with PB0ACU when I still had my previous callsign so this was a nice return contact. It was clearly not DX, but other contacts were further away. I already received eQSL confirmations for this and a few other 15 meter PSK contacts so this band is now truly activated for me.

Don't fall for it..

I received spam which translates (to me) very clearly to 'be a money mule':

[..] is looking for a qualified representative, reliable, efficient and dedicated to help facilitate their business transactions in Australia. The work is based on administrative / customer service support improving productivity and above all performing basic banking transactions.

We are located in the London If you are satisfied with all the conditions and wish to register, please contact our Human Resources department at [.. generic webmail account ..]

Alerting items:

• Unsollicited e-mail (spam) sent to a random address
• Lots of buzzwords but the work seems to be "basic banking transactions"
• Doing transactions in Australia but located in London
• Using a generic webmail account

I just saw:

220 pi FTP server (Version wu-2.6.2(1) Mon Apr 30 20:10:54 UTC 2012) ready.

230-This is an experimental FTP server.  If have any unusual problems,
230-please report them via e-mail to .
230-
230-If you do have problems, please try using a dash (-) as the first
230-character of your password -- this will turn off the continuation
230-messages that may be confusing your FTP client.

That's a long time ago, the default welcome file of wu-ftpd version wu-2.6.2(1).

Oh and the current default passive mode of ftp wasn't working, I had to dig up an old client to use the default active mode.

In the incoming spam this morning:

See attached Bill Of Laden.

[-- Attachment #2: Shipping_Documents.ace --]

I had never heard of .ace files, but I miss some developments. So I asked:

$ file Shipping_Documents.ace
Shipping_Documents.ace: ACE archive data version 20, from Win/32, version 20 to extract, contains AV-String (unregistered), solid

So it is an archiving format, better described at ACE (compression file format) - Wikipedia. There is an unace for linux, and this gave me:

RFQ#0929919882.exe: PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
c04e10a084657473828a03a97c82f0a9  RFQ#0929919882.exe

Which is obviously not shipping documents but an executable. Looking at the file showed some dangerous function names.

I tried to get another Miguel de Cervantes special event station in the log and it seemed the easiest way was to participate in the RUS-WW-DIGI Russian worldwide digimode contest 2016.

But the weekend was filled with other things (such as chasing more of those special event stations, bad weather and lousy propagation) so my participation started in the last half hour of the contest, was very short and I made 9 valid contacts which I uploaded as a checklog. I thought I had a contact number 10 but that was after the end of the contest.

The results:

Band  QSOs Dupes Points Mults
160      0     0      0     0
80       0     0      0     0
40       0     0      0     0
20       9     0     29     9
15       0     0      0     0
10       0     0      0     0
======================================
Total    9     0     29     9
Claimed score is 261 points

But I got AN400G in the log in digimode, so another slot filled.

Local radio noise at home is at high levels again and the HF propagation isn't cooperating very well. This means that it's hard to make contacts which can be frustrating when I finally get some radio time.

At the moment I am chasing the Miguel de Cervantes special event stations organized by the Spanish radio amateur club with radio operators active all over the Spanish country. With the distance it should not be too hard, but band conditions don't cooperate very well, especially when I can't hear the remote station due to local noise.

Solution: listen on the websdr in twente and transmit on my local radio with maximum power (100 watts). The delay in the audio from the websdr means I have to adjust my timing but it is good enough to get my callsign across and check whether the other side received it correctly. So I manage to make a few more SSB contacts, since this works better on SSB than on digital radio modes.

In the incoming spam I noticed some unsollicited attachments, always a sign of danger. In this case with excel files (application/vnd.ms-excel) so I checked those with olevba, part of the oletools package.

And indeed there was macro code to be run at startup, with multiple warnings about suspicious behaviour, such as usage of "command" which can run PowerShell commands.

Having a look at the code showed very clearly that the macro was up to no good! I am used to quite interesting attempts at obfuscating macro code, so it was funny to see this bit with olevba:

Call Shell("rund" & "ll32.exe " & firmaVENIKOVNETUUUKA & ",qwerty", vbHide)

The url where the malware is downloaded was also quite readable in the macro.

Van de ervaringen van de vakantie in de zomer 2016 staat nog de wens om iets met zonne-energie te doen voor bij het kamperen.

We hebben op engelse campings al meer zonnepanelen gezien, dus het idee is zeker niet nieuw. En toen ik ging zoeken kwam ik draagbare zonnepanelen bij Gerritsma Makkum kleine zonnepanelen tegen, wat bijna exact de oplossing is die ik zoek. Ik zou een niet te zwaar draagbaar pakket willen met wel de optie om direct USB devices op te laden. Ik denk dat ik begin met de 12 V 7 Ah accu opladen met zo'n zonnepaneel en zien wat dat doet voor de energiewensen van mobiele telefoons en de lamp voor 's avonds lezen. Misschien later een accu met meer capaciteit zodat er ook meer buffer is voor amateur radio activiteiten.

This weekend was the CQWW RTTY contest 2016. I participated when possible between the normal weekend things like garden work and a family visit.

This is a very international and longstanding contest which runs 48 hours. I worked a few new countries including China, Montenegro and Aland Islands and less new Ceuta and Melilla, Madeira island (which I never worked since changing callsigns). In total I made 128 contacts which is a nice score.

Comparing this to the 54 contacts I made in the CQWW 2015 RTTY contest makes this a nice improvement. This year I used the endfed antenna outside, I had access to more of the 40 meter band and I started preparing for the contest on Friday evening.

After working through the logs the number of contacts did not change. Results uploaded via the cqww contest log website and to the Veron Afdelings Competitie.

I am considering putting a vertical antenna for the 2 meter and 70 centimeter amateur bands on our roof. But I would like such an antenna to be as invisible as possible. One step will be to put it on the back of the dormer, as close to the center of the roof as possible. This would make it hard to see from the front side and from the backyard.

Another option for making an antenna less visible dawned on me when I saw an antenna at our radio club recently that was spray-painted in a red/brown colour to blend in with brickwork: it is possible to pain the outside cover of an antenna as long as the paint does not interfere with the radio frequencies.

Searching some more about this option I found an article at Diamond X50 Antenna Camouflage which describes an elaborate attempt at camouflaging a Diamond X50 antenna.

My choice of colour would be some sort of grey colour to be less visible against the average sky around here.

In eerdere berichtgeving over de inval bij Ennetcom moest ik wel heel goed luisteren om niet de conclusie te trekken dat PGP 'alleen' gebruikt wordt door criminelen, NOS Journaal 20:00 19 april 2016, Paniek in onderwereld door gekraakte telefoons - EenVandaag.

Maar vandaag viel me op in artikel Politie krijgt toegang tot versleutelde communicatie criminelen - nos.nl dat er een paragraaf staat:

PGP is een veelgebruikte methode om veilig te communiceren en wordt niet alleen door criminelen maar ook door bijvoorbeeld journalisten en klokkenluiders gebruikt. Bij PGP worden berichten door elkaar gehusseld, zodat ze alleen leesbaar zijn voor mensen met een bepaalde encryptiesleutel.

Hier kan ook aan toegevoegd worden dat computerbeveiligers graag PGP gebruiken om hun berichten te ondertekenen en/of te versleutelen.

Uit de bijbehorende beslissing van de Canadese rechter op het internationale rechtshulpverzoek (Engelstalig) blijkt wel dat er helemaal geen lek in PGP is gevonden maar dat Ennetcom niet zo heel goed was in cryptobeheer:

In this case, the Dutch authorities discovered that the Ennetcom PGP BlackBerry devices were only able to communicate via PGP encrypted e-mail with other Ennetcom PGP BlackBerry devices connected to the same Ennetcom network. The Dutch authorities also discovered that the “keys” for the PGP encryption system were generated by the server, rather than by the device. As a result, the Dutch authorities came to believe that the keys to decrypt the PGP encrypted information, on the Ennetcom PGP BlackBerry devices, are stored on Ennetcom’s BlackBerry Enterprise Servers.

After building and testing the Sotabeams dummy load I had time to work some more on the ordered parts. The main part of the order at Sotabeams was parts for outdoor antenna building: an antenna centre and 1:1 balun and linked dipole portable HF antenna kit.

The HF antenna kit does include parts for a simple centerpiece/balun but I decided to get a separate balun that should make these things easier and/or sturdier.

The balun build was doable, but soldering coax on the connectors gave a bit of a problem as the solder did not want to flow on those connectors very well. Maybe clean them next time or even sand them a little to make that easier.

Next part will be the rest of the HF antenna for which I will need an antenna analyzer and time outdoors in the daylight.

Vandaag was ik op een plek waar regelmatig draadloze microfoons gebruikt worden bij presentaties en/of grote vergaderingen. Er was recent een probleem waarbij geluid van andere gebruikers van het gebouw te horen was op de geluidsinstallatie, en dat bleek na wat zoeken ontvangst van de "verkeerde" microfoons te zijn.

Er ging toen ook een lichtje op dat draadloze microfoons prima af te luisteren zijn, wat in deze omgeving niet altijd een prettig idee is. Met een scanner die wide-fm en een groot bereik aan UHF frequenties aan kan is het prima mogelijk naar analoge "Program Management and Special Events" (PMSE) microfoons te luisteren.

The whole news about the "Evil32" attack on PGP keys made me have a long look at the key I used at home for my private e-mail, which was already almost 18 years old. Opinions about the best use of PGP have changed, risks have changed. So I followed some advice from Creating the perfect GPG keypair - Alex Cabal although 'perfect' is a bit overdone. I added the subkey for normal use, added a picture and cross-signed the new key with the old key. But in the end, the new key for my private e-mail addresses is:

pub   4096R/0x5BA9368BE6F334E4 2016-09-05 [expires: 2021-09-04]
      Key fingerprint = 979B CF89 EBBF 9AC9 6A14  F56A 5BA9 368B E6F3 34E4
uid                            Koos van den Hout <koos@kzdoos.xs4all.nl>
uid                            Koos van den Hout (http://idefix.net/) <koos+website@idefix.net>
uid                            [jpeg image of size 11615]
uid                            Koos van den Hout <koos@idefix.net>
sub   4096R/0x308216DA78517E3D 2016-09-05 [expires: 2021-09-04]
sub   4096R/0x3B17C9ABE4A3C916 2016-09-05 [expires: 2021-09-04]

The key is now available via my PGP page and via the keyservers: 0x5BA9368BE6F334E4 on the keyservers

Now the next step is to start collecting signatures.

For a while I have been using the gnupg.vim plugin but I noticed recently after changing my gnupg configuration to show long IDs that this plugin had problems. I searched and found a new version of the plugin at vim-gnupg/gnupg.vim at master · jamessan/vim-gnupg which does not have this problem.

So now I can simply keep text information in encrypted files and I need to type the passphrase every time I want to edit the file.

The easiest way to create an encrypted file to use with this plugin is create an empty file, encrypt that file from the command line and then edit it with the plugin:

$ touch datafile.txt
$ gpg -e datafile.txt
You did not specify a user ID. (you may use "-r")

Current recipients:
4096g/0xCC166EB91F480E9A 2011-01-11 "Koos van den Hout <koos@kzdoos.xs4all.nl>"

Enter the user ID.  End with an empty line: 
$ ls -l datafile.txt*
-rw-r--r-- 1 koos users    0 Sep  4 20:49 datafile.txt
-rw-r--r-- 1 koos users 1114 Sep  4 20:50 datafile.txt.gpg
$ wipe datafile.txt
Okay to WIPE 1 regular file ? (Yes/No) Yes
Operation finished.                                                           
1 file wiped and 0 special files ignored in 0 directories, 0 symlinks removed but not followed, 0 errors occured.

Now editing the file with vim datafile.txt.gpg goes through decrypting the file before starting the editing session and saves it encrypted when done.

De slimme meter die meer dan een maand geleden ons huis in kwam wordt nu constant uitgelezen en de resulterende gegevens worden opgeslagen in rrdtool databases van het electriciteits- en gas gebruik.

Uitlezen van een seriele poort vanuit Perl bleek niet makkelijk stabiel te krijgen te zijn. Uiteindelijk heb ik maar een oplossing gekozen/geleend van iemand anders: een stuk python wat cu aanroept: P1/P1-python-cu.py at master · sanderjo/P1. Dit script zou nog iets robuuster zijn als het de CRC controleert, maar dat is dan een wens voor een toekomstige versie.

Vervolgens sla ik de output van dit script op in /var/run/telemetry/smartmeteroutput. De keuze voor /var/run is omdat ik niet elke vijf minuten op de SD kaart van de raspberry wil schrijven. Ik heb dus ook /etc/rc.local aangepast om een /var/run/telemetry met als eigenaar user telemetry te maken, er worden daar meer meetgegevens neergezet voor verdere verwerking in statistieken. Het telemetry concept wat ik gebruik is het verzamelen in ASCII leesbare vorm van meetgegevens op systemen waarna deze opgehaald kunnen worden door een verzamelaar die ze gaat importeren in rrdtool databases (of andere verzamelingen). Omdat de verbinding tussen het te monitoren systeem en de verzamelaar als onbetrouwbaar gezien wordt (sommige systemen waarvan ik meetgegevens verzamel zitten achter een hikkende wifi verbinding) worden de meetgegevens lokaal opgeslagen met een tijdsaanduiding in de bestandsnaam en worden ze in rrdtool geimporteerd met deze tijdsaanduiding.

Het script wat de meetgegevens van de slimme meter verwerkt moet er tegen kunnen dat er soms velden ontbreken. Ik heb er voor gekozen uiteindelijk de dag- en nacht tellerstanden afgenomen en teruggeleverd (meetwaardes 1.8.1, 1.8.2, 2.8.1 en 2.8.2 in de Dutch smart meter standard) als 'verplicht' te tellen en de overige meetwaardes als 'optioneel'.

Uiteindelijk komen er dan mooie grafieken uit. De conclusie die ik eerder trok dat uit energie meetwaarden per kwartier prima af te leiden is wat bewoners doen is nog steeds valide. Uit grafieken over langere termijn is ook keurig af te zien wanneer we op vakantie waren.

I ordered some parts for building a lightweight outdoor radio antenna. But while ordering I had a look around and noticed the BOXA-LOAD 50 Ohm RF Dummy Load - Sotabeams, a kit for building a dummy load. So I ordered one in kit form, with enclosure.

A dummy load is for testing radio circuits, it gives the radio the ideally matching load since radio transmitters ideally expect a 50 ohm resistive load. A dummy load does not convert the electric energy into radio waves, it just converts the electric energy into heat in the resistors.

I currently have an RF power meter on loan which I could use to test the dummy load so the dummy load was the first project to build and test.

Building was no problem with the very clear instructions given by Sotabeams. And after building it I tested it and found it perfect as designed with no reflected power. The maximum power input is 20 Watt which it can handle for 1 minute and will need to cool down again for 10 minutes.

Recently there was some news about Duplicate PGP Keys and I looked up the keys associated with my e-mail address / short PGP id:

koos@greenblatt:~$ gpg --search-key F0D7C263
gpg: searching for "F0D7C263" from hkp server pgp.surfnet.nl
(1)     Koos van den Hout <koos@kzdoos.xs4all.nl>
          1024 bit RSA key 7BB7472D18B1B64D20BD63E9B81DABE5F0D7C263, created: 2014-06-16 (revoked)
(2)     Koos van den Hout <koos@idefix.net>
        Koos van den Hout <koos@wu-ftpd.org>
        Koos van den Hout <koos@pizza.hvu.nl>
        Koos van den Hout <koos@kzdoos.xs4all.nl>
        Koos van den Hout (http://idefix.net/) <koos+website@idefix.net>
          1024 bit DSA key 1B8F6AA16EF5949871CBE48E2C663B5DF0D7C263, created: 1998-12-17
Keys 1-2 of 2 for "F0D7C263".  Enter number(s), N)ext, or Q)uit > q

As visible the "fake" key is already revoked. The NCSC article has a lot more explanation.

The key I currently use for my private e-mail has:

pub   1024D/0x2C663B5DF0D7C263 1998-12-17
      Key fingerprint = 1B8F 6AA1 6EF5 9498 71CB  E48E 2C66 3B5D F0D7 C263
uid                            Koos van den Hout <koos@kzdoos.xs4all.nl>
uid                            Koos van den Hout <koos@idefix.net>
uid                            Koos van den Hout (http://idefix.net/) <koos+website@idefix.net>
sub   2048g/0x85019597CD125A2B 1998-12-17
sub   4096g/0xCC166EB91F480E9A 2011-01-11 [expires: 2017-09-14]
sub   2048R/0x8F414665C4B517C1 2015-09-15 [expires: 2017-09-14]

And on 2016-09-05 I decided it was time for a new private e-mail GnuPG/PGP key anyway:

pub   4096R/0x5BA9368BE6F334E4 2016-09-05 [expires: 2021-09-04]
      Key fingerprint = 979B CF89 EBBF 9AC9 6A14  F56A 5BA9 368B E6F3 34E4
uid                            Koos van den Hout <koos@kzdoos.xs4all.nl>
uid                            Koos van den Hout (http://idefix.net/) <koos+website@idefix.net>
uid                            [jpeg image of size 11615]
uid                            Koos van den Hout <koos@idefix.net>
sub   4096R/0x308216DA78517E3D 2016-09-05 [expires: 2021-09-04]
sub   4096R/0x3B17C9ABE4A3C916 2016-09-05 [expires: 2021-09-04]

But if you really want to be sure check in person.

I updated my .gnupg/gpg.conf with:

keyid-format 0xlong

to always show the longer key ID.

We zijn alweer een aantal dagen terug van een kampeervakantie in het Lake District in noord-west Engeland. Voor het weer was de verwachting wel vooraf dat al die meren gevuld moeten worden uit regenbuien. Die verwachting is uitgekomen, we hebben aardig wat motregen, buien en wat stormen gehad.

Het is een heel mooi gebied voor bergwandelingen, we hebben mooie wandelingen gemaakt rond Bowness, Kirkstone Pass, Glenridding en Castlerigg.

Verder diverse attracties bezocht zoals de The Lakeside & Haverthwaite Railway, Lakes Aquarium, Windermere Lakes Cruises, Lake District wildlife park.

Met het kamperen werd het duidelijk dat Engelse campings niet vaak electriciteit aanbieden voor tentkampeerders, dus een komend project is iets met een zonnepaneel voor bij het kamperen om in ieder geval telefoons, lampen en e-books op te laden.

En ik heb geprobeerd ook actief te zijn met amateur radio, maar dat lukte ook slecht, dus ook daar kunnen dingen nog verbeteren. Eerst werkte de antenne niet mee en later in de vakantie was de accu voor de radio al ver leeg. Ook iets om bij te laden uit een zonnepaneel.

Ondanks mijn privacy-bezwaren tegen de slimme meter heb ik er voor gekozen deze wel te accepteren toen netbeheerder Stedin kwam met de melding dat ze er een wilde plaatsen.

De plaatsing duurde een stuk langer dan verwacht omdat er ook iets aan de ophanging van de gasmeter moest veranderen en de dag/nachtstroom schakelaar de monteurs nog in verwarring bracht. Maar toen was er eindelijk een slimme meter die kan helpen het energiegebruik veel nauwkeuriger in beeld te brengen.

Ik heb hierin natuurlijk wel mijn principes gevolgd en heb zo snel mogelijk een slimme meter kabel om de P1 poort uit te lezen besteld zodat ik de meetgegevens aan de binnenkant kan verzamelen, op mijn eigen server via een Raspberry Pi in de meterkast. Ten opzichte van de eerdere metingen met behulp van de YouLess is de vooruitgang in ieder geval dat ik nu ook de gasmeter kan uitlezen en de stroom per fase kan meten. Slimme meters zijn altijd dubbeltarief (dag en nachtstroom) en meten apart afgenomen en teruggeleverde energie.

I am planning to participate in the SCC RTTY contest 2016. I participated in the SCC RTTY contest 2015 as PD4KH within the limits of my novice amateur call. It depends on the local noise levels whether I will end up in the single operator 20 meter, single operator 40 meter or single operator all band low power.

Today I saw an incoming e-mail about a voicemail message, while I was expecting a voicemail message. The format was quite similar to the format used by my telephone provider so I tried opening it in thunderbird under Linux. That saved me, it was aimed at opening in Windows, probably only working in Microsoft Outlook.

This is what it looked like in mutt:

Dear koos :
        There is a message for you from 01427157659, on 2016/08/23 15:52:17 .
You might want to check it when you get a chance.Thanks!



[-- Attachment #2: Voicemail sound attachment. --]
[-- Type: audio/x-wav, Encoding: base64, Size: 10K --]

[-- audio/x-wav is unsupported (use 'v' to view this part) --]

The attachment is Message_from_01427157659.wav.zip but with mimetype audio/x-wav. The zip file contains:

Archive:  Message_from_01427157659.wav.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
    30764  2016-08-23 12:18   614007286106.wsf
---------                     -------
    30764                     1 file

With a lot of obfuscated scripting.

What saved me this time was opening it in a mailreader/environment which tries to play an audio/x-wav file with a mediaplayer which complained about something being invalid in it.

I decided the picture of the recent outdoor activation was nice for a personalized eQSL design. It took some serious work with Gimp to make it turn out like I want it, and that was just with one image to work with and I'm still not completely satisfied.

In the result will be an overlay at the bottom with the details of the contact.

I used the Kenteken generator by Remco van Zuijlen to generate the callsign image.

On wednesday everything in our house was switched off due to some electricity work. I prepared for this and made sure the radio was connected to a charged battery.

And the end result was that the noise levels around our house are at least the same when power is out. In the 20 meter band I noticed even stronger carriers which may be caused by the fact that the local VDSL modem was powered off at that time. I made one contact which I logged on paper with OE2YOTA the youngsters on the air camp in Austria.

I guess I will have less noise when the power fails in a wider area, as reported at This is what HF sounds like during a power outage at my QTH!

I had to shutdown the homeserver greenblatt to allow for work on our electricity meter and I noticed during boot-up it complained:

waiting for network configuration

waiting an additional 60 seconds for network configuration

According to networking - "waiting for network configuration" Problem - Ask Ubuntu this is caused by some error in /etc/network/interfaces but I could not figure out which one until I read about the difference between the auto and allow-hotplug settings for an interface. What I had was:

auto pppdray
iface pppdray inet ppp
        provider dray-vdsl

Which caused the boot process to wait until the PPPoE over VDSL link was completely up and running (which was not going to happen at that time).

Solution, change it to:

# set to allow-hotplug: not needed to boot
allow-hotplug pppdray
iface pppdray inet ppp
        provider dray-vdsl

So the startup continues.

The problem noted at the previous boot Boot-time IPv6 on the homeserver not working was still happening and I had to reconfigure interfaces and restart services to get everything stable, so disabling duplicate address detection did not help.

Update 2016-10-26: Found out using allow-hotplug means I have to ifup that interface some other way: Ok, allow-hotplug means some other process has to start the interface. One learns in slow iterations if you don't want to reboot constantly.

Again another weekend in which I had some time for digimode radio contacts and digimode contesting turned out the best way to get a high number in the log. There wasn't a lot going on in the 20 meter PSK31 band so I listened in RTTY and found the activity.

This was the weekend of the Digital Modes Club RTTY Contest 2016. Propagation and local noise weren't cooperating a lot but in the end I made 62 contacts. I set my contest category to SOAB-LP-12h: single operator all bands (although I only made contacts on 20 meter, but this contest does not have categories per band), low power (less than 100 watts), time limited to 12 hours (I operated less than 12 hours and had a good nights rest).

Interesting results were a new country: Saudi Arabia, I made a contact with 7Z100. No USA contacts this contest, which I usually expect in a RTTY contest.

I used my fldigi digimode contest macros without any modifications and they worked fine. Calling CQ yielded zero contacts, everything was done search and pounce style.

Na weer duidelijke instabiliteit wilde ik weer omschakelen naar de versie 3.7.9 modem6 firmware, alleen ging er iets mis in de update en bleef er een niet-startend modem over.

Het was even zoeken naar de recovery methoden en de ondersteunde methode is via de Windows firmware utility volgens How to recover my router from a failed firmware upgrade?. Ik zag wel dat het modem probeerde DHCP client te zijn maar de standaard methode van een bootfile meegeven met een verwijzing naar firmware op een tftp server hielp niet.

Voor de snelheid maar even windows geboot en de upgrade uitgevoerd. Achteraf met wat uitzoekwerk gevonden dat wat de firmware utility doet is naar de tftp server in het modem die actief is bij een factory reset boot een firmware bestand sturen. Volgens Updating Draytek firmare using the MacOS X or UNIX command line and TFTP kan dit ook prima op de Linux of MacOSX commandline.

I recently came across another spot that looked very good for outdoor radio operations. At a bend in a road near Maartensdijk is a nice spot with a number of trees and a table.

So when I had some time I hooked up a trailer to my recumbent bicycle, loaded enough radio gear to make some voice (phone) contacts and went over there to give it a try.

It is a nice spot, located at JO22ND88SW. Not a lot of trees so it got quite windy. Radiowise the 20 meter band was completely free of interference: I managed one contact with TA1BX/M and my honest signal report was 5-by-0: radio quality 5 (good understanding) and signal level 0: the meter on my radio did not move. He gave me a 5-by-5 report.

I heard several other stations that did not hear me due to the bad antenna situation (part of the endfed was on the ground) or due to the pileups they caused. I set my HF output power to 50 watt to get out a bit, this did not drain the battery too fast.

Things I brought along: radio, antenna cable (RG-58 cable, not as good as Aircell-7 but a lot less weight), BNC to PL259 adapters for the cable, the endfed antenna, two charged 12V batteries, headphones, a tablet computer for logging, nylon rope and a filled waterbottle.

Things I can improve for next time: throwing the rope for the antenna into a tree (it took several tries to get a somewhat acceptable height). And I looked into logging on paper, logging on a tablet was not very comfortable. Maybe logging on old-fashioned paper can be the solution, I found some nice templates at Amateur Log book templates. I printed a few of the 'mobile' template and I will try those next time.

Update: The locator was JO22ND88SW and not JO22ND88RU. At this resolution it does matter when the GPS application says the estimated error is 88 meter.

Checking around the bands where I can do PSK31 I noticed actual activity on 28.120 MHz (10 meter band) and had a contact there with IZ8OYV. Just one answered CQ and no other contacts.

The sunspot cycle is clearly past its peak with days without any active sunspots showing up, and this lowers the maximum frequency at which radio propagation in the ionosphere happens. So currently a 10 meter contact is very rare where the first HF contacts I made at home in August 2014 were all on the 10 meter band.

Update 2016-07-11: And two more 10 meter contacts in the log.

Lots of error messages showing up recently looking like:

Jun 27 12:02:23 greenblatt named[4789]: checkhints: d.root-servers.net/A (199.7.91.13) missing from hints
Jun 27 12:02:23 greenblatt named[4789]: checkhints: d.root-servers.net/A (128.8.10.90) extra record in hints

The hints come from the root-hints file which the resolver software (bind9) uses to know where to start resolving. I checked my db.root, which said:

;       last update:    Jun 17, 2010
;       related version of root zone:   2010061700

But it is from the ubuntu 12.04 bind9 package:

# dpkg -S /etc/bind/db.root
bind9: /etc/bind/db.root

Solution with help from How Do I Update The Root Hints Data File for BIND Named Server? - UNIX fu was getting the latest from ftp.rs.internic.net which now says

;       last update:    March 23, 2016
;       related version of root zone:   2016032301

and I should get less warnings now. Comparing the two files shows changed IPv4 addresses for d.root-servers and h.root-servers, changed IPv6 addresses for a.root-servers and h.root-servers and added(!) IPv6 addresses for c.root-servers, d.root-servers, i.root-servers and j.root-servers.

The new and improved QSL card workflow I thought about in April has come true. In the mean time I bought printer labels and this evening I took my time to work through the last (at the moment..) outgoing QSL cards for PD4KH and printed labels for them.

Creating outgoing QSL cards with printer labels

Labels affixed to outgoing QSL cards and signed

In the end it saves me from having a cramp in my hand from QSL card writing, but it took me a lot of print previews to get the design just right. And after printing I saw I still have not found a font with a slashed zero in it.

I still sign the cards with my name by hand, but that's a lot less work.

Things learned:

• Changing the exported fields in CQRLOG changed the field numbers in the CSV.
• CQRLOG export csv files have no newline at the end. I combined two selections (send via bureau and send via manager via bureau) and it took me a while to note one QSL missing.
• CQRLOG default is to export just the band. I like having the frequency on my cards.
• Fiels exported: Date, time on, Callsign, Freq, RST Sent, QSL manager, Comment, QSL PSE/TNX

Update 2016-06-27: A bit of searching found me A Slashed-Zero Droid Sans Mono - cosmix.org. Downloaded the zip file, unpacked DroidSansMonoSlashed.ttf in /usr/share/fonts/truetype/droid and it was available to glabels instantly.

And I printed the first labels outgoing QSL cards for PE4KH and now this new workflow is saving me time. I decided to keep using my 'old' PD4KH cards with a small label updating the callsign. Now I am actually saving time!

Ik zag ergens voorbij komen dat er nieuwe firmware voor de FRITZ!Box 7360 was met in de release notes:

Improved: Support can be enabled for PPPoE passthrough

Dus ik haalde snel die firmware binnen en ging deze testen. Maar deze werd geweigerd door de FRITZ!Box. Na goed nakijken bleek dat deze feature en andere updates er alleen zijn voor de 7360 v2 versie, en ik heb in maart 2014 een FRITZ!Box 7360 v1 ontvangen en daar zijn nog geen nieuwere firmware versies dan 06.30 voor, dus geen pppoe passthrough. Via de AVM Nederland supportsite maar even een call aangemaakt met het verzoek om die verbetering ook beschikbaar te stellen.

De DrayTek Vigor 130 doet het goed, maar ik zou het wel prettig vinden om te kunnen wisselen met een "officieel" modem in PPPoE passthrough mode zodat ik de VDSL storingen daar ook kan onderzoeken.

Update 2016-06-24: Antwoord van AVM: zie Why is the latest FRITZ!OS not available for the FRITZ!Box 7360 v1? oftewel door hardware beperkingen van de _v1 versie zal er niet gauw een update komen.

Last night a serious lightning storm passed and it got counted, but clearly with the same problems in counting as seen before in counting thunderstorms from the shed while radio activity causes a lot higher counts. Looking at the graphs for thunderstorms counted from the attic before I was active on HF radio there is quite a difference in numbers.

I think I want the lightning strikes counter back up in the attic but with a low-pass filter somehow to filter out false counts from amateur radio traffic.

Uit de spam mail:

In de link hieronder ontvangt u de factuur van KPN.
Voor uw veiligheid uw botbreuk is wachtwoord protected.Uw wachtwoord is 2hw3DXy .

Ik knipperde even, maar ik realiseerde me dat er vast iets met automatische vertaling is gedaan van factuur/fracture.

In almost every digimode contest I improve my contest macros a little, so I decided to share them. Credit goes to FLDIGI Contest - How To for a lot of the initial inspiration and Choosing your basic macros - VA2UP RTTY Contesting which has the really minimal approach, and this helped me with finetuning.

This will be a quite long post only interesting to a very specific group!

Digimode is the name for all radio modes in which digital information is exchanged and a computer is used to encode and decode the digital information into something the radio can work with.

Digimode contesting for me includes RTTY and PSK63 contesting, there are other modes used in digimode contests.

Without a lot of preparation I participated in the 2016 Ukranian classic RTTY contest contest just to see how I would do and maybe get one or two new interesting entities in the log.

The radio interference was active all weekend on 40 meter so I participated only on the 20 meter band.

In the end I participated for about just over 3 hours and made 64 contacts. Interesting new entities were Venezuela (new country) confirmed, Pennsylvania confirmed and North Carolina confirmed (new US states). Confirmations come in quick via eQSL and LoTW!

I updated the Veron afdelingscompetitie with the results. And all the other usual places where I upload the logs of my radio contacts. Already the first confirmations via eQSL are coming in and visible in my eQSL received at PD4KH / PE4KH collection.

Na een week met stijgende aantallen hikken in de vectored vdsl verbinding maar weer eens gekeken naar de firmware versies. Op Firmware - Vigor 130 - Draytek staat nu firmware versie 3.7.9 met wat updates in diverse varianten waaronder 2 keer voor het KPN netwerk.

Ik ben maar weer overgeschakeld naar de modem5 versie uit Vigor130_v3.7.9_modem5.zip, eens kijken wat dat doet voor de stabiliteit.

So when the Raspberry Pi 3 came out in February I bought one, complete with power supply, case, microSD card and small keyboard. I just could not resist it. I installed it, connected it to the network and did not really have a task for it. It is joy.idefix.net.

After a while this changed and I started running dump1090 on it to get an idea of the planes in range from my house. It is connected to the antenna used in the earlier ADS-B receiving experiments and sees high altitude and/or nearby airplanes fine.

Recently I ran some updates and those failed because the root-filesystem was filling up. I did not notice that left some files missing, so I just ran the commands to resize the raspbian root filesystem to fill the SD card - Coderwall and waited for the reboot. This ended up in a nice multicolour screen with nothing running. I looked that up and found Raspberry Pi with boots up with Rainbow screen - Raspberry Pi Stack Exchange so it was time to recover. I mounted the SD card on an x86 linux system and found the kernel.img and other files in /boot were missing. I searched how to mount the raspbian image and found How can I mount a Raspberry Pi Linux distro image? - Raspberry Pi Stack Exchange. I started with using the loopback device, copied the whole /boot directory from that image and did a filesystem check in the SD card. It booted again but showed driver issues. I reran all the updates which reinstalled the raspberrypi-kernel package and after that the driver problems were gone and things worked again.

For the first time I brought my new personal laptop to a place where I could use eduroam wireless network. This gave some trouble, eduroam did not work out of the box. I had to set the authentication method to 'Protected EAP (PEAP)' and set the inner authentication correct. And I had to set the CA-Certificate to check. If you don't set it, network manager settings will ask if you are sure, but if you say you are sure the net result in the background is that the request for a valid certificate is set but there is no certificate set to check against, resulting in the connection not working.

Op een adres wat ik daar niet voor opgegeven heb (en niet voor zou gebruiken) kreeg ik spam van 1dayfly. Opvallend was in de tekst:

U krijgt deze nieuwsbrief omdat wij uit naam van Lead4Cash mailen en u daarmee heeft aangegeven onze nieuwsbrief te willen ontvangen!

We beloven u geen ongevraagde e-mails te sturen! 1DayFly.com verkoopt of verhuurt nooit haar gegevens aan derden.

1dayfly kan heel veel beweren maar met een naam als 'lead4cash' ga ik al uit van vervuilde marketing bestanden. Als je businessmodel 'lead4cash' oftewel 'geld voor gegevens van consumenten om te benaderen' is kost het alleen maar geld om te controleren of die 'leads' wel benadert willen worden. En dus is het niet opvallend dat er een adres tussen zit wat dat niet wil.

Zoals gebruikelijk: The Rules of Spam.

Update 2016-06-21: Uit een latere mail blijkt ook wel hoe mager de bestanden zijn:

Uw 1DayFly.com aanbiedingen van dinsdag 21 juni Wilt u een persoonlijke nieuwsbrief? Vul hier uw naam in:

Mijn conclusie is dan dat ze echt alleen maar een bak e-mail adressen ergens vandaan hebben. Dan vraag je ook om spamklachten.

Update 2016-07-26: De spam gaat rustig door, en ik heb toch eens voor de aardigheid de unsubscribe link geprobeerd. De unsubscribe link ziet er uit als:

Als u deze nieuwsbrief niet wilt ontvangen dan kunt u hier klikken:
http://mailer3.1dayfly.net/HLP?b=F-x2Ujl1NAsYbP8Qga_Sd5XOjjUEgm_UlpWmuR5KazYBLi82B5MC-LbQtvPMLZdc&c=hXFCC8KBcMLz_FJVpvWegw
om u af te melden.

En als ik die link volg heeft de site geen idee welk adres ik zou willen afmelden. Toch knap met naar schatting 88 tekens tracking in de url.

Daar het adres ingevuld en dan blijkt dat de aanmelding gedaan zou zijn vanaf IP 87.208.5.203 op zondag 5 mei 2013 om 16:09. Dat IP is van Tele2:

inetnum:        87.208.0.0 - 87.208.31.255
netname:        TELE2-CONSUMER-2
descr:          Pop Groningen, Ring Zwolle
country:        NL
admin-c:        RH3392-RIPE
tech-c:         RH3392-RIPE
tech-c:         WvdG7-RIPE
status:         ASSIGNED PA
mnt-by:         AS13127-MNT
created:        2005-06-20T09:14:32Z
last-modified:  2009-10-22T06:15:35Z
source:         RIPE # Filtered

Onder de lead4cashunsubscribe.nl pagina staat een link naar de dailymailz privacy policy (PDF, vreemd genoeg engelstalig) die er op neer komt dat ze alles mogen doen met de verzamelde gegevens wat ze leuk vinden. Die gegevens controleren ze alleen dus niet goed, dus die zijn aardig waardeloos.

Update 2016-07-28: En als ze beweren dat het meerdere dagen duurt om van alles af te komen dan menen ze dat ook, vandaag weer verse spam. Al heb ik altijd het idee dat 'het duurt meerdere dagen om alle lijsten bij te werken' vooral een excuus is om de zaken niet acuut te hoeven verwerken.

Update 2016-08-30: En de spam gaat gewoon stug door.

Update 2016-09-01: Nog maar eens afgemeld, en nu viel me op dat de afmeldlink op de 1dayfly site zelf uitkwam en niet bij lead4cashunsubscribe. Dus het eerdere afmelden bij lead4cash werd blijkbaar ergens geinterpreteerd als aanmelden bij 1dayfly.

ISS SSTV June 2016 MAI-75 image recieved by PE4KH at JO22NC 20160610 at 1900 UTC

I had no advance warning but suddenly mailing lists and other places I find my amateur radio satellite news lit up with news of another round of slow scan TV (SSTV) images. I thought at first things would be over Friday evening but then the reports started again and I put the radio, antenna and laptop outside to record another pass and decode it. Reasonable decode, especially for the pass starting in the noise.

I wanted to look at some suspicious word files to see whether the macros tried anything funny. Some searching showed me oletools which can do this and report. A sample:

Public Sub ZkBWG(ByVal uSHdvTl As String)
Dim RxXFgnMOu As Integer
VOyiBpZDIb.cFRHErvQ OdAkk.VWUUdYKG(553, JocsGn("PlJlXeAhESM.MtxpOizrMccS2W")), _
uSHdvTl, JocsGn("LcxeVxVE")
End Sub
Private Function xcOdDXhiP() As Integer
Dim NJuBRTz As String
Dim RemmeQk As Integer
xcOdDXhiP = 400
End Function
Private Function JocsGn(ByVal gAVndNSJ As String) As String
JocsGn = ZYkwp.kYxFEH(gAVndNSJ)
End Function

+------------+----------------+-----------------------------------------+
| Type       | Keyword        | Description                             |
+------------+----------------+-----------------------------------------+
| AutoExec   | Document_Open  | Runs when the Word document is opened   |
| Suspicious | CreateObject   | May create an OLE object                |
| Suspicious | CallByName     | May attempt to obfuscate malicious      |
|            |                | function calls                          |
| Suspicious | Hex Strings    | Hex-encoded strings were detected, may  |
|            |                | be used to obfuscate strings (option    |
|            |                | --decode to see all)                    |
| Suspicious | Base64 Strings | Base64-encoded strings were detected,   |
|            |                | may be used to obfuscate strings        |
|            |                | (option --decode to see all)            |
+------------+----------------+-----------------------------------------+

Recently I was looking whether there was an interesting upcoming digital amateur radio contest. Simply because I wanted to make a number of contacts in a short period, maybe contact some new countries. On the Contest calendar I found the DigiFest contest which is all about promoting digital modes.

I set up the outside endfed antenna on Friday evening, used it to participate in the roundtable after the PI4AA radio bulletin on 40 meters. I also checked the exchange needed for this contest and programmed it in a separate macro definition for fldigi. So I was prepared and gave it a go Saturday evening. I could not participate in the 04:00 UTC - 12:00 part on Saturday because of the normal family things that have to happen on a Saturday morning. On Saturday evening I started out right at 20:00 UTC on the 40 meter band. After an initial number of nice contacts it sort of 'dried up' for me and I saw no new stations active. So I switched to the 20 meter band and got a number of new contacts, including some callsigns who seemed to have made the same decision to switch to the 20 meter amateur band.

On Sunday things got worse as the local high-power HF noise was active again, obliterating nearly all signals. And increased solar winds caused propagation to drop.

So propagation wasn't cooperating very well, and the contest did not seem very popular. In the end I made 41 contacts which is less than I expected.

Update: The upsides are there: I received eQSL confirmation for a contest contact with VE3UTT which means I finally have a form of confirmation for a contact with Canada and a confiromation for a contact with N6AR which adds another US state.

Update 2016-07-17: Checking the site I just find the scores: 37 contacts and 30 multipliers claimed, 36 contacts and 29 multipliers confirmed. Position 27 in the SINGLE-OP ALL LOW 8-HOURS mode.

Ik ben geen klant van ICScards maar toch wil ik soms interresante nieuwe phishing pogingen melden bij ze. Volgens Phishing: valse e-mails die in omloop zijn is de manier gewoon via e-mail naar het valse-email@ adres.

Maar helaas lukt het niet:

   ----- The following addresses had permanent fatal errors -----
<valse-email@.......>
    (reason: 550 Denied by policy)

   ----- Transcript of session follows -----
... while talking to mail01.icscards.nl.:
>>> DATA
<<< 550 Denied by policy
554 5.0.0 Service unavailable

het valse-email@ adres zit achter mailfilters die blijkbaar duidelijk herkenbare phishing mail blokkeren. Misschien moeten ze dat adres apart behandelen zodat ze dit soort meldingen wel binnenkrijgen...

Ik heb weer eens geluisterd naar de PI4AA uitzending. Dit keer heb ik geluisterd via de PI2NOS livestream en heb ik me daarna eens ingemeld via de inmeldronde op de 40 meter band omdat ik toch de endfed antenne had buiten gehangen vanwege een contest in het komende weekend. In SSB is de lokale storing erg duidelijk aanwezig. De storing is ongeveer S9 dus ik hoorde PI4AA zelf redelijk goed met een signaal wat daar net 10 dB boven zat. De meeste inmelders hoorde ik slecht of niet.

Hierbij een klein stukje met Remco PA3FYM als rondeleider.

I am slowly gaining trust in my Let's Encrypt setup and today I renewed my certificate. One thing I noticed on the first tries was that the whole process left me with a .well-known/acme-challenge directory in every website. Solution: use the options for a general configuration item available in Apache which is then inherited by all virtual hosts. So now I have in the general configuration in /etc/apache2/apache2.conf:

Alias /.well-known/acme-challenge/ "/home/httpd/html/.well-known/acme-challenge/"

<Directory "/home/httpd/html/.well-known/acme-challenge/">
        AllowOverride None
        Order allow,deny
        Allow from all
</Directory>

So now there is only one directory filling up with challenge-response files which is easier to clean out. I have seen filenames for challenge response with a - at the start so rm * started to complain.

The first complete change to https is on Camp Wireless, Wireless Internet access on campsites.

If you look at the mapped HF contacts on my PE4KH Amateur radio site you might notice the contacts made in the 20 meter band normally have a ring around my home location, unlike the contacts in the 40 meter band. This is caused by the 'skip zone', explained much better in the Skip zone article on wikipedia complete with graphs of how the radio waves travel. The size of the skip zone depends on the frequency. It is usually absent in the 40 meter band. In the 20 meter band it normally makes it hard to make contacts with the rest of the Netherlands, Belgium, England and Germany.

Today I had some 20 meter PSK63 contacts with nearby stations in the JO01 maidenhead locator square. This is 'too close' for normal 20 meter contacts via skywave (radiowaves reflected via the ionosphere) and 'too far' for groundwave (radiowaves travelling directly). But with all the interesting conditions on other bands happening the last weeks this is probably also a case of some interesting type of propagation.

A fellow radio amateur posted an old picture somewhere of Steven K. Roberts on the Behemoth "Big Electronic Human Energized Machine, Only Too Heavy" bicycle, a recumbent bicycle with computers and amateur radio as a joke suggestion to me. But this is more than just a joke to me, I follow the work by Steven K. Roberts since somewhere in the 1980s when I saw an article and picture about him in a popular science magazine. Articles and pictures by Steven K. Roberts are now collected on microship.com where some of the old memories seem to have gone the way of the 404 after almost 30 years of gathered digital history have been reorganized.

Steven is still busy with the same ideas, nowadays on a nice sailboat, as can be seen at Blog - Technomadic & Gonzo Engineering with regular projects.

Browsing the site I found some interesting videos such as the ones in Vintage Video: Computing Across America - Hackaday and Computing Across America - April 1988 - Louisville WHAS11 Bernson's Corner - Youtube.com.

In the Electronic QSL received at PD4KH / PE4KH I have some SWL reports received via eQSL and I decided I should note these correctly. So I updated the script that generates this page and now NL12621, DL-SWL/DE1PCE, R4A-1227 and others are properly noted.

I haven't found a conclusive list of all SWL 'callsigns' so I may miss some.

Hamvention 2016 on aprs.fi, map from google maps

I am following the 2016 Dayton Hamvention safely from my own location. Lots happening there which is interesting and maybe I should go there one day. But for those 'playing along at home' there are lots of option nowadays: following hashtag #hv2016live on twitter, with interesting pictures and reports by @ke9v Jeff Davis on twitter and seeing the aprs.fi APRS map around Dayton which went from two or three APRS stations this morning (Dutch time) to a lot of active APRS stations at the moment (see screenshot).

De laatste voorbereidingen zijn klaar: de software op de laptop die de radio kan aansturen en de gegevens kan overnemen voor logging is getest. Gewoon hamlib voor de aansturing en cqrlog voor de logging. Werkt allemaal prima, even een test verbinding mee gelogd. Een extra coax kabel en bijpassende koppelstukken zijn er nu ook. Alles op een rijtje in Mills on the Air 2016 PE4KH.

Update 2016-05-16: en de resultaten maar even toegevoegd bij Resultaten Mills on the Air 2016 PE4KH, waarbij de korte samenvatting is: "waardeloos".

yfktest in ARI-DX contest screen

I participated in the ARI International DX contest 2016, organized by the Associazione Radioamatori Italiani. And this time I even did some voice contesting (phone) too!

As mentioned before phone contesting with Linux is available. I gave yfktest a spin and noticed it did not support the ARI-DX contest. With copying and modifying the Hungarian DX contest I think I found what was needed to support this contest enough to allow me to enter valid exchanges including Italian provinces. Getting the current claimed score right would take a lot more work.

So I gave it all a try and answered a number of CQ contest calls.

With the headset interface for my FT-857 radio connected and the footswitch in use both hands are available to type callsigns and serial numbers. I decided I need a better place to put at least the front of my radio: when I work in voice mode I need to spin the big dial a lot more so it should be easier to reach, it is currently on a high shelf above the monitor. Getting a sore shoulder from just a while on the radio is not a good thing. Given earlier experiences with RF interference in computers it may be the best to separate the front from the radio so the dial is not to far but the radio signals are.

When the time to play with the radio in the afternoon was finished I took a pause and later in the evening I continued in RTTY mode which was also an option in this multimode contest.

Conditions for HF contesting were bad since there seems to be a new source of noise on the HF bands. Where I was used to noise being S7/S8 level it is now constantly at the S9+10dB or S9+20dB level.

The results:

Total number of QSO in your log is 25, Including 0 QSO with errors, Valid QSO - 25
Band  QSOs Dupes Points Mults
160      0     0      0     0
80       0     0      0     0
40       9     0     54     9
20      16     0     70    10
15       0     0      0     0
10       0     0      0     0
======================================
Total   25     0    124    19
Claimed score is 2356 points

Update 2017-01-06:
And the results are in, I guess it takes the italians a while to check the logs.

        ARI International DX CONTEST 2016
           Band     QSOs    Pts  Mul

           160m        0      0    0
            80m        0      0    0
            40m        9     54    9
            20m       16     70    9
            15m        0      0    0
            10m        0      0    0

           Total      25    124   18 ==>     2232

The only thing changed is the number of multipliers in the 20 meter band.

This weekend I had a few hours to play radio and I participated in the Russian worldwide multimode contest 2016. I also participated in the Russian worldwide multimode contest in 2015 so there is a chance now to compare the results.

Saturday afternoon and evening I was active on 40 meter. Mostly in PSK63, only a few contacts in RTTY. PSK63 decodes better at the same signal to noise level so it's easier in search and pounce mode. Again having more access to the 40 meter band is good in this case, I made a lot of contacts in the 7.040 MHz part.

Sunday morning I was active on 20 meter until I had a nice number of contacts in the log and it was time to go out and enjoy the weather.

I had a few nice runs where I called CQ and got several answers after another. I have some ideas about analyzing the cabrillo logs for qso rates.

Band  QSOs Dupes Points Mults
160      0     0      0     0
80       0     0      0     0
40      63     1    380    37
20      16     0     50    15
15       0     0      0     0
10       0     0      0     0
======================================
Total   79     1    430    52
Claimed score is 22360 points

One QSO was noted as incorrect because I was returned a Russian 'oblast code' for a Ukranian callsign. I guess some politics are involved there, I'm not very good (yet) at recognizing which callsigns are from which country.

It is a while after my last report on Vectored VDSL and the influence of amateur radio transmissions and it's time to share the current experiences especially with the change to the DrayTek Vigor 130 VDSL modem.

The first conclusion is that the modem doesn't matter much. I am now used to the connection dropping and retraining when I start on a 'new' frequency. I haven't figured out yet what the exact definition of 'new' is, when I haven't been active for a number of days on 20M PSK31 the first transmission on that band can trigger the disconnect. There seems to be no direct influence on the maximum speed after the reconnect, it sometimes goes up. A serious change of frequency (different band or a different part of a band) can trigger another disconnect.

In the mean time an xs4all user shared after long debugging of vectored VDSL problems to have found the cause in the PLC (powerline communications) network devices as delivered by xs4all for television over IP. Yet another reason to not use PLC. But in the ideal world the lastmile connections for high speed would be fiber-based anyway.

This does not work as planned in mutt:

Subject: hi prnt
Content-Type: multipart/mixed; boundary=31BE31246BD934D65C63831D7238

--31BE31246BD934D65C63831D7238
Content-Type: multipart/alternative; boundary=31BE31246BD934D65C63831D7238

--31BE31246BD934D65C63831D7238
Content-Type: text/plain; charset=UTF-8



--31BE31246BD934D65C63831D7238
Content-Type: text/html; charset=UTF-8

<div dir="ltr"><br></div>

--31BE31246BD934D65C63831D7238--
--31BE31246BD934D65C63831D7238
Content-Type: application/zip; name="816847_304695.zip"
Content-Disposition: attachment; filename="816847_304695.zip"
Content-Transfer-Encoding: base64
X-Attachment-Id: f_519392564

UEsDBBQAAgAIAPVmnUiLxtYfTRIAAA0pAAAUAAAANzM1NzE1NjJfODYzNjA4MTYuanO1Wmt3
2zaT/tye0/+A8rSvxViW7eRt0tp1u4osx67vlyTOOt4ekIQkRCRA8yJZNv3f9xmApKjY6abd

Shows as

  I     1                      [text/plain, 7bit, us-ascii, 0K]
  I     2                       [text/plain, 7bit, utf-8, 0.1K]
  I     3                        [text/html, 7bit, utf-8, 0.1K]

I consider it testing at the moment, but you can visit https://idefix.net/. The mixed-content warning will not go away soon since I partly depend on images and audiofiles from sources not (yet) available via https.

A while ago I already pondered preparing links in my websites for https. With Let's Encrypt I can get free domain validating certificates for TLS encrypting my traffic. Even the subjectAltName extension is supported to get multiple domain names on one certificate. But it took me a while to really get around to implementing the rest and testing the results.

The standard way of using letsencrypt is a bit too much 'for dummies' to my taste. The suggested and supported method for using Let's Encrypt uses the standard Let's Encrypt client which is very good at modifying apache configurations on it's own.

I would like free certificates, but not at the price of letting that script do things to my webserver configuration. So I asked around and someone pointed me at letsencrypt-nosudo with the brilliant introduction:

I love the Let's Encrypt devs dearly, but there's no way I'm going to trust their script to run on my server as root, be able to edit my server configs, and have access to my private keys. I'd just like the free ssl certificate, please.

Exactly my thoughts. So I used that script, got my brain around what was happening and now I have a TLS certificate for a number of my private domains.

Uit de inbox:

Behandeld door : Factuur Internet
Direct tel. nr. : 082 - 453 75 39
Openstaande vordering, BELANGRIJK!
Geachte e-mail@example.com
Verwijzen wij u naar de eerder ontvangen herinnering(en). Wij stellen u hierbij de gelegenheid om het verschuldigde bedrag van €3729,89 met rente binnen 14 dagen te voldoen op ons IBAN-rekeningnummer NL52ABNA04824653729 t.n.v. St. Derdengeleden Intrum Justitia Nederland B.V. onder vermelding van het referentienummer.
Downloaden Factuur [1]http://www.incasso.nl/factuur
Blijft betaling uit, dan zijn wij genoodzaakt cliënt te adviseren om over te gaan tot het opstarten van een gerechtelijke procedure. De kosten die hieruit voortvloeien zullen geheel voor uw rekening komen. Voor directe betaling en meer informatie over deze vordering gaat u naar onze website U kunt hiervoor de gegevens gebruiken die op de factuur staan vermeld. U kunt hier ook terecht voor overige vragen.

Opvallende dingen:

• Er staat een 7-cijferig nummer in wat onzichtbaar gemaakt wordt met <font size="1" color="white">, dit nummer komt een aantal keren terug.
• Het rekeningnummer is ongeldig en lijkt absoluut niet op het rekeningnummer van Intrum Justitia Nederland
• Het telefoonnummer is niet van Intrum Justitia en wordt vaker gebruikt in valse e-mails

De link wijst naar iets anders wat weer redirect naar een downloadlink bij dropbox. En uiteindelijk komt er een zip file met:

Archive:  Factuur 00891884-937473.zip
Factuur 00891884-937473.pdff
  inflating: Factuur 00891884-937473.pdf.exe

Meer informatie van Intrum Justitia zelf via Valse e-mails misbruiken naam Intrum Justitia.

Geen DX deze keer maar gewoon nieuwe services bij MTVNL en wat verschuivingen.

Volgens Efteling Kids Radio terug via DAB+ in Amsterdam - radio.nl zal MTVNL op den duur de optie om aparte versies per regio meer gaan inzetten. Volgens radio-tv-nederland.nl is het al zo dat de versie in Eindhoven alleen Radio JND als DAB+ service heeft (terwijl die er hier in Utrecht dus ook bij zit).

Outgoing QSL cards

Radio amateurs are supposed to keep a logbook of all contacts (although it is not a legal requirement anymore!) and part of the amateur community likes confirming contacts with QSL cards. The term QSL is from the Q codes in radio which date back to radio telegraphy on ships. QSL as an answer means I am acknowledging receipt. I have my own QSL card for my old callsign PD4KH and I will need a new batch for PE4KH some day.

To save on the costs of sending those cards there are QSL bureaus in the world. I submit my cards to the Dutch QSL Bureau via my radio club and eventually cards for me end up at my radio club. I have sent out numbers of QSL cards and received numbers of QSL cards.

2016-04-23 03:28:14,406 fail2ban.actions: WARNING [ssh] Ban 179.43.141.220
2016-04-23 05:27:04,412 fail2ban.actions: WARNING [ssh] Ban 179.43.141.211
2016-04-23 07:38:12,542 fail2ban.actions: WARNING [ssh] Ban 179.43.144.8
2016-04-23 07:42:12,342 fail2ban.actions: WARNING [ssh] Ban 179.43.144.24
2016-04-23 09:29:20,761 fail2ban.actions: WARNING [ssh] Ban 179.43.141.198
2016-04-23 09:41:55,910 fail2ban.actions: WARNING [ssh] Ban 179.43.141.229
2016-04-23 09:49:40,855 fail2ban.actions: WARNING [ssh] Ban 179.43.144.21
2016-04-23 09:50:02,385 fail2ban.actions: WARNING [ssh] Ban 179.43.144.15

But this time from the Arabic Emirates.

This afternoon was a contact between Wellesley House School in Britain and Tim Peake on the International Space Station. So I decided to put the finished antenna rotor to good use since one of the triggers for building a rotor was getting my arms real tired on earlier ISS passes.

And indeed, I had no problem with holding the antenna. But it still took a while before I heard anything and the signal was not very good.

With lots of my fellow amateurs making contacts all over north and south america this should not be hard but while I have heard amateurs from south america I haven't been able to make any contacts south of Puerto Rico up until today. I saw PT7DX active on 20meter PSK31 and tried to answer him a few times. On the third try it worked and we had a short contact in which I thanked him for the new country.

The fun part is that I saw KB6NU in the US complain about HF propagation around the same time.

ISS SSTV April 2016 MAI-75 image received by PE4KH at JO22NC 20160415 1627Z

And a chance to receive an image from the Russian 'MAI-75' project. Originally I had a lot of trouble decoding the image with qsstv and the author of qsstv helped me find the ideal workflow. Upgrading qsstv and using a 48000 samples/second .wav file helped.

Earlier I played the audio in audacity and decoded in qsstv with pavucontrol setting the 'Monitor of builtin audio' as input for qsstv.

And while I had the amateur satellite gear out I checked for upcoming interesting passes and saw that SO-50 would pass right after the ISS pass between SSTV experiments.

I tracked the pass and heard activity, mostly from IZ5TEP with F0DTV. I tried answering a few times, to IZ5TEP and in general but no contacts. The amount of interference was not as bad as I heard a few times last year but it was not perfect amateur satellite behaviour either.

I saw people post more images which seemed to be from the MAI-75 SSTV program. I tried a pass at 18:27 UTC but heard nothing. Checking the article ISS Slow Scan TV in April - Amsat-UK shows that the ARISS commemorative SSTV event ended at 14 April 11:35 UTC and the first MAI-75 activity was 14:45 until 18:00 UTC. The next MAI-75 activity is Friday 15 April 14:10 until 19:00 UTC.

ISS SSTV April 2016 image 06/12 received by PE4KH at JO22NC 20160412 1920Z

In a later pass I received two partial images.

ISS SSTV April 2016 imagereceived by PE4KH at JO22NC 20160412 1920Z

The good news is that standing outside holding my Arrow antenna I did some serious thinking how the Arrow is going to fit on the antenna rotor. And I tested how reception is when I fix the elevation at around 20-25 degrees: fine.

ISS SSTV April 2016 image 12/12 received by PE4KH at JO22NC 20160412 1606Z

Today a nice pass which fit between two stages of cooking our dinner so I recorded the audio. Again I heard no signal but then I heard the starting tones of a slowscan TV image and saw the signal meter pegged to S9++ (the maximum).

One image was received in full.

In one of the articles about the current ISS SSTV event was a starting time of 19:25 18:25 UTC, and the pass over my QTH JO22NC started at 19:28 UTC. So I was out with the whole setup and a strong arm to aim the antenna at the ISS in the hope of receiving something.

But nothing was received. The fun part is that an ISS pass shortly after sundown gives a visual aid to aim the antenna at, but no signal received.

Also noticed by Mike Rupprecht DK3WN: ISS – no SSTV active - DK3WN Satblog with a very nice image.

Update: Corrected starting time after rereading ARISS commemorative event (April 11-14) - ARISS SSTV Images which has been updated with:

*** Update (April 11, 2016)
Looks like the start will be delayed. Seems the hardware is having issues and not transmitting. Troubleshooting is in work.

Update 2016-04-12: First images received now in Asia and available from the ARISS SSTV Gallery

The antenna rotor made its first turns. I mounted it to a very old stepladder which has an almost vertical part at the top.

The fun part is that with the upcoming ARISS SSTV event from ISS I could use a good rotor in the upcoming week.

New country today in amateur radio contacts: Japan. Another one of those lucky contacts without any planning, I just had the longwire antenna out to try if I could get a signal in the 6 meter band.

I saw a call from Japan, answered it, answered it again after raising the power level and the contact was made.

Naast mijn bijdrage Mills on the Air 2016 PE4KH hebben ook andere leden van de Veron afdeling A08 Centrum besloten mee te doen aan 'Mills on the Air' en wel bij een molen een stuk dichter bij: PI4UTR doet mee met Mills On The Air 2016!.

Ik hoop in ieder geval tijdens dat evenement zelf een verbinding te kunnen maken met PI4UTR/P.

This weekend I had a few hours to participate in the EA RTTY contest 2016. Propagation was mostly bad and I had a hard time decoding signals. There were some good moments, for example I did work YB6HAI from Indonesia again. His antenna park looks quite impressive too which helps. I switched a few times between the 20 and 40 meter band trying to find propagation and new callsigns to contact.

The end result was 76 QSO's (contacts) and the last one was in the last minute of the contest, logged at 15:59 UTC.

I already recieved the raw results from the EA PSK63 contest I participated in a few weeks ago which are presented in a very nice format on the contest website showing the buildup of the score.

The wireless card of the weather station computer in the shed is dual-band but with only a 2.4 GHz capable antenna. Since the house access-point is configured to support both 2.4 GHz and 5 GHz channels the system sometimes selects the 5 GHz access and keeps having serious packet loss. I looked at ways to convince the driver to select 2.4 GHz channels only but found none, but then I found out wpa_supplicant can do this. But I configure wpa_supplicant through wpa-* options in /etc/network/interfaces so I had to find out how to configure it using those. The manpages for the interfaces file is very limited on the wpa-* options, but I found an explanation that a lot of wpa_supplicant options are supported, including the one to select frequencies. The sneaky part is that the option in wpa_supplicant.conf is freq_list and the option in /etc/network/interfaces is wpa-freq-list. A rather complete list can be found at Where can I find a full list of wpa-* options for the interfaces file? - superuser.com. So now I have in /etc/network/interfaces:

auto wlan0
iface wlan0 inet dhcp
        wpa-ssid default
        wpa-psk VerySecret
        wpa-freq-list 2412 2417 2422 2427 2432 2437 2442 2452 2457 2462 2467 2472

The ideal solution is to order a dual-band (2.4 GHz and 5 GHz) antenna.

Update: Noticeable absent are channels 12 and 13 which are available for regulatory domain NL but are not listed when I ask the driver for available channels:

koos@ritchie:~$ /sbin/iwlist wlan0 chann
wlan0     19 channels in total; available frequencies :
          Channel 01 : 2.412 GHz
          Channel 02 : 2.417 GHz
          Channel 03 : 2.422 GHz
          Channel 04 : 2.427 GHz
          Channel 05 : 2.432 GHz
          Channel 06 : 2.437 GHz
          Channel 07 : 2.442 GHz
          Channel 08 : 2.447 GHz
          Channel 09 : 2.452 GHz
          Channel 10 : 2.457 GHz
          Channel 11 : 2.462 GHz
          Channel 36 : 5.18 GHz
          Channel 40 : 5.2 GHz
          Channel 44 : 5.22 GHz
          Channel 48 : 5.24 GHz
          Channel 52 : 5.26 GHz
          Channel 56 : 5.28 GHz
          Channel 60 : 5.3 GHz
          Channel 64 : 5.32 GHz
          Current Frequency:2.462 GHz (Channel 11)

And now I wonder why those are missing.

Interesting report from pskreporter psk map today: a negative time at which the signal was reported. I guess the reported time is taken from the original spotter, I had EB4DDQ in the log at 18:12 UTC, he had me in the log at 19:12 UTC.

Besides the antennas for HF frequencies I also have an antenna tuner.

For my readers who aren't busy with radio: the combination of a transmitter and an antenna works best when the antenna acts as a resistor at the value the transmitter expects. In amateur radio most transmitters expect 50 ohms loads. But, the antenna only does that at the frequencies it is resonant on, on other frequencies it will act more like a coil or a capacitor and reflect power back to the radio. This is where an antenna tuner comes in which tries to adjust the antenna using coils and capacitors to match what the radio expects. The downside is you lose power in the tuner and the antenna itself is still not working at its optimum. But an antenna somewhat working is better than no working antenna at all.

So I am trying to use the antenna tuner to be able to transmit on frequencies other than the ones the antennas are made for. Sofar the results are for the 10/20/40m endfed antenna I built at the radio club:

• 10 meter: native frequency
• 12 meter: the tuner can fix it
• 15 meter: the tuner can fix it but the returning signal is so large the radio starts acting weird
• 17 meter: the tuner can fix it
• 20 meter: native frequency
• 30 meter: the tuner can fix it and I made contacts on that band
• 40 meter: native frequency

And for the LW-10 antenna I bought last year hanging outside the attic window:

• 6 meter: the tuner fixes it
• 10 meter: works
• 12 meter: fails to tune
• 15 meter: fails to tune
• 17 meter: the tuner can fix it but USB devices around my PC crash or misbehave
• 20 meter: works
• 30 meter: barely tunes
• 40 meter: works

The antennas were both not to far from the ground and from the house so this can influence their behaviour.

The manual for the LW-10 antenna suggests that using its earth connection to earth it at the transformer box helps against noise. Adding a simple earth connection does not help tuning at 30 meter but it seems to reduce the returning RF problem at 17 meters.

Update: This article When is an Antenna Tuner not an Antenna Tuner? - DX Engineering has a better explanation of what the 'Antenna Tuner' does and why it should be called a 'transmitter matcher'.

So I updated I participated UBA PSK63 Prefix Contest 2016 with the results (20th place in single operator 20 meter band category).

The fun part is that when I just jumped into the UBA PSK63 Prefix Contest 2015 and made a whole of 10 contacts on 10 meter I was 1st for the Netherlands and received a (digital) certificate.

The reddit /r/amateurradio post [Question] Contest Logging in Linux made me look at yfktest again. Yfktest is a curses-based contest logging program in perl, written for Linux.

The difference between a normal logging program and a contest logging program is that a contest logging program is just interested in what is needed to complete a contest contact, usually a callsign, default signal reports and a serial number or area number (depends on the contest). A contest program is optimized to get this information logged as fast as possible with the minimal number of keystrokes.

First thing to get right after getting the source from the subversion repository was to get the rig control settings right. I had a bit of trouble doing this right the first time, but I found out it is easy to set it right since yfktest uses hamlib to control the radio and it starts rigctld with a file rigctld.sh which now contains:

koos@kernighan:~/src/trunk$ cat rigctld.sh 
rigctld -m 122 -r /dev/ttyUSB0 -s 38400 &

The program contains definitions for a number of contests. Having defined the contest before starting the log run means the program knows what to ask and how to calculate the scores during the contest.

I will have to do a dry-run before I dive into a real contest, and then try it in an upcoming contest to see how it works for me.

In digimode contests (where signals are exchanged by the computer) I use the contest options offered by fldigi which works fine for me.

In het najaar van 2014 heb ik een interface tussen mijn FT-857 radio en mijn computer gebouwd voor digitale modes op HF frequenties. Dit heb ik toen in het engels beschreven op mijn eigen website(s).

Omdat de nieuwe website van Veron afdeling Centrum altijd wel verse inhoud kan gebruiken heb ik deze ervaringen nog eens in het Nederlands op een rijtje gezet en dat is Digimode interface voor de Yaesu FT-8×7 door Koos PE4KH geworden met een nieuwsartikeltje Zelfbouw artikel Koos PE4KH.

Ik ben van plan om actief te worden voor Mills on the air 2016 vanaf molen "Het Pink" in Koog aan de Zaan op zaterdag 14 mei.

Vandaag langs geweest om even te proberen of dat allemaal gaat passen en wat een handige plek is voor de antenne, en of ik voldoende antennekabel heb. Omdat de 40 meter band handig is voor Mills on the Air heb ik me op die band gecontentreerd en daar ook een paar verbindingen gemaakt. Twee met stations actief in de CQ WPX contest en eentje met G4VSJ, een engels station wat gewoon wel een praatje wilde maken.

Alle voorbereidingen en overwegingen staan op een rijtje in Mills on the Air 2016 PE4KH.

Update: Ik kwam mijn eigen callsign tegen in de CQ Amateur radio van September 2016 als checklog voor deze contest.

I have been following Adam Curry on and off since the Curry & van Inkel show on the radio in the Netherlands years ago. He is a hobby pilot and active in amateur radio. Recently he heard about skywriting with gps/aprs and went all in: Digital Sky-Writing by Adam Curry and I found it on Skywriting with APRS - /r/amateurradio on reddit. Comments on reddit aren't too favourable, it is clearly a first try but I am amused by Adam's actions. Have fun, Adam.

Once I was quite high in the WiGLE stats but nowadays I only "wardrive" when I remember to switch on the WiGLE client for Android on possibly interesting trips. So from the top position of being at number 14 in the WiGLE stats in June 2009 I now dropped out of the top 100, I just saw myself at ranking 107.

Most interesting recent wardriving option was on our winter holiday to the Brandnertal in Austria. I brought some wardriving device on that trip before and this trip did not find a big number of new networks, but it did find a lot of new mobile phone towers since the previous trip probably was with the WiGLE app on the android tablet without mobile data support.

Going on for a while now...

Mar 21 04:53:03 greenblatt kernel: [5731814.457697] FW reject: IN=ppp0 OUT= MAC= SRC=188.138.33.113 DST=xx.xx.xx.xx LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=62793 DF PROTO=TCP SPT=20067 DPT=50 WINDOW=512 RES=0x00 SYN URGP=0 
Mar 21 04:53:23 greenblatt kernel: [5731833.932497] FW reject: IN=ppp0 OUT= MAC= SRC=188.138.33.113 DST=xx.xx.xx.xx LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=13089 DF PROTO=TCP SPT=20067 DPT=51 WINDOW=512 RES=0x00 SYN URGP=0 

..

Mar 21 22:24:50 greenblatt kernel: [5794921.413042] FW reject: IN=ppp0 OUT= MAC= SRC=188.138.33.113 DST=xx.xx.xx.xx LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=47875 DF PROTO=TCP SPT=20067 DPT=3463 WINDOW=512 RES=0x00 SYN URGP=0 
Mar 21 22:25:20 greenblatt kernel: [5794951.351729] FW reject: IN=ppp0 OUT= MAC= SRC=188.138.33.113 DST=xx.xx.xx.xx LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=63834 DF PROTO=TCP SPT=20067 DPT=3464 WINDOW=512 RES=0x00 SYN URGP=0 

Also noted at a nearby IP address.

The new amateur radio license also gives me more bands to play with. But I don't have an antenna for those bands so I have to find out what my antenna tuner makes of those. On the 10 and 20 meter dipole under the roof I can only add the 17 meter band. On the 10/20/40 meter end-fed antenna I could add several bands including 30 meters which is a band with only reservations for CW (morse code) and digital modes such as PSK31. So I tried a bit of PSK31 on 30 meter today and it worked ok.

A while ago I found out about Ham Radio Signs who make custom signs with your callsign (or anything else). I really liked the idea and decided I would 'gift' myself one when I got my new callsign after upgrading to the full license. So after I was able to register PE4KH I ordered the ham radio sign for it in the style/colour I wanted. It arrived today and I'm happy with it.

It needs 12V-13.8V power but that is usually not a problem in an amateur radio environment!

Na 280 onderbrekingen in anderhalve week en het langzaam ook op gaan treden van andere rare problemen met de Internet verbinding was ik het wel aardig zat. Ik dacht dat ik moest gaan testen met het door XS4ALL ondersteunde modem voor ik bij hun een melding over de instabiliteit kon doen, en was daar dus al voor aan het plannen want modems wisselen en de stabiliteit dan een paar uur aankijken kan alleen als ik thuis ben en tijd heb.

Maar ik kwam in xs4all.adsl een opmerking tegen van Rob:

2 weken geleden had ik hier na maanden lang een rots-stabiele verbinding ineens om het uur een re-train. Ik heb toen andere DSL software in mijn Draytek Vigor 130 modem geladen en daarmee was het helemaal opgelost. (bij dit modem kun je een stuk of 7 verschillende DSL versies kiezen)

Maar de software waar ik nu mee draai is niet degene die de importeur adviseert (dat was degene die ik daar voor had). De importeur heeft nu nog steeds die firmware online staan die dus bij mij niet meer werkt.

Met wat zoeken kon ik de alternatieve firmware versies vinden, op DrayTek Vigor 130 firmware en daar staan in totaal 7 versies, waarvan 2 verschillende met de aantekening er bij (G.Vectoring) Recommended for Netherland ISP - KPN..

Ik gebruikte de 'modem5' versie, ik ben nu overgeschakeld naar de 'modem6' versie. Tot nu toe een eenmalige onderbreking die kwam omdat ik gelijk ook even actief met mijn amateurradiozendontvanger. Daarna nog iets meer gedaan met de radio maar geen onderbrekingen meer.

The attempts to infect systems via malicous javascript in e-mail are quite high at the moment, all trying to fake some urgency to make me open it without checking. Some recent samples:

Your credit card has been billed for $187,11. For the details about this transac tion, please see the ID: 12824622-12824622 transaction report attached.

NOTE: This is the automatically generated message. Please, do not reply.

With:

Archive:  /tmp/statistic_12824622.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
     4055  2016-03-14 13:44   finance_LutQLF.js
---------                     -------

Ever since I upgraded VirtualBox to a version 5 on my work laptop I can't start virtual machines which want to use the VirtualBox host-only network. For some communication I'd like to use that host-only network. Diving deep into the possible reasons found me VirtualBox can't find host-only adapters on Windows 10 which tells:

Oh and please double check that when you go to "Network Connections" and open the Properties dialog of the "VirtualBox Host-Only Network" connection, you see "VirtualBox NDIS6 Bridged Networking Driver" in the "This connection uses the following items" list.

This is indeed the case on my work laptop, and the use of the NDIS6 driver is an upgrade compared to VirtualBox 4. But I know the windows policy at work includes "you cannot use bridged networking" so I think I found the reason.

So now the solution is to use the main NAT network device. I was using the host-only network for some communication between the virtual machine and the host system or other virtual machines which should not be influenced by the 'outside world'. Now I seem to be using NAT as a firewall for that, which is wrong.

My new radio amateur license allows me access to more frequencies. As I remarked about the UBA PSK63 contest in January 2016 most 40 meter digital mode activity was at 7.040 MHz where I had no access with my Novice license. Now I have a Full license I have access to that frequency. The upside of being able to make digital mode contacts on 40 meter is that this radio band allows distance contacts after sunset where the 20 meter band (14 MHz) usually does not allow that when it is completely dark in the winter.

This weekend I participated in the Spanish PSK 63 contest (EA PSK contest) and I started Saturday evening. At that time the propagation of radio signals was gone on the 20 meter band so I started in the 40 meter band at 7.040 MHz and up and made quite a number of contacts there. I continued Sunday morning on 40 meter and made a total of 60 contacts.

A nice result for a contest where I started unprepared, the only thing I did was hang the 10/20/40 meter endfed antenna outside as part of my radio activities Friday evening and I left it out for the weekend.

So today I had some time to actually use my new callsign PE4KH and get on the air. A solar flare disrupted propagation but I made some PSK31 contacts in the 20 meter band and later in the 40 meter band. I can now do PSK31 at 7.040 MHz which was off-limits to me earlier. When signals started fading I switched to JT65 in the 40 meter band.

I was quite impatient and checked the amateur callsign registration site of the Agentschap Telecom daily and it just showed that I did the full exam and I was able to register the callsign PE4KH.

Since you can only have one personal callsign, this means PD4KH has been withdrawn.

Time to start updating it in a lot of places!

Met de regelmatige hikken van mijn VDSL verbinding merk ik nu ook een raar verschil tussen IPv4 en IPv6 voor langlopende TCP sessies van buiten af naar een service op mijn server. Die met IPv6 worden veel eerder verbroken bij een VDSL hik.

Van buiten af zie ik ook een verschil in het gevolg voor IPv4 en IPv6. De output van mtr voor IPv4 vanaf shell.xs4all.nl:

 Host                                Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. 124.ae0.xr4.1d12.xs4all.net       0.0%     2   63.5  31.9   0.4  63.5  44.7
 2. 0.ae1.dr12.d12.xs4all.net         0.0%     2    0.4   0.8   0.4   1.2   0.6

En de output van mtr voor IPv6 vanaf shell.xs4all.nl:

 Host                                Loss%   Snt   Last   Avg  Best  Wrst StDev
 1. 124.ae0.xr4.1d12.xs4all.net       0.0%     4    1.1  24.0   0.4  92.7  45.8

Een hop minder.

Xs4all heeft keurig de router IP adressen consistente namen voor IPv4 en IPv6 gegeven.

I hung the endfed antenna outside today to try to be heard better in the Open Ukraine RTTY Championship 2016 but the whole contest was over before I could get much use out of it. This had nothing to do with the contest but everything with me trying it unprepared. I made 11 contacts.

So I tried something else: get active on 20 meter JT65 with WSJT-X. I saw interesting far away callsigns, even from Hong Kong and South Africa. I was also heard in faraway places including Australia according to pskreporter! This is what this weak-signal mode can do. Downside is that the simple exchange of callsigns and signal reports takes 6 minutes.

I listened to the ARISS contact with England (Wales, to be precise) this morning. I followed the preparations via the principia live stream but I went outside with my arrow antenna for the contact itself.

Elevation at my location was not too high (maximum of 46 degrees) which was a bit of a problem between the houses. I held up my arrow above my head for maximum reception but that got tiring real quick.

So I heard the answers to about 3 or 4 questions. But it is still quite special to hear an astronaut talk live.

On the principia live stream I followed the rest of the event. It's good to see the contact is much, much more than just 10 minutes of Q and A. There was a lot of explanation about the ISS, the work Tim Peake does, the influence of space on the human body. Including bits where the scientists say "we don't know why this happens, we're still researching it".

The ARISS program and the Tim Peake mission must be a boost for STEM (Science, technology, engineering, mathematics) education and amateur radio.

I recently bought a new laptop for home use. The old Dell Latitude D630 was falling apart so it was time for a new one. A linux installation has been done and it's currently Ubuntu 14.04 (with xfce as window manager).

For future plans I want 'all' amateur radio software I use to work on it. So I tested a bit, with:

• rigctld to control the FT-857 radio
• display of the radio status with Grig grig -m 2 -r 127.0.0.1
• audio coupling with the FT-857 radio with recording in audacity
• control of the receive and sending frequency with gpredict for tracking amateur satellites

So I'm ready to track and record amateur satellite contacts and do other amateur radio stuff on the new laptop.

Today I took the exam for the Dutch 'full' radio amateur license. I think I passed (6 errors out of a maximum of 15). Official results in about 2 to 3 weeks.

The main triggers for me to go for the full license was that there are a lot more countries where I can use amateur radio with a full license (this annoyed me when we visited the UK last summer) and I get access to more bands.

It is three years after I passed my novice exam on 2013-03-06, nice timing for an upgrade.

Sinds vanmorgen ineens een hikkende VDSL verbinding, terwijl ik niet eens actief ben met de radio. De verbinding raakt dan ook echt compleet verbroken, dus pppd besluit opnieuw op te bouwen en de VDSL synct opnieuw.

Mar  1 08:06:51 greenblatt pppd[12074]: Connection terminated.
Mar  1 08:07:06 greenblatt pppd[12074]: remote IP address aa.bb.cc.dd
Mar  1 08:43:45 greenblatt pppd[12074]: Connection terminated.
Mar  1 08:44:01 greenblatt pppd[12074]: remote IP address aa.bb.cc.dd
Mar  1 09:23:09 greenblatt pppd[12074]: Connection terminated.
Mar  1 09:23:25 greenblatt pppd[12074]: remote IP address aa.bb.cc.dd
Mar  1 10:12:05 greenblatt pppd[12074]: Connection terminated.
Mar  1 10:12:06 greenblatt pppd[12074]: remote IP address aa.bb.cc.dd
Mar  1 11:40:55 greenblatt pppd[12074]: Connection terminated.
Mar  1 11:41:01 greenblatt pppd[12074]: remote IP address aa.bb.cc.dd

Last Sunday was PACC contest, a radio contesting event especially around Dutch radio amateurs. The contest is scored around making the highest number of contacts between radio stations, in this contest at least one of them has to be in the Netherlands. Contacts are made in speech ('phone') or in morse code ('cw') Some people at my club were going to participate and started building antennas on Friday and were active from Saturday afternoon to Sunday afternoon.

I had time on Sunday but I did not feel very well so I left the contesting to the people who had a better mood for it and I just looked at the action and helped with dismantling the antennas and cleaning up after the contest.

There is also a short report in Dutch at PACC contest 2016, voor de laatste maal op Fort de Gagel - Veron afdeling Centrum.

Another radio amateur found my earlier experiences with transmitting on 20 and 40 meters and the influence on vectored VDSL, Amateur radio transmitting influence on vectored VDSL and And now vectored VDSL doesn't mind transmitting.

He also has the problem of keying up on 20 or 40 meters and having VDSL drop completely. He shared his signal/noise graphs with me and I noticed a similarity with my first signal/noise graph: an area somewhere else in the frequency space used by VDSL which has had serious changes in signal/noise levels.

I switched the modem to a DrayTek Vigor 130 (for reasons having to do with my setup at home) and the first tests with PSK31 and JT65 on 20 meter show no problems with the VDSL modem. But the varying interference above 16 MHz hasn't returned, so maybe when this interference returns the DrayTek Vigor will disconnect too.

I came across this article: DIY: The Off Grid Ham 100 Watts For $300 Solar Energy Plant - offgridham.com which has plans for a solar power setup for 300 US dollar which can indeed power a 100 Watt amateur radio transmitter (on a reasonable duty cycle, not constant transmission).

I do wonder what the parts would cost and where to order them for European radio amateurs. I will probably be interested in some setup like this when life permits me to go outdoor for operating radio for a day.

Found via I am frequently approached by frustrated radio amateurs who are looking to get into solar power and feel completely lost in all the options - Jeff Davis KE9V on Google+.

It's not just me saying that: Scanner sent you a document? Beware of malware attack - Graham Cluley.

Via Scanner sent you a document? Beware of #malware attack @teamcymru

Omdat ik ten opzichte van het eerdere verhaal Configuratie voor VDSL van xs4all met het eindpunt op een linux server toch wat wijzigingen heb, een keer weer alles op een rijtje.

De configuratie is natuurlijk afgeleid van Eigen router achter een XS4ALL-VDSL-aansluiting (3) - Harold Schoenmaker die een Mikrotik router gebruikt met een eigen configuratietaal.

Wat op dit moment nog niet werkt is de MTU van de ppp verbinding terug naar 1500 bytes. Iets in de keten server / switches / VDSL modem laat de iets grotere PPPoE packets niet door.

Het Vigor VDSL modem is in gebruik. Omzetten was een kwestie van wat regeltjes in /etc/network/interfaces wijzigen en aanmaken.

Wat nog niet lukt is de MTU terug naar 1500, ergens in de hele keten komen vergrote ethernet packets er nog niet door. Dus die staat nog even op 1492.

Verder werkt een en ander. De Vigor heeft een telnet interface die me erg doet denken aan die van de Thompson modems. Het script wat de VDSL snelheid uit het modem haalt is dus ook weer een telnet expect script gebaseerd op de code die ik ooit voor de Speedtouch/home gebruikte.

Account:admin

Password: ***********************

Type ? for command help

> show adsl
  ---------------------- ATU-R Info (hw: annex A, f/w: annex A/B/C) -----------
   Running Mode            :      17A       State                : SHOWTIME
   DS Actual Rate          : 75927000 bps   US Actual Rate       : 31370000 bps
   DS Attainable Rate      :111621000 bps   US Attainable Rate   : 43919000 bps
   DS Path Mode            :        Fast    US Path Mode         :  Interleave
   DS Interleave Depth     :        1       US Interleave Depth  :      285
   NE Current Attenuation  :        9 dB    Cur SNR Margin       :       17  dB
   DS actual PSD           :    -4.-1 dB    US actual PSD        :    13. 1  dB
   NE CRC Count            :        0       FE CRC Count         :       31
   NE ES Count             :        0       FE  ES Count         :        3
   Xdsl Reset Times        :        0       Xdsl Link  Times     :        2
   ITU Version[0]          : b5004946       ITU Version[1]       : 544e0000
   VDSL Firmware Version   : 05-07-01-0A-01-07   [with Vectoring support]
   Power Management Mode   : DSL_G997_PMS_L0
   Test Mode               : DISABLE
  -------------------------------- ATU-C Info ---------------------------------
   Far Current Attenuation :        0 dB    Far SNR Margin       :        5  dB
   CO ITU Version[0]       : b5004244       CO ITU Version[1]    : 434db0c7
   DSLAM CHIPSET VENDOR    : < BDCM >
>

Het verschil wat in mijn grafiekjes opvalt is dat de 'upstream path mode' interleaved is wat een paar milliseconden(!) verschil geeft op de latency.

Ook wat verschillen in maximale snelheden, maar die vallen ruim binnen de marges van het abonnement wat ik heb.

Vectored VDSL spectrum as reported by the Fritz!Box 7360. The earlier interference seen starting around 16.5 MHz isn't visible.

After a restart of the modem the interference starting around 16.5 MHz hasn't returned. The interesting fact is that now transmitting on 14.070 MHz PSK31 does show in the signal/noise graph of the modem but there was no connection hickup the first time I did that, the bits/carrier just adjusted down and things went on fine.

Het bestelde DrayTek Vigor 130 VDSL2 / ADSL2/2+ modem/router is geleverd (met dank aan Azerty) en nu ben ik even bezig met het instellen. Gelijk maar een firmware opgezet die geoptimaliseerd is voor vectored VDSL2 en de pppoe configuratie klaargezet op de server.

Pluspuntje van dit modem: het heeft een echte aan/uit schakelaar dus zal het na een stroomstoring weer gewoon opstarten.

I picked up new QSL cards at my radio club Veron A08 Centrum and it had a very special one: the confirmation of my first radio contact via amateur satellite with GS3PYE/P.

I had a day with for me special contacts recently. First with UT1FG/MM, Yuri who is a captain on a freight ship and crosses the ocean with some spare time to make amateur satellite and HF contacts. I had a contact with him while his ship was nearing Gibraltar from the Atlantic Ocean, which is my first 'sea' gridsquare. I hope to contact him again via satellite or HF!

Second with 7X3WPL, Sahara DX Amateur Radio Club. I have seen them a lot, tried to answer them every time (I was trying to reach them when I made a contact with Indonesia) and this time it worked.

And a contact on 20 meter PSK31 at 22:57 localtime with IK0OEF Claudio in Italy, way past sundown. I am used to propagation on 20 meter dropping when the sun sets so this was quite remarkable.

And a few days later a contact with 9H1KR on the island of Malta, also a new country for me.

Gisteren heeft een groot deel van de dag de Internet verbinding thuis er uit gelegen. Vermoedelijk bracht een korte VDSL hik het modem in een status waarbij processen op het modem niet meer de pppoe zaken doorlieten. Pas 's avonds kon de zaak hersteld worden. Blijkbaar is de fritzbox 06.20 firmware hardnekkiger in het herstarten van processen als dsld dan 06.04.

Maar dit is wel het moment om te kiezen voor een modem waarbij een verplaatst PPPOE endpoint een ondersteunde setup is, wat volgens de omschrijving meer een setup voor de zakelijke markt is. Dan ben ik maar een zakelijke gebruiker. Ik kom terecht op de DrayTek Vigor 130 VDSL2 / ADSL2/2+ modem/router die ook pppoe forwarding ondersteund, bijvoorbeeld zoals besproken in Eigen router achter een XS4ALL-VDSL-aansluiting (3) - Harold Schoemaker al doe ik het deel erachter 'gewoon' met Linux en niet met een MikroTik router. Tijd om wat hardware te bestellen.

Opmerkelijk is dat er in de firmware download van de Vigor 130 7 versies(!) Annex A firmware zijn waarvan 4 voor diverse implementaties vectored VDSL. Dat geeft toch het gevoel dat vectored VDSL een nieuwe en nog niet zo uitgekristalliseerde technologie is.

In lynx krijg ik ook de melding over een adblocker van nu.nl. Nee, ik heb geen adblocker in lynx!

In this morning, a virus targetting people who think faxes are still a thing.

Security tip: never trust unsollicited attachments!

A new fax document for you.

You can find your fax document in the attachment.

Scan quality:    200 DPI
File size:       280 Kb
Pages sent:      8
From:            Scott Baird
Processed in:    16 seconds
Document name:   scan-00318314.doc
Scan date:       Sun, 31 Jan 2016 22:46:28 +0300

Thank you for using Interfax!

With an attachment

Archive:  /tmp/scan-00318314.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
     2275  2016-01-31 17:58   scan-00318314.doc.js
---------                     -------
     2275                     1 file

Obfuscated javascript trying to find and exploit vulnerabilities to infect my machine.

Our VDSL Internet connection was recently upgraded to vectored VDSL which gives us a lot more speed: attainable speeds are now 117057 kilobit down and 42201 kilobit up. The subscription speeds are much lower, but still very nice for a home Internet connection.

The downside is that VDSL uses a lot of spectrum from nearly 0 Hz up to 17664 kHz which includes several amateur bands and vectored VDSL seems to be highly sensitive to other RF signals. For me at least 20 meter (14 MHz) and 40 meter (7 MHz). I already caused several disconnects by transmitting in these bands and even with more recent firmware this problem remains.

I have been active on the same bands since we got faster speeds without vectoring (in the beginning of November 2015) but it did not influence the VDSL stability when vectoring wasn't enabled. The VDSL profile hasn't changed (17a) so the same frequencies are used.

Vectored VDSL spectrum as reported by the FRITZ!Box 7360. The hole in bits per carrier around 14 MHz is caused by my PSK31 transmitting (I can see the influence on the signal/noise ratio while transmitting). The hole above 16.5 MHz (starting near carrier 3840) is caused by some other source of interference.

Some people give the advice to run sshd on a different port number to make less attacks happen. But with the constant scanning and automatic service fingerprinting that won't change much.

This example is from shodan.io search engine but any scanner could find this.

I consider shodan.io a good service: I use it at work to find misconfigured systems. The scanning shodan does is like the research any beginning interested attacker would do.

The recent interruptions in the outside Internet connection made my wish to improve some things in the server at home so internal things keep running through an interruption.

I have to request an IPv6 range for an interface to make wide-dhcpv6-client run, it won't run when I don't configure the interface to assign a /64 to, and my ISP will not route IPv6 when I don't use IPv6 prefix delegation to request the space which is static anyway. But I want the wired and wireless network to have fixed IPv6 ranges so things keep running even when the outside link has a hickup. Solution: request the IPv6 range for a dummy network interface and assign static IPv6 ranges to the ethernet interfaces. In /etc/network/interfaces:

auto dumdh6
iface dumdh6 inet static
    pre-up ip link add name dumdh6 type dummy
    address 0.0.0.0

And in /etc/wide-dhcpv6/dhcp6c.conf:

interface ppp0
{
        send ia-pd 0;

                script "/etc/wide-dhcpv6/dhcp6c-script";
};
id-assoc pd {
        prefix-interface dumdh6 {
                sla-id 3;
        };
};

And there is another dummynet interface to assign the fixed IP addresses to I use for hosting services. This means those services can start (and keep running) even when the link hickups and removes the IP address from the ppp interface. Earlier I did this on an unused vlan interface, but using dummynet feels more tidy.

Eerst een 06.30 firmware geprobeerd via de officiele weg en die deed het wel en gaf een stabiele verbinding (bij een korte test..) maar de 06.30 versie (de laatste versie op dit moment) heeft helemaal geen opties meer voor telnet / pppoe met pppd op een apart systeem wat ik wel wil.

Na veel zoeken een 06.20 firmware voor de fritzbox 7360 gevonden waarop met de uitleg uit eerdere gedachten hierover het wel werkend te krijgen was.

Heel stabiel en prettig is het niet, ik moet na een VDSL hik met de hand wat dingen uit debug.cfg uitvoeren (dat lukt dus niet van buitenaf..).

Op een bepaalde frequentie in de 20 meter band kom ik ook een draaggolf tegen en toen ik daar zelf op ging zenden herstartte ook de VDSL compleet.

Een definitieve oplossing hiervoor is toch een Fritzbox met goeie support voor een extern pppoe endpoint (wat voor AVM misschien in een verre toekomst zit) of een Draytek Vigor 130 VDSL2 modem.

Update: voorlopig is het geheel stabiel, de tellers voor fouten blijven de hele nacht op 0 staan.

Recently posted: shodan.io actively infiltrating ntp.org IPv6 pools for scanning purposes. So I tried:

ntpdate -d -u 2a03:b0c0:3:d0::18:b001

And indeed:

Jan 28 14:42:25 server kernel: [1187976.106758] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=49717 DPT=55554 WINDOW=54358 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107191] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34680 DPT=50070 WINDOW=26315 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107256] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=49717 DPT=32764 WINDOW=15398 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107309] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=41249 DPT=44818 WINDOW=15146 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.107380] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=52 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=13864 DPT=30718 LEN=12 
Jan 28 14:42:25 server kernel: [1187976.107427] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=59140 DPT=25565 WINDOW=53087 RES=0x00 SYN URGP=0 
Jan 28 14:42:25 server kernel: [1187976.108613] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=55 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=32950 DPT=8888 LEN=15 
Jan 28 14:42:25 server kernel: [1187976.110197] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=39721 DPT=64738 LEN=20 
Jan 28 14:42:25 server kernel: [1187976.110315] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=50 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=46499 DPT=5632 LEN=10 
Jan 28 14:42:25 server kernel: [1187976.110405] FW dropped: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=65 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=UDP SPT=21934 DPT=47808 LEN=25 
Jan 28 14:42:31 server kernel: [1187981.938880] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34235 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:31 server kernel: [1187982.030058] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34235 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:31 server kernel: [1187982.197203] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34237 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:33 server kernel: [1187984.398977] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34245 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 
Jan 28 14:42:34 server kernel: [1187984.620836] FW reject: IN=ppp0 OUT= MAC= SRC=2604:a880:0800:0010:0000:0000:00fe:d001 DST=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx LEN=60 TC=0 HOPLIMIT=55 FLOWLBL=0 PROTO=TCP SPT=34244 DPT=993 WINDOW=0 RES=0x00 RST URGP=0 

I would have expected more ports tested.

En circa 6 uur na het inschakelen van Vectored VDSL is de hele VDSL instabiel en duurt het regelmatig lang voor data overkomt. Regelmatig valt de hele ppp sessie weg en het is al gebeurd dat de ppp sessie opkwam zonder IPv4 maar met IPv6 (gelukkig kon ik toen via IPv6 inloggen en een herstart forceren om weer IPv4 te krijgen).

De ultieme hik kwam toen ik ging zenden op 14.070 MHz (20meter PSK31 frequentie) wat binnen het VDSL2 spectrum valt. Toen verbrak de verbinding compleet en werd opnieuw de snelheid onderhandeld, waardoor er toch waardes anders werden. Maar de instabiliteit was er al voor deze actie.

 		Receive Direction 	Send Direction
Max. DSLAM throughput	kbit/s	111216	33032
Min. DSLAM throughput	kbit/s	784	232
Attainable data rate	kbit/s	76636	43379
Current throughput	kbit/s	76023	32056
Seamless rate adaptation		off	off
 			
Latency		4 ms	8 ms
Impulse Noise Protection		72	2
G.inp		on	off
 			
Signal-to-noise ratio	dB	6	5
Bitswap		on	off
Line attenuation	dB	9	3
 			
Profile	17a		
G.Vector		on	on
 			
Carrier record		A43	A43

Het lijkt er op dat ik nieuwere firmware op het modem moet installeren om de stabiliteit met vectored VDSL weer te verbeteren. Maar nieuwere firmware geeft weer meer moeite om mijn pppoe hacks mogelijk te maken.

Vandaag in de middag is vectoring ingeschakeld op de VDSL. Dit heeft vooral erg leuke gevolgen gehad voor de upstream snelheid:

 		Receive Direction 	Send Direction
Max. DSLAM throughput	kbit/s	111216	33032
Min. DSLAM throughput	kbit/s	784	232
Attainable data rate	kbit/s	114042	49851
Current throughput	kbit/s	76748	29514
Seamless rate adaptation		off	off
 			
Latency		4 ms	8 ms
Impulse Noise Protection		74	2
G.inp		on	off
 			
Signal-to-noise ratio	dB	17	7
Bitswap		off	on
Line attenuation	dB	9	3
 			
Profile	17a		
G.Vector		on	on
 			
Carrier record		V43	V43

Het leuke effect is ook dat daar waar de downstream snelheid voor Internet verkeer ergens wordt afgeknepen tot de snelheid van het abonnement (circa 20 megabit), dat met de upload niet gebeurd en ik dus nu ongeveer 20 megabit downstream en 27 megabit upstream heb.

The last weeks the virus mail trying to make me open Word/Excel files with macro virusses is on a serious rise. Mostly attached (so mail virus scanners seem to be losing again) and sometimes trying to make me download the file from some website. Abusing names of well-established companies.

The most devious type I saw was trying to convince the receiver he/she had damaged a car and had to pay up soon or police would be involved, find the pictures (with .jpg.exe names) at this link.

Any document sent to you unsollicited is suspect.

And from the stupid e-mail disclaimer copied from the 'innocent' company:

E-mail may be susceptible to data corruption, interception, unauthorised amendment, viruses and unforeseen delays, and we do not accept liability for any such data corruption, interception, unauthorised amendment, viruses and delays or the consequences thereof. Accordingly, this e-mail and any attachments are opened at your own risk.

As if they had seen this coming! And they should learn about digital signatures.

Deze keren spam voor een Belg van:

• Green Profit LED verlichting
• Hotdevil haardhout

Eerder, eerder, eerder.

For an upcoming demonstration about security I plan to play with sniffing insecure wireless networks.

I currently have a 'WiFi Pineapple' to play with which makes this quite easy. I created an open wireless network with the SSID of a very popular open network which should be 'attractive' to the visitors of the demonstration and I play with tools to show what can be found in the passing datastream.

First of all dsniff for decoding usernames/passwords in a lot of open protocols, like:

dsniff: listening on
-----------------
01/21/16 21:54:47 tcp xx.yy.zz.60683 -> ftp3.xs4all.net.21 (ftp)
USER ftp
PASS koos@

-----------------
01/21/16 22:05:49 tcp xx.yy.zz.35913 -> pop.xs4all.nl.110 (pop3)
USER bestaatniet
PASS weetikniet

It took me a while to get dsniff working: it does not 'see' connections that originate on the system it is running on, which was my 'preferred' way to test it.

And a more visual one: driftnet for picking out all images from passing traffic. It's a strong visual thing when you see the images from a site you visit popping up in another screen.

I am pondering making my websites available via https using a Let's Encrypt certificate which are free and support multiple servernames. Currently I have one HTTPS site running with a certificate signed by my own CA which is only trusted by my own systems.

Chances are that I will find lots of places where I will get mixed-content warnings and things that will break. So switching to https-only will have to wait.

But the good news is that it's possible to omit the protocol from a hyperlink, leading to the following bit of HTML code in Nice APRS track this morning:

<img src="//idefix.net/~koos/pics/aprs-PD4KH-20160108.png" alt="APRS track PD4KH 20160108" title="APRS track PD4KH 20160108"><br>

This will keep working when idefix.net becomes reachable via https and will not give a mixed-content warning. I just have to make sure the http and https versions of idefix.net work exactly the same.

At the moment this works fine, even when viewing the RSS feed using sage. According to Can I change all my http:// links to just //? on stackoverflow the number of browsers that don't support this is very small.

Tijd voor een nieuwe scan! Deze keer kwam ook de 'Regio Oost-Noord' multiplex goed voorbij op kanaal 6B. Ik zie de andere regio multiplexen wel eens vaker op mijn Pure radio, maar die worden meestal net niet gezien door de Noxon ontvanger. Deze keer wel, altijd leuk.

Meer DAB+ diensten via MTVNL, het is duidelijk dat MTVNL ontdekt heeft dat er meer zit in DAB+ dan mobiele TV via hun multiplex.

Adding the extra data for the contacts I made in the recent UBA PSK63 Prefix Contest 2016 I noticed I had a new distance record: the contact with YB1AR was over a distance of 11468 kilometers. In the heat of the contest I didn't even notice it was Indonesia, let alone such a distance.

One of the reasons for shutting down the homeserver was that I have a constant heavy noise on several amateur radio bands, at least on 10/20/40 meters. The noise is always at level S7/S8. I wanted to eliminate the server / UPS / network switch as possible source of the noise.

Rebooting the server also helped reset the video mode back to 80x50 so the earlier problem with interference caused by the video mode is now gone, even with the video cable plugged in. But there is still a lot of other noise left.

I shutdown and rebooted the homeserver to get an updated kernel and look at some other things. After booting up again I noticed the problem with IPv6 not active on interfaces that started early was happening again. No linklocal addresses configured, no global addresses configured. This affects all ethernet interfaces and ppp0 for the link to the outside world. I also noticed this problem after the upgrade, see Upgrading the homeserver to Ubuntu 12.04 but the problem remains even with an updated kernel (currently 3.2.0-97-generic).

I have no idea what causes this and how to fix it. It seems related to Debian bug #726569: haproxy doesn't start on boot due to missing IPv6 address on interface but in that case the address is configured but just not available to applications to bind to. Related Beware the IPv6 DAD Race Condition - Andrew Ayer suggests the same (duplicate address detection race condition) but has disabling duplicate address detection (DAD) as workaround.

So I recovered the complete logs for the UBA PSK63 Prefix Contest 2016 and generated a cabrillo export for entering in the contest.

The planning and preparing for this contest helped, macro's worked as planned. The negative side was that the ionospheric propagation dropped sharply after sunset which closed the 20 meter band. I switched to the 40 meter band but almost all activity was below 7.050 MHz, where I am not allowed to transmit. After sunrise and a good breakfast on Sunday morning I worked some more on the score and improved things.

The results: 94 contacts (QSO's) in total, 87 on the 20 meter band and 7 on the 40 meter band. I decided to enter in the single operator 20 meter category since I expect my score to end relatively higher in that category compared to the single operator all band category. Claimed score: 87 qso's * 67 unique prefixes = 5829 points. Looking at the previous years scores that would put me at the 15th spot for single operator 20 meter.

My soapbox comments:

SOAPBOX: Entered as SO20 because almost all 40M activity was outside my
SOAPBOX: allowed band segment (Dutch novice starts at 7.050 MHz)
SOAPBOX: Propagation dropped fast after sunset
SOAPBOX: Something hickupped in my outgoing serial counter

Update: The UBA PSK63 Prefix Contest 2016 logs received overview has me listed with claimed score 6956 which means they included my 7 contacts on the 40 meter band in the calculation. I hope they correct this in the real score calculation.

Update 2016-03-31: The results are in: 85 qso's accepted * 66 unique prefixes = 5610 points. In the 20th spot at UBA PSK63 prefix contest results SO20 Single Operator 20 Meter band. At number 2 for my country (PD2PKM made a lot more contacts) and at number 19 for Europe. No certificate this year. Looking at the results for Single Operator All Band the choice to enter in the 20 meter category was a good one.

It seems there is some internal corruption in the fldigi program I use for amateur radio digital mode connections. Normally this shows as some strange artefacts on the screen, which means it is time to stop and start fldigi, and reset the outgoing serial number to the right number when I am busy in a contest. The more active use during a contest also seems to be a trigger.

Anyway, this internal corruption hit me hard today: right in the last minutes of the UBA PSK63 prefix contest 2016 the program hung during logging an entry, leaving me with a 0 byte logfile on disk, so all records of digimode contacts gone.

I can recover everything and still submit my results: restore the logbook.adif file from tape, add entries created after the last backup from cqrlog and add the serial numbers again to the fldigi contacts log from the fldigi text log since cqrlog copies the logentries from fldigi but without the 'contest' information. But that processing will have to wait a bit as other things take priority. The log has to be submitted before januari 17, 23:59 UTC.

Restoring the file from tape was extra interesting since I just got an error message

amrecover - can't talk to tape server: service amidxtaped: 

from amrecover. This turns out to be a known bug in amanda 3.3.0 in ubuntu 12.04 LTS: Bug #1074574 “known issue: amrecover - can't talk to tape server...” : Bugs : amanda package : Ubuntu and Bug #1077105 “amrecover - can't talk to tape server: service ami...” : Bugs : amanda package : Ubuntu. I applied the changes noted in the bugreports and after that I could restore the file.

Update: The rest of the restore operation was a matter of importing the right records back from cqrlog into fldigi and adding the serial numbers from the fldigi text log. This was just a lot of searching and typing.

Time to count IPv6 visitor percentage to different websites again:

Site	July 2009	July 2010	July 2011	July 2012	July 2014	July 2015
http://idefix.net/ my homepage	1%	2%	2%	3%	4%	6%
http://netwerk.idefix.net/ hcc!pcgg netwerkgroep	2%	2%	2%	3%	1%	3%
http://weather.idefix.net/ weather maps	< 1%	5%	6%	7%	6%	12%
http://bbs.idefix.net/ BBS files		1%	1%	1%	3%	7%
http://webcam.idefix.net/ the webcam	< 1%	1%	< 1%	2%	2%	5%
http://www.virtualbookcase.com/ The Virtual Bookcase	< 1%	1%	1%	4%	87% 3%	80% 6%
http://www.camp-wireless.org/ Camp Wireless	< 1%	1%	1%	3%	70% 3%	82% 6%
http://weatherstation.idefix.net/ Weather station Utrecht Overvecht					1%	5%

Interesting numbers. Results for The Virtual Bookcase and Camp Wireless are totally skewed thanks to some IPv6 bot constantly checking the site from constantly changing IPv6 addresses .. but without privacy extensions enabled. Other sites are showing a growth consistent with general IPv6 growth in the world.

Method: unique IPv6 addresses seen in the whole month / total unique addresses (IPv4+IPv6) seen in the whole month.

Update: Filtering for 'curl' helped in normalizing the results.

It seems to be a recurring item in amateur radio to post your 'new years resolutions'. I answered in the reddit thread What's your 2016 Amateur Radio resolutions? [sic] with my plans:

• Pass the exam for the full license on 2 March
• Participate in "Mills on the air" in May
• Making amateur satellite contacts when the weather permits
• Participate in a few digimode contests 'seriously' (preparing, using an outside antenna, optimizing score). Sofar I usuallly go 'oh there is a contest I'll throw in my call and see if I can score some points'
• Bring some radio stuff on summer holiday (a full license makes this possible in a lot more countries around here)

I brought the handheld radio this morning to listen to the school contact with Tim Peake GB1SS - amsat UK

I had good reception of the school contact. It did sound to me like there were a few starting problems: I heard the astronaut trying to call the school when the ISS was already rising in my location and I only heard answers to about 4 or 5 questions. On a west-to-east pass that went over the UK first this means the contact started a bit late.

Comparing the list of prepared questions in ARISS contact planned for school in St. Albans - amsat UK with the report in Pupils make radio call to Tim Peake - BBC News shows indeed the fifth question was the last question answered.

APRS track PD4KH 20160108

I brought the handheld radio this morning to listen to the school contact with Tim Peake GB1SS - amsat UK so I just added the mobilinkd to active APRS tracking on the way to work. This gave me a nice track of my activities on aprs.fi.

Last weekend I noticed a contest going on, the ARRL RTTY Roundup and I decided to throw in my call and participate. As this was unprepared and unplanned I just had the updated contest macros to use and the attic antenna. So, my claimed results: 27 contacts with 17 different countries, 459 points. I entered in the 'Low power, non-assisted, single operator, 20 meter band' category.

Highest serial number I received was 1313(!) And this is a new year in the Veron afdelingscompetitie which I also updated with my score.

Update 2017-01-09: I checked for scores from time to time but not until a year later I noticed those were published by the ARRL in July 2016. I just never noticed them until the next ARRL RTTY roundup...

Call PD4KH class SOLP score 294 QSOs 24 after check, Multiplier 14, 24 QSOs on 20m.

I visited the Hobby boards website just out of interest and noticed they are going out of business. With the growing interest in home automation I thought they would be doing great but I guess 1-wire networks aren't as popular as the wireless home automation options (which don't seem to be designed for security and privacy).

I still have a number of temperature sensors so I can add those easily. I have ordered another humidity sensor since that is something I want to measure indoor in the crawlspace under our house.