2017-07-30 (Goed geregeld in dierenpark Amersfoort. Koffie in de buurt.)
: Goed geregeld in dierenpark Amersfoort. Koffie in de buurt.
2017-07-28 Already doing a casemod on the new home server
The new homeserver 2017 has arrived and I'm working on installing it. But first I had to do my first 'casemod' which was just rerouting a few cables. The case comes with a fan control, but I want all fan control to come from the mainboard and monitor the fans from the operating system. So I disconnected the fans from the case fan control and reconnected them to fan connectors on the mainboard that allow for voltage based fan control and monitoring. The case is a bit overkill, but looks really good and offers lots of routes for airflow. New to me was that the case has cableguides which allow it to look really nice internally and have really good airflow. So I used those cableguides when I rerouted the fan cables and even tie-wrapped the cables to keep them looking nice.
2017-07-25 If you post about "334 VXNlcm5hbWU6" be aware what you are sharing
I saw someone post somewhere about problems with sending mail, with the complete session log. E-mail addresses were obfuscated, but there was a part of the session not obfuscated, which had far more interesting secrets than just e-mail addresses. It looked a bit like this:250-HELP 250-AUTH LOGIN PLAIN 250-SIZE 157286400 250-8BITMIME 250 OK AUTH LOGIN 334 VXNlcm5hbWU6 dXNlcm5hbWU= 334 UGFzc3dvcmQ6 cGFzc3dvcmQ= 235 ... authentication succeeded RSET 250 OKThose "random" letters and digits look a lot like base64, so to decode them:$ echo "VXNlcm5hbWU6" | base64 -d ; echo Username: $ echo "dXNlcm5hbWU=" | base64 -d ; echo username $ echo "UGFzc3dvcmQ6" | base64 -d ; echo Password: $ echo "cGFzc3dvcmQ=" | base64 -d ; echo passwordSo the random letters and digits are actually username and password, very interesting information. Searching for VXNlcm5hbWU6 gives me examples of usernames and passwords.
2017-07-24 Last night receiving ISS SSTV images
And a third night. I used the timed recording option of audacity, which in the current linux version does not offer the option to set in advance how to save the project. This time I 'only' recorded for 7 hours, and was able to save the project afterwards without needing a recover. But on reloading the saved project audacity complained about some internal error in it, and it still had the problem of assuming 44.1 kHz sampling while showing the project sample rate as 48 kHz. Anyway, images decoded from the audio and I even recieved a few new ones.
2017-07-24 Getting a lot more entropy from the Raspberry Pi
On doing some research on randomness in Linux I found out about the rng-tools package which includes rngd which can get randomness from hardware random generators to linux /dev/random. On the main homeserver greenblatt there was no hardware randomness source available, I already use randomsound to generate randomness from audio noise. I found out the Raspberry Pi has a hardware randomness source so I installed rng-tools and rngd was able to use it. The impact on the measured available entropy is quite visible.
2017-07-23 Another night of receiving ISS SSTV images
On the night from Friday to Saturday I had the whole setup ready to receive more ISS SSTV images. And nothing was received since I had the antenna unplugged during Friday because of thunderstorms and forgot to plug it back in. So when I found that out I put a note on my desk with 'Antenna unplugged?' which can be a reminder to unplug it when I'm done or plug it in when I want to receive something. On the night from Saturday to Sunday I plugged the antenna in and let the whole setup run again like on the earlier run on Friday Received slow scan TV images from ISS while I was sleeping. To make sure I had the antenna plugged in I tuned to 145.750 MHz where I can hear a distant repeater faintly. Again audacity hung after the recording, and this time on recovery it had some issues with the saved project. At first I could see and hear audio of SSTV passes but qsstv could not decode anything. In the waterfall display of qsstv it looked like the frequencies were too low. I had a thought that maybe something decided the samplerate was back to 44.1 kHz so I simply speeded the audio of an image pass up by 8.8435% and suddenly it decoded fine. In the end I decoded 11 images from the ISS SSTV project. Numbers seen 8, 10, 9, 6, 7, 8, 6, 4, 5, 6. And 2 images from nearby radio amateurs who weren't operating according to the bandplan... but at least did not interfere with the ISS SSTV transmissions.
2017-07-21 (I received images from the current ISS SSTV event while sleeping. I decided to use my vertical for VHF...)
: I received images from the current ISS SSTV event while sleeping. I decided to use my vertical for VHF/UHF and left the radio/computer running overnight to get my rest, and tried to decode images from the recorded audio afterwards. This worked better than expected since I found images from low passes.
2017-07-21 Received slow scan TV images from ISS while I was sleeping
I read about the current ARISS Celebrates it’s 20th Anniversary through SSTV Event and noticed the planned times weren't really compatible with my day/night cyclus. I know, as a hardcore radio amateur I should be up at the weirdest hours for rare events but I also like my sleep a lot and my wife really dislikes alarms at weird hours. Automation to the rescue: I decided to record all of a night of ISS signals on the computer with audacity and decode images from it later. The computer adjusted the radio for doppler using gpredict. Since I don't have an automatic rotor for satellite antennas I used the VHF/UHF vertical. This may seem strange but the weakest signals from ISS are when it is right above the horizon (which is when the vertical has the best reception). And as noticed on earlier SSTV events that compared to other amateur satellites the ISS has a strong signal. So I left it running for a night and checked the results afterwards. The result was a 9 hour recording and audacity decided to hang after stopping the recording. I made a backup copy of the audio data just to be safe and restarted audacity. Luckily it recovered the project fine after restarting. With a recent version of qsstv I decoded the recorded audio and searched for ISS passes in the recording. The result is 13 decodes in one night. It turns out it received audio from a number of low passes that I did not see in gpredict because I have gpredict set up to skip low passes (those that don't come above a 20 degree angle above the horizon). But the strong signals from ISS make those show up in my radio anyway. Decoded and seen the numbers sofar: 11 (partially), 12, 9, 10, 9, 10, 9 (partially), 9, 7, 8.
2017-07-19 New threat going around "Please find attached our purchase order"
E-mail with subject starting with "Please find attached our purchase order number" and a zip, with a zip in it with in that zip an .exe file.Archive: PO185 - 188207 X.zip Length Date Time Name --------- ---------- ----- ---- 341805 2017-07-19 04:55 PO362 - 867977 X.zip --------- ------- 341805 1 fileArchive: PO362 - 867977 X.zip Length Date Time Name --------- ---------- ----- ---- 431458 2017-07-19 15:32 PO362 - 867977 X.exe --------- ------- 431458 1 fileI guess the .exe will cause some serious damage in Windows operating systems. The size is huge, where is the time virus writes tried to stay below 1024 bytes!
2017-07-17 Wireless access-point TP-LINK TL-WDR4300 firmware
Recently the wireless access-point decided that I should not have access to the management interface. I even tried both the IPv4 address I assigned and the default IPv4 address it gets. And the last days I noticed strange delays, which may have been caused by channel overlaps. So I wanted access to the management interface to check the channel settings. I noticed the management interface decided to respond again on the IPv4 address I assigned, and I saw new firmware available which should also help with some stability issues. Firmware upgraded, and after the upgrade and automatic reboot my access was gone again. Time for the suggested factory reset to get everything back to normal. Done, and I was able to set it up again from scratch with the right configuration. Maybe I should start running some kind of wiki or something to keep internal documentation of my home network. I had a hard time remembering several details of my own setup recently.
2017-07-17 Now NetworkManager generates resolv.conf .. and starts with legacy IP
I removed rdnssd and resolvconf and fixed the symlink linking /var/run/NetworkManager/resolv.conf and /etc/resolv.conf by hand. The file /etc/NetworkManager/NetworkManager.conf now says:dns=none rc-manager=fileBut now I run into the 'NetworkManager prefers IPv4 resolvers' again, leaving me with the resolvers from the DHCP answer before those from the IPv6 route advertisment. The search domains are fine now.
2017-07-16 Uploading FT8 contacts to eQSL
This evening I noticed incoming FT8 QSO's in eQSL, so the mode is now recognized there. But I needed to retry uploading all FT8 contacts to get them to upload. It took a bit of experimenting, but finally the right SQL command to mark the contacts as not uploaded was:$ mysql -S /home/koos/.config/cqrlog/database/sock cqrlog002 mysql> update cqrlog_main set eqsl_qslsdate = NULL where mode='FT8'; Query OK, 24 rows affected (0.02 sec) Rows matched: 26 Changed: 24 Warnings: 0And now they are all uploaded. That is about a week between first seeing mentions of FT8 in radio amateur news and the first confirmed contacts.
2017-07-16 I participated in the DMC RTTY 2017 contest
Or maybe I should use the word 'played' again: 6 contacts. It was a weekend with not much time for radio and when that time did happen propagation wasn't cooperating very well. The advantage of contests is that there are a lot of stations who want to hear every other station, so I used the last 20 minutes of this contest just to answer a few calls and get in the log.
2017-07-16 SSH attacks by Java
Jul 16 04:17:01 greenblatt sshd: reverse mapping checking getaddrinfo for 121-124-124-73.youiwe.co.kr [18.104.22.168] failed - POSSIBLE BREAK-IN ATTEMPT! Jul 16 04:17:01 greenblatt sshd: Invalid user 1234 from 22.214.171.124 Jul 16 04:17:01 greenblatt sshd: input_userauth_request: invalid user 1234 [preauth] Jul 16 04:17:01 greenblatt sshd: Received disconnect from 126.96.36.199: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]That last bit is not from my sshd but an error message related to a java library for ssh, as noted in Reasons for com.jcraft.jsch.JSchException: Auth fail | Maximilian Böhm which correctly notes that attacks are a reason.
2017-07-15 More resolving via IPv6
I was reading Debian Stretch - Het Lab Henk van de Kamer (in Dutch) which mentions removing package rdnssd to avoid a dependency problem. But I like rdnssd as it helps use the nameservers available via IPv6 in a network with only SLAAC and no DHCPv6. Right away I had to check on my own laptop with Ubuntu 16.04 and noticed all traffic was going to the IPv4 address of the local resolver. Which is not what I want, I want to prefer IPv6 when possible. Searching found Bug #936712 “NetworkManager should put IPv6 DNS servers before I...” : Bugs : network-manager package : Ubuntu which is indeed what I saw, and it's still showing in Ubuntu 16.04 Xenial. My solution was to stop using dnsmasq, and switch to a generated resolv.conf from NetworkManager. To do that I had to update /etc/NetworkManager/NetworkManager.conf to have:#dns=dnsmasq dns=none rc-manager=fileAnd now I have a resolv.conf with only 3 IPv6 nameservers and no search domains. Not exactly what I want, but at least IPv6 is preferred. I considered something using only the first three resolvers because that is a maximum somewhere but just advertising two resolvers via radvd also makes two show up in the generated resolv.conf. This is not perfect. The generated resolv.conf has comments that it is generated by resolvconf so maybe this is a conflict between resolvconf and NetworkManager not in 'use resolvconf' mode.
2017-07-15 (It's a new +TX Factor episode. A good one, with inspiring stories about digital modes on VHF/UHF and...)
: It's a new episode. A good one, with inspiring stories about digital modes on VHF/UHF and a good bit on the Norfolk Amateur Radio Club
2017-07-13 (This week Monday and Tuesday I saw mentions of FT8 on reddit, talked about it at my club Tuesday evening...)
: This week Monday and Tuesday I saw mentions of FT8 on reddit, talked about it at my club Tuesday evening, found some time to upgrade WSJT-X on Wednesday and had the first contacts.
2017-07-13 Interesting log item
Haven't seen this before:Jul 13 09:29:45 greenblatt sshd: Invalid user from 188.8.131.52 Jul 13 09:29:45 greenblatt sshd: input_userauth_request: invalid user [preauth] Jul 13 09:29:59 greenblatt sshd: Disconnecting: Change of username or service not allowed: (,ssh-connection) -> (admin,ssh-connection) [preauth]I have seen user '' (empty) before, but a change of username is new to me. Searching finds very little information, only one mention: Which ssh exploit works by changing the user name in the middle of the process? - Information Security stack exchange where the assumption was that this was some kind of attack.
2017-07-12 New digital mode for amateur radio FT8
This week there was a sudden 'buzz' about a new digital mode for amateur radio from Joe Taylor, K1JT. It's like JT65, with a very minimal exchange (callsign, locator, signal report) but with a lot faster timing: each turn is 15 seconds and from what I can see somewhat more than 13 seconds transmitting. I made the first few contacts today after downloading wsjtx from WSJTX-Development : Greg Beam as Ubuntu package. They are now in my log, but uploading to eQSL / Logbook of The World is not possible yet as 'FT8' is not seen as a valid mode yet. The solution for LoTW seems to be to change to 'DATA' but this solution does not work for eQSL. I'll have to upload those contacts later when the mode is recognized. First contact was with IZ8GNR and I also had contacts with club members PA2RG and PD3RFR. With JT65/JT9 I sometimes get distracted waiting 50 seconds before it's my turn to react again, with FT8 it's more high-speed work (somewhat less than 2 seconds to react to a CQ or an answer). WSJT-X now has an auto-sequence feature which will step through the exchange automatically.
2017-07-10 Raspbian mirrors sometimes fail when IPv6-only
Just happening:Read the rest of Raspbian mirrors sometimes fail when IPv6-onlyErr http://mirrordirector.raspbian.org/raspbian/ jessie/main libgcrypt20 armhf 1.6.3-2+deb8u4 Cannot initiate the connection to raspbian.42.fr:80 (184.108.40.206). - connect (101: Network is unreachable) [IP: 220.127.116.11 80]It seems mirrordirector.raspbian.org redirects to IPv4-only sites even when the client connects via IPv6. My Raspberry Pi systems have IPv4 disabled. It's a known problem in Bug #1595563 “Native IPv6 client redirected to IPv4-only mirror” : Bugs : Raspbian where people seem to rather ignore the problem. I could reverse the statement there to "a service that can only be accessed by v4 nodes cannot be reasonablly considered to be available on the internet." but I guess that's "different".
2017-07-09 I participated in the IARU HF Championship 2017
My activity in radio contesting has been in digital mode contests, with one exception in a mixed-mode contest where I also made some voice contacts: the ARI International DX Contest in 2016. But this weekend I seriously entered the IARU HF Championship in 'phone' (speech) mode. I made 59 contacts, 50 on the 20 meter band and 9 on the 40 meter band. I managed to work a lot of the HQ stations I heard active for the various national radio clubs. I heard no serious DX, but the local noise at home is prohibitive for voice contacts anyway. My personal reason for entering this contest was reading about its role in the world radio team championship in the book Contact Sport: A Story of Champions, Airwaves, and a One-Day Race around the World by J.K. George. I used yfktest for the contest logging and found the biggest fixed font I can use which makes the 80x24 xterm almost fill the entire screen. See the screenshot. Claimed results according to yfktest:Read the rest of I participated in the IARU HF Championship 2017Band QSO Qpts Dupes Mult1 Mult2 ------------------------------------------- 20 50 112 0 23 0 40 9 13 0 8 0 ------------------------------------------- ALL 58 124 1 31 0 =========================================== Total Score: 3,875
2017-07-03 Reboots of the FT-857 radio
The last week I had a problem with the FT-857 radio rebooting when I started transmitting in digital radio modes (PSK31 or JT65). The reboot showed as the radio giving the standard beep and the display and backlight switching off and on. Searching for clues suggested that some form of radio frequency interference would probably be the source. So I wondered what I changed recently around the radio and remembered I changed something in the power distribution to have connectors available for powering my SARK100 antenna analyzer with a 12 volt battery. Reseating all those power connectors and fixing some wires seems to have stopped the problem.