News archive 2022 - Koos van den Hout

Archive by year: 1999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | 2011 | 2012 | 2013 | 2014 | 2015 | 2016 | 2017 | 2018 | 2019 | 2020 | 2021 | 2022 | 2023

2022-12-30 Een stukje telefoongeschiedenis: de PRX-A
Recent dook het youtube algoritme voor mij de video Booting up the 3ESS - Connections Museum op en die heb ik van harte bekeken. Dat bracht wel een herinnering bij me boven: in 1988 heb ik stage gelopen bij KPN telecom.

Deze stage was als onderdeel van mijn opleiding MTS electronica. Eigenlijk deed ik die opleiding omdat ik iets met computers wilde maar er geen passende MTS opleiding was, electronica leek me de manier om alvast de goede kant uit te gaan. Hoe ik bij KPN telecom ben uitgekomen weet ik niet meer precies.

In deze stage heb ik eigenlijk van allerlei types centrales meegemaakt, in 1988 had KPN telecom een zeer ruime keuze aan centrales in gebruik: Electromechanische centrales types F, UR, UV, computergestuurde centrale type PRX-A en volledig gecomputeriseerde centrale 5ESS. Ik heb ook al deze types centrales van dichtbij gezien en er aan gewerkt.

Het typische verschil tussen de PRX-A en de 5ESS was volgens mij dat de PRX-A nog schakelde met reed-relais, de aansturing is bij allebei wel met een programmeerbare computer. PRX staat voor Programmable Reed-relais eXchange. De AT&T 5ESS schakelde met electronische onderdelen.

Op zoek naar meer informatie over de PRX-A kwam ik er ook achter dat dit nog een echte Nederlandse telefooncentrale was die naast inzet in Nederland ook in een paar andere landen in gebruik is geweest. Gelukkig is er een website met de nodige geschiedenis, foto's, documenten en andere herinneringen aan de PRX-A: PRX 205 waar ik ook leerde dat de telefooncentrale waar onze ISDN telefoonlijn ooit vandaan kwam ook de centrale was waar de eerste PRX-A in test gebruik was.

Het was erg mooi om de dingen over de PRX-A terug te zien. Een mooi stukje Nederlandse telecommunicatie geschiedenis. Ook een echt Nederlands product: de PRX-A werd ontwikkeld bij Philips Telecommunicatie Industrie (PTI) in Hilversum.

Als ik tijdens deze stage geweten had wat ik later geleerd heb over phone phreaking had ik misschien dingen gedaan die verkeerd hadden kunnen gaan. Ik heb in een districtscentrale testapparatuur gezien en gehoord die Signaling System No. 5 signalen decodeerde. Toen viel me alleen op dat het geen DTMF was. Later heb ik veel geleerd over hoe dit werkte.

Tags: , ,
2022-12-29 New hardware device to play with: Corinex HD200 CableLAN Wall Mount Adapter CXC-HD200-WMEe
My enthusiast stories about getting uart access on the previous cable router devices are causing more hardware to come my way to play with.

This time two Corinex HD200 CableLAN Wall Mount Adapter CXC-HD200-WMEe units showed up. They are compact interfaces for ethernet-over-cable according to Corinex standards. The size and the status leds remind me a lot of devolo powerline units which I used years ago to get network in our garden shed.

After voiding the warranty by breaking the sticker and unscrewing the two screws the case doesn't want to open yet. Some force is needed, plastic tabs in the corners kept it closed. I notice there is one very compact board with everything including the power supply. There is a clear demarcation on the board between the power supply area and the rest with slits in the board on parts of this line. Two other screws hold the board to the case and after removing those I can take it out. There are wires from the board to the power plug and a coax cable to the F connector for the coax cable.

There is probably a main system on a chip (SoC) but it's hiding under a heatsink. Most components are surface mount devices (SMD).

On the other side of the board I see a RTL8201EN ethernet chip near the RJ45 network connector. And an EM638165TS-6IG chip which turns out to be 64 Mbit of Synchronous DRAM. And a 25L3206E, 32 Mbit serial flash.

For now I have no idea if this device has a UART somewhere. The only row of 4 small soldering pads didn't give me continuity to any part that I thought would be at the electric ground level so no idea whether that is the UART or not.

Although there are two units they don't want to talk to each other over a coax cable with F connectors. The manuals I can find state clearly that they want to see a Corinex Ethernet over cable master device. The person that gave them to me has experience with these devices and their implementation of the standards and stated to me Corinex ethernet over cable devices only talk to Corinex ethernet over cable masters.

Tags: , ,
2022-12-25 Chasing DX with well-organized DXpeditions
In Oktober 2022 the Sigi Presch - DL7DF and Crew DXpeditions team was active from Guadeloupe, a set of islands in the Carribian that is an overseas department and region of France.

I already had a digital contact with Guadeloupe confirmed, but I really wanted to get more countries in morse so I worked on getting a contact with this dxpedition. I worked them on the 17 meter band in morse on 15 October of this year.

With all the costs of such a DXpedition I can imagine they like a donation. And I like to get a real QSL card, so these two came together and there is a card on the way. And I already received a digital confirmation via Logbook Of The World. All contacts will be digitally confirmed eventually, more DXpeditions do an announcement that they will upload all the logs after a while (usually half a year). I think this is a positive development: if you want a physical card or a speedy confirmation you help with the costs of the DXpedition and otherwise you get a confirmation anyway eventually.

I will keep an eye on DXpedition announcements from Sigi Presch DL7DF and team!

Tags: , ,
2022-12-22 Bug bounty.. or was it beg bounty
In August 2022 I received a report of a cross-site scripting vulnerability in The Virtual Bookcase and the reporter of the vulnerability never replied after I told him there was no financial reward for reporting bugs.

In November the bug report became public at openbugbounty: Cross Site Scripting Vulnerability Report ID: OBB-2858037 - Open Bug Bounty so this confirms my theory of what the vulnerability was. Which I have fixed, but this isn't visible at openbugbounty.

In this case the vulnerability wasn't severe and with the little amount of information I had from the report plus the access logs I was able to fix it. But in other cases the vulnerability may be more complex and the site-owner who deals with a report like this can't just analyze the logfiles to get an idea of where the vulnerability might be.

I don't think the world becomes a safer place if information about vulnerabilities is only available if you pay for it.

The About the Project of the Open Bug Bounty project seems to promote actual 'bounty':
A website owner can express a gratitude to a researcher for reporting vulnerability in a way s/he considers the most appropriate and proportional to the researcher's efforts and help.

As a matter of example, Google pays from $7,500 to $100 per XSS vulnerability submitted by security researchers. But Google is Google, you may adjust your remuneration range to any amounts comfortable for you.
At the same time demanding a bounty before disclosing the bug is not ok on this platform. From the same 'About' page:
We always encourage the researchers to be respectful, responsive and polite, to provide website owners with all reasonable help and assistance.

If a researcher violates the enacted standards of ethics and good faith including but not limited to:
  • demanding remuneration to delete a submission
  • demanding remuneration to disclose vulnerability details
such submissions will be immediately deleted from our platform.
I hope the next vulnerability disclosure causes less irritation.

Tags: , ,
2022-12-21 Having a "When 10 meter is open, it's really open" day
When I started with HF in amateur radio (below 30 MHz) in August 2014 making PSK31 contacts on the 10 meter band the number of sunspots was falling, the maximum frequency for ionospheric propagation was falling and therefore the possibilities of making contacts on the 10 meter band were dropping.

In 2022 we are in the rise of the number of sunspots as part of solar cycle 25. And this year there are clearly moments where I can get interesting contacts on the 10 meter band.

Today I had some time to play radio in the morning and I got contacts with China, India, UK bases on Cyprus, Macedonia and Hong Kong. The contacts were in FT8 mode.

It is nice to see this. Radio amateurs who have been active for years will tell you about the good times when you can make contacts on the 10 meter band during the day with minimal means. Now I am enjoying this myself and having fun all over the world.

Tags: , ,
2022-12-14 Making a CTF challenge with an NFC tag
On 9 December this year was the annual SURFcert Capture The Flag (CTF) event. The end result is that team "I'm not a robot" from Radbout University Nijmegen won with the most points.

When I participate in a CTF, I like to keep notes and write about my experiences and what I learned solving the challenges. Being on the 'other' side creating the challenges is as much fun, but while creating the challenges you have to be really silent about it. For me personally it is extra challenging because one of the regular SURFcert CTF players works with me in the same team.

But sometimes designing a challenge and making it happen gives the same great feeling as actually solving it! This was the case with the challenge that ended up as Scan the radio on the SURFcert CTF. The name of the challenge was somewhat confusing by design: there was a challenge which was designed to make people use a 1990s style ghettoblaster radio, there was a challenge mentioning 'broadcast' which was actually about names of wifi networks and this challenge. All three were marked 'physical' with a description of the challenge.

For this challenge I wanted to create an NFC tag that could be read easily. I found out information can be put in NFC tags using the NDEF standard (NFC Data Exchange Format) which has options to embed URLs, options to start certain apps or simple strings. I wanted a simple string with a flag as our flag format was SCF2022- plus 32 characters uppercase. I found out the developer of proxmark is working on NDEF support but it is all quite new.

At this point I was worried I had to write my own code and use parts from a fresh library to get an NDEF message on a card. I did bring some MiFare classic cards home to test on. But searching for information I came across NDEF and Magic Mifare Cards with the very important remark:
My suggestion would be to get an Android phone with nxp reader chip (there are many) and use tagwriter from NXP to format and write ndef data to the Mifare classic chip.
I do have NFC TagWriter by NXP on a smartphone, I just haven't used it a lot.

And indeed it was really easy to create an NDEF dataset with a string, write this to a MiFare classic and read this with an Android phone with NFC support, even without opening the NXP TagInfo application.

So that was an easy challenge to make, a lot easier than I first thought. Or was it? The final test would be to read this on an Apple iphone too.

And there came the snag, the Apple iphone doesn't work with MiFare classic tags somehow. But the person who helped me test it had another tag with an NDEF message on it, and that worked fine. So the conclusion was that another type of tag would work better. Luckily one of the other people of the team creating the SURFcert CTF has a big collection of NFC tags and it turned out the tag given out by Tweakers reads fine on Android and iphone.

So that's how the 'scan the radio' challenge was to notice the clearly not from 1992 tweakers tag on the ghettoblaster radio, scan it with the standard NFC support in a smartphone or use NXP TagInfo and find the flag.

While creating this challenge I also tried writing information to the tags which were given out / sold about 15 years ago which looked like a circle with a hex serial number. I always assumed they were just a serial number to look up in a database. But they turned out to be actual NDEF tags with the hex serial number on the outside as an URL:

For the tag with 04B7CC193E2580 on the outside:
protocol 01 http://www uri field

But has changed owners since this was active and it's now redirecting to which is a real-estate agent in Spain. I guess everybody who scans a round tag with a serial number wonders how they end up with a real-estate agent.

Tags: , ,
2022-12-03 Nederlandstalige bitcoin afpersing
Cybercriminal Ik heb een tijd niet over de bitcoin afpersingsmails geschreven, maar deze kwam vandaag voorbij in redelijk goed nederlands. Het leest alsof de originele taal anders is maar het is goed vertaald zonder kromme zinnen.
Helaas begin ik met slecht nieuws voor je. Enkele maanden geleden heb ik toegang weten te krijgen tot het apparaat waarmee je nu op het internet zit te surfen. Sinds die tijd heb ik al je internetactiviteiten bijgehouden.

Omdat je een regelmatige bezoeker bent van pornosites, denk ik dat je nu even op moet letten. Je hebt je lot namelijk zelf in de hand. Ik zal het simpel houden, ik via de website die je hebt bezocht toegang gekregen tot je gegevens.

Ik heb een trojan horse geupload naar het driver systeem die zijn fingerprint meerdere keren per dag blijft updaten, zodat het onmogelijk is voor jouw antivirus software om hem te detecteren. Bovendien geeft deze me toegang tot je camera en microfoon. Ook heb ik een back-up gemaakt van alle gegevens, inclusief foto's, social media, chats en contacten.

Maak het bedrag van 950 USD in BTC over naar mijn Bitcoin-wallet, en ik zal deze hele situatie laten rusten. Ik garandeer dat ik alle data en video's permanent zal verwijderen zodra de betaling is ontvangen.

Dat lijkt me een bescheiden en redelijke vergoeding voor al mijn harde werk. Je kunt zelf wel uitzoeken hoe je Bitcoins kunt kopen met behulp van zoekmachines als Google of Bing, want dat is allemaal helemaal niet zo moeilijk.

Mijn Bitcoin-portemonnee (BTC): 1CKiipxrHHRz4HFWMxk6Q4v5hGUs7vHPML
Hier staat al een melding van iemand die hetzelfde mailtje heeft ontvangen, waarmee gelijk duidelijk is dat de afzender helemaal niets heeft maar het leuk zou vinden als de bitcoin-wallet bijgevuld wordt.

Er staat ook een link naar een site die beweerd je te helpen als je het slachtoffer wordt van bitcoin-oplichters. Die hulp zorgt er dan voor dat je twee keer het slachtoffer wordt van bitcoin-oplichters, dus dat is ook niet aan te raden.

Tags: , ,
2022-12-03 Weer VDSL instabiliteit
Afgelopen dagen hadden we weer instabiliteit van de VDSL verbinding. Op een bepaald moment duurden de PPP verbindingen niet langer dan 2 minuten:
Dec  2 10:39:05 wozniak pppd[4211]: Connect time 0.7 minutes.
Dec  2 10:45:02 wozniak pppd[4211]: Connect time 1.5 minutes.
Dec  2 10:49:13 wozniak pppd[4211]: Connect time 1.2 minutes.
Dec  2 10:51:10 wozniak pppd[4211]: Connect time 1.0 minutes.
De eerste onderbreking was woensdagavond 20:28. Donderdag overdag waren de onderbrekingen vervelend maar was er nog wel een uur te werken. Donderdagavond kwamen de onderbrekingen vaker.

Dit leverde natuurlijk geen werkbare situatie op. We konden dus vrijdag ook niet thuiswerken. Ik heb vrijdagochtend gebeld met Freedom, onze Internet provider. Deze gaven een aantal opties om te testen voor ze een monteur gaan sturen. Logisch, want een monteur sturen kost vrij veel geld dus willen ze dat pas doen als andere opties uitgesloten zijn.

Nu zaterdagochtend is de verbinding weer stabiel: om 04:46 is de verbinding teruggekomen en sindsdien is de snelheid iets hoger geworden en lopen de tellers 'near end errors' en 'far end errors' niet meer op.

Dit voelt alsof het probleem niet opgelost is, maar het probleem tijdelijk weg is. Een storing tussen dit soort tijden lijkt ook niet iets met menselijke werkzaamheden.

Ik kan niet wachten op een glasvezel aansluiting, dan is er minder kans op storingen door mijn radiosignalen of andere interferentie uit de buurt.

Deze storing is wel erg vergelijkbaar met de VDSL onderbrekingen die ik in juli 2022 had.

Update 2022-12-04

Vandaag tussen 02:05 en 11:02 is de verbinding weer zeer instabiel geweest, daarna weer redelijk stabiel met maar een onderbreking. Het blijft erg onduidelijk wat er aan de hand is.

Ik heb tussen vrijdagavond en zondagmiddag een andere kabel tussen isra punt en modem in gebruik gehad, er lijkt weinig verband tussen het gebruik van een andere kabel en stabiliteit of instabiliteit.

Update 2022-12-06

Afgelopen nacht weer haperingen, vooral 's nachts. Het is erg onduidelijk onder welke omstandigheden de verbinding hapert.

Update 2022-12-07

Omdat het Draytek vigor 130 VDSL modem ondertussen 4 jaar oud is heb ik nu een Zyxel VMG4005-B50A gekocht en binnen. Bij dit modem is 'PPPoE passthrough' de standaard configuratie in plaats van iets wat met meer of minder moeite te realiseren is. Werkt dus meteen met mijn eigen configuratie. De latency is iets lager met dit modem en de stabiliteit is zeer goed.

Update 2022-12-14

De verbinding was ondertussen weer grotendeels stabiel, maar op basis van de melding die ik heb gedaan bij onze Internet provider freedom over de instabiliteit op 2 tot 5 december is er een monteur van KPN langsgekomen.

Die heeft het ISRA punt vernieuwd en alle kabels nagelopen en wat connectors vervangen. En daarnaast de hoop mee uitgesproken dat we over niet al te lange tijd glasvezel krijgen. Daar ben ik het helemaal mee eens!

Tags: ,
2022-11-28 I participated in the CQ World-Wide DX Contest CW
CW contest filling the bands on a websdr Last weekend was the CQ World-Wide DX Contest CW and I participated in that contest on parts of Saturday and Sunday. I ended with 189 contacts. Daytime I worked on the 10 and 15 meter bands and when those started to dry out I switched to the 20 meter and 40 meter amateur bands.

Most of the time I chased stations in search+pounce mode but I also called CQ on the 15 meter band on Sunday afternoon. I will need to practise more with calling CQ: stations came to me at higher speeds than I was used to with running PA900UTR and if I didn't decode the callsign and reacted immediately some give up fast.

But my morse is improving, even at contest speeds and I got a nice number of countries in the log. Even countries I didn't have in morse before: PJ2 Curacao, PJ4 Bonaire, CX Uruguay, 3B8 Mauritius, CN Morroco, SV9 Crete. Of those Mauritius is a completely new country in amateur radio for me.

I put in some extra effort to get those new countries in the log, with other stations that I know are confirmed countries I give up after a few tries and try to get another call in the log. Radio contesting is about the numbers: both number of contacts and the multipliers. In this contest the number of CQ zones and countries is the multiplier, so I optimise a bit for that number. And I suspect a lot of the other contestants do the same.

The overview of my single operator multi band effort:
Band   160   80   40   20   15   10
QSO's    0    0   28   33  108   20
Cty      0    0   18   22   31   10
Zone     0    0    5    8   11    6
Pts: 344  Mul: 111 Score: 38184
This was one of those contests where I had it all planned beforehand to participate, made sure everything was working optimally and had it marked in the family calendar. Normal things like weekend shopping still needed time, but the family wasn't surprised I spent a lot of time behind the radio.
Read the rest of I participated in the CQ World-Wide DX Contest CW

Tags: , , ,
2022-11-24 Next steps digging into the hardware are more on the software side
From a perspective of security research I only touched the surface of the security research on the Corinex CXWC-HD200-WNeH and the Cab.Link CLS-D4E2WX1 by finding default credentials for telnet.

To get a further insight I need to first enumerate the network attack surface completely. What services are running, what programs run those services.

The ultimate step would be to build an emulation environment where I can run the programs from the routers under my control and find out about the programs and get a first few steps into reverse engineering. With qemu it is possible to emulate MIPS systems on x86 hardware, so I can build a test environment.

It would need some work to get old enough versions of code and kernels to create a compatible environment. The Corinex router mentions compilation in 2012 but with Linux kernel 2.6.21 which was released 25 april 2007. The Cab.Link router mentions compilation in 2013 but uses Linux kernel 2.6.31 which was released 9 september 2009.

Tags: , ,
2022-11-22 Opening the Cab.Link CLS-D4E2WX1 and getting full access
Cab.Link CLS-D4E2WX1 router mainboard
Cab.Link CLS-D4E2WX1 router mainboard
Picture by Koos van den Hout, license CC-BY-SA
After getting a good look at the Cab.Link CLS-D4E2WX1 from the outside it was time to void the warranty and open the box. The two screws are hiding under the little rubber feet at the front side and after removing those two screws the case opens with a bit of jiggling.

This device has an external 12 volt 1 ampere power supply.

Chips found on the board:
  • Realtek RTL8306E - 6-port 10/100 mbps ethernet switch controller
  • Winbond W9412G6KH-5 - DRAM 128MBIT memory
  • Qualcomm QCA7411L-AL3C - Homeplug AV / IEEE 1901 the ethernet over cable interface I guess
I also see an extra board (leftside of the picture, blue) where the u.fl cable to the wifi antenna starts. It has a few larger chips but those have a label over them. I guess one of them must be the CPU because I haven't seen a chip with that function yet.

The makers of the Cab.Link CLS-D4E2WX1 were kind enough to include 4 pins labeled J30 (bottom left of the picture) which are a very obvious candidate for being the uart port. Again the process for find GND, TX, RX and Vcc was done and the right pins found. With the board in front and the J30 readable the pins are from left to right TX, RX, GND and 3.3 volt. I name the TX and RX pins from the view of the system, so I see data transmitted on TX and I send data to RX.
Read the rest of Opening the Cab.Link CLS-D4E2WX1 and getting full access

Tags: , ,
2022-11-21 Weer achter een KVK phishing link aanzitten met alle omwegen
Cybercriminal Weer een verse phishing mail, met dit keer de qrcode inline. Het pad:
  • URL uit qrcode:
  • Redirect:
  • Redirect:
  • Redirect:
  • Redirect:
  • Redirect:
  • De echte phishing pagina! Eindelijk. Deze stuurt de ingevulde data naar
  • Daarna komt een redirect naar en die geeft uiteindelijk een redirect naar een KVK pagina.
Als ik kijk bij het overzicht Kamer van Koophandel - Fraudehelpdesk zie ik mijn specifieke bericht er niet tussen staan, maar er is keuze genoeg. Allemaal fraudepogingen, dus trap hier niet in!

Tags: , ,
2022-11-20 I participated in the LZ-DX contest
CW contest filling the bands on a websdr I was planning to make some morse contacts this weekend but when I had time to turn on the radio on Saturday afternoon there was a lot of contest traffic on the morse parts of the bands. This turned out to be the LZ-DX contest.

This was a chance to get some CW contest practise done. This is a CW and SSB contest but I concentrate on CW contesting at the moment. I found out TLF the contest logger supports the LZ-DX contest out of the box so I could start fast.

Propagation wasn't cooperating very well but I did get contacts in the log. The final result:
Band     Qso    Cancelled  Dup  Point  ITU-Mult   LZ-Mult     Score
 80M       0            0    0      0         0         0
 40M      38            0    0    199         7        11
 20M      30            0    0    131         6         9
 15M       0            0    0      0         0         0
 10M       1            0    0      1         1         0
          69            0    0    331        14        20     11254

Update 2023-06-04: results

I received the results: one not in log and one where I copied the callsign incorrectly. Leading to
Callsign: PE4KH

Band     Qso    Cancelled  Dup  Point  ITU-Mult   LZ-Mult     Score
 80M       0            0    0      0         0         0
 40M      38            1    0    198         7        11
 20M      30            1    0    130         6         9
 15M       0            0    0      0         0         0
 10M       1            0    0      1         1         0
          69            2    0    329        14        20     11186
Rank number 296 single operator all bands cw low power.

Tags: , ,
2022-11-19 Next hardware to poke around in: Cab.Link CLS-D4E2WX1 router
Cab.Link CLS-D4E2WX1 router top
Cab.Link CLS-D4E2WX1 router top
Picture by Koos van den Hout, license CC-BY-SA
The earlier Ethernet over Cable modem/router I poked at didn't come alone, from the same source I also got a Cab.Link CLS-D4E2WX1 cable modem/router.

Doing a search for it finds actual listings for trying to order them wholesale: Buy Wholesale China 7400-eoc Slave Modem, Separate Tv And Ethernet From One Cable, 4 Ethernet Ports Output & 7400-eoc Slave Modem at USD 127 | Global Sources and Eoc Male Slave 4 Ethernet Port With Wifi - Buy Eoc Esclavo Product on

Both listings call it an EOC slave. Given the terminology I expected EOC master devices to exist as well and I soon found out those exist and can be pricey. So I'm not going to spend money on this subject, but I may be interested in recycling an EOC master unit.

The unit has one external wifi antenna, 4 ethernet ports, external power supply 12V and 9 leds. The cable connection is via 2 female F connectors with one labeled 'Cable' and one labeled 'TV'. I do notice the case has a lot of ventilation holes.

On the underside is a label with the manufacturer name, model name, a default equipment management IP, a Wireless Network Name 'wifi' and the EOC and Wifi Mac addresses as numbers and barcodes, and the serial number as number and barcode. The unit has four little rubber feet (full LRF support) and two of those are hiding screws to open the unit.

On switching the Cab.Link router on I indeed see a wifi network appear with the name 'wifi' which on connecting gives me an IPv4 address in the 192.168.1.x range with the default gateway

Cab.Link CLS-D4E2WX1 router underside
Cab.Link CLS-D4E2WX1 router underside
Picture by Koos van den Hout, license CC-BY-SA
The Cab.Link router has a web interface listening on port 80. It directly asks for http authorization but using admin/admin for username and password gets me right in. Up until now I haven't found any reference to PLC or EOC in the webinterface.

The Cab.Link also has a telnet server running on port 23. It greets me with an OpenWRT banner but the first few attempts at finding username/password do not let me in:
$ telnet
Connected to
Escape character is '^]'.
WARNING: telnet is a security risk
OpenWrt login: admin
Login incorrect
OpenWrt login: root
Login incorrect
OpenWrt login: 
I like the 'telnet is a security risk' warning!

Tags: , ,
2022-11-18 SSL scans showing up in the log
A comment on irc made me have a look at the logs for my haproxy system to get an idea whether any weird vulnerability scan came by. No special vulnerability scan showed up, but my attention was drawn to a number of lines like:
Nov 18 08:05:01 wozniak haproxy[13987]: 2001:470:1:332::28:37618 [18/Nov/2022:08:05:01.900] https-in/1: SSL handshake failure
Nov 18 08:05:44 wozniak haproxy[13987]: 2001:470:1:332::28:27286 [18/Nov/2022:08:05:44.328] https-in/1: SSL handshake failure
Nov 18 08:06:22 wozniak haproxy[13987]: 2001:470:1:332::2e:3137 [18/Nov/2022:08:06:21.962] https-in/1: SSL handshake failure
Nov 18 08:06:22 wozniak haproxy[13987]: 2001:470:1:332::2d:33085 [18/Nov/2022:08:06:22.278] https-in/1: SSL handshake failure
Nov 18 08:06:22 wozniak haproxy[13987]: 2001:470:1:332::2d:17531 [18/Nov/2022:08:06:22.593] https-in/1: SSL handshake failure
Nov 18 08:06:22 wozniak haproxy[13987]: 2001:470:1:332::30:58869 [18/Nov/2022:08:06:22.915] https-in/1: SSL handshake failure
Nov 18 08:06:23 wozniak haproxy[13987]: 2001:470:1:332::2e:46537 [18/Nov/2022:08:06:23.228] https-in/1: SSL handshake failure
Nov 18 08:06:23 wozniak haproxy[13987]: 2001:470:1:332::29:20027 [18/Nov/2022:08:06:23.544] https-in/1: SSL handshake failure
Nov 18 08:06:24 wozniak haproxy[13987]: 2001:470:1:332::31:13423 [18/Nov/2022:08:06:23.872] https-in/1: SSL handshake failure
Nov 18 08:06:24 wozniak haproxy[13987]: 2001:470:1:332::28:56683 [18/Nov/2022:08:06:24.197] https-in/1: SSL handshake failure
Nov 18 08:06:24 wozniak haproxy[13987]: 2001:470:1:332::31:5055 [18/Nov/2022:08:06:24.524] https-in/1: SSL handshake failure
Nov 18 08:06:24 wozniak haproxy[13987]: 2001:470:1:332::2e:20907 [18/Nov/2022:08:06:24.841] https-in/1: SSL handshake failure
If there is one of two of these lines from one address, it is a sign of a client which can't finish the SSL negotiation. With my site that probably means and old client which doesn't understand LetsEncrypt certificates without an extra certification path.

But this is quote a number of SSL errors from the same IPv6 range in a short time. I wondered what was behind this and did a bit of testing, until I found it's simple to cause this by doing an SSL test. For example with the famous Qualys SSL test or with an ssl scan tool. This is logical: ssltest uses a lot of different negotiations to test what actually works.

Tags: , ,
2022-11-18 Current thoughts on hardware hacking
Corinex CXWC-HD200-WNeH uart connected
Corinex CXWC-HD200-WNeH uart connected
Picture by Koos van den Hout, license CC-BY-SA
I closed the case of a vulnerability in the Corinex CXWC-HD200-WNeH with a confirmation from the vendor that this is a device completely out of support. Which confirms the public information I found when I started looking into this device. This was all related to the course in hardware hacking I took and applying the new knowledge.

So now I can look back on this experience and think about my future here. Hardware hacking has serious links to my current job as technical security specialist. In my work I regularly have to look at vulnerabilities and assess the chance and impact of misuse of the vulnerability. With hardware hacking I find vulnerabilities by researching hardware. This helps me understand the chance and impact factor of other vulnerabilities.

There is also a link to my education: part of that was MTS electronics. I learned how to solder, before SMD components were a thing and I think I got some explanation about switching mode power supplies at the end. As I got into computers I didn't do much with this education but the last years in amateur radio have made me get out the soldering iron again.

There is a clear link to my hobby of amateur radio. My interest in amateur radio is linked to wanting to know how things actually work. Hardware hacking is also done with RF signals so I may get into more RF related hardware hacking.

My current thought is that I want to continue in this subject. It's given me joy: getting into a device in new and unexpected ways gives joy! I have learned new things. I noticed I need to feed the brain regularly with new information and actually learning something new is much better brainfood than browsing social media. At the same time social media is the way to learn more about this subject and interact with other people interested in this subject. I ended up on /r/hardwarehacking on reddit and already learned from others and shared some of my own insights!

There is the thing about RFID/NFC security. I have looked into this in the past, mostly by getting the tools to peek into the MiFare classic cards. I am considering going further with this area of hardware hacking. Prices of hacking tools for this area like the proxmark3 or the flipper zero are above the 'nice to try a few things' level. On the other hand I think I could have loads of fun there, and the overlap with amateur radio is very clear.

At the end of this bit of writing: thanks to people who share their hardware hacking experiences on-line! Thanks to Jilles Groenendijk, Router Archeology: Sitecom WL-330 - Habbie's journal, @Flashback Team on youtube, Make Me Hack on youtube, and Boschko Security for sharing their stories and knowledge.

Tags: , , , , ,
2022-11-10 Achter een KVK phishing link aanzitten met alle omwegen
Cybercriminal Ik zag een phishing mail met daarin een qrcode om te volgen. Dat is natuurlijk een manier om te voorkomen dat mailscanners direct de URL herkennen als verdacht. Alleen wilde mijn mailclient die afbeelding niet zomaar inladen want remote, want dat is allang verdacht.
  • Afbeelding:
  • URL uit qrcode:
  • Redirect
  • Redirect
  • Redirect
En daar is de phishing pagina die om allerlei persoonsgegevens vraagt.

Correctie: was. De pagina is al weg. Maar als een van de redirects bijgesteld wordt door de crimineel gaat een en ander natuurlijk weer verder!

Als ik kijk bij het overzicht Kamer van Koophandel - Fraudehelpdesk zie ik mijn specifieke bericht er niet tussen staan, maar er is keuze genoeg. Allemaal fraudepogingen, dus trap hier niet in!

Update: De redirect is zelfs weg, dus de crimineel zal nieuwe spam mails moeten versturen.

Tags: , ,
2022-11-09 Working on my morse skills
Since passing the morse exam I have continued working on my morse skills. As one of the reasons for wanting to learn morse was to be able to participate in morse radio contesting I still want to increase my speed and accuracy in copying callsigns.

Exercising with tools like and Morse Runner helps improve these skills.

But I'm also working on these skills 'on-air'. At the radio club I've done morse activations of special call PA900UTR a few times and that went ok. I don't get all the calls right the first time but it is a good experience and it's working out.

Tags: , ,
2022-11-03 It seems the rcu_sched messages stopped after I reseated SATA cables
In the beginning of October I shut down the home server conway and reseated the SATA cables in the hopes of having less problems with timeouts. And started the whole system again to also fix other problems.

About a month later I think this worked, I've never seen a rcu_sched message again since doing that reseating.

Tags: , ,
2022-10-31 I found a vulnerability in the Corinex CXWC-HD200-WNeH and I tried to report it
Somewhere between the digging in the Corinex CXWC-HD200-WNeH I found a vulnerability. A combination of a misconfigured network filter and a default account make it quite easy to get into the device and get full access.

I tried to report this vulnerability before publishing about it. Timeline:
  • 24 September 2022 I mailed a general address at Corinex about this
  • 29 September 2022 I mailed someone who wrote about Corinex devices in the Netherlands
  • 28 October 2022 I tried to contact @CorinexCorp on twitter via a mention
All this got exactly zero response.

Update 2022-11-17: @CorinexCorp responded on twitter: Hi Koos. Apologies for a lack of response. Corinex no longer supports CXWC-HD200-WNeH devices. The company exited the consumer market many years ago.

Because this device is out-of-support for years now and should not be in use anywhere anymore, I think I've invested enough effort in trying to report this vulnerability to the right people and I can now publish this and close this chapter.

On to the actual vulnerability. Like a lot of other vulnerabilities this is a case of multiple things coming together.
Read the rest of I found a vulnerability in the Corinex CXWC-HD200-WNeH and I tried to report it

Tags: , ,
2022-10-31 Trying mastodon for amateur radio
All the news about twitter makes me wonder if I want to stay there in the long run.

But changing a social network is always a negative experience, you lose contacts. I still remember some several people who I haven't heard much from since google+ and wonder how they are doing!

For amateur radio I'm having a look at mastodon as

One conclusion is that my own site is more permanent than any social media. My own website survived the rise and fall of google+ while importing my posts so those are still available here. But interaction on my own site is complex and needs constant maintenance to avoid spam.

Tags: , , ,
2022-10-31 Surprise DX: Djibouti
Usually I switch on the amateur radio setup, and the software surrounding it just to get a feel for which amateur bands are active and what's happening on those bands and maybe get a few contacts in the log.

Saturday evening was such a moment. But on the DX cluster I saw a new country (for me) active: Djibouti. On the 20 meter band in FT8. Recently Africa hasn't been too hard for me to get in the log so I joined the loads of amateurs trying to work J28MD and after a while I got the contact in the log with a good signal report.

The fun part is I assumed based on the website I would get a confirmation via Logbook of the World months later or after paying for a card. But after somewhat more than 24 hours this contact was already confirmed!

Tags: , ,
2022-10-29 Trying to figure out the Ethernet over Cable in the Corinex CXWC-HD200-WNeH
Another attempt at trying to understand the Ethernet over Cable stuff in the Corinex CXWC-HD200-WNeH that I have been working on. I found this on the device:
# /app/plcStatus 
Socket creation success.
Socket binding to vlan1 success.
Send success (22).
Send success (22).

Node type: 01
Ip address:
Parent mac: 00:00:00:00:00:00
Up speed: 00
Down speed: 00
Child count: 00
The use of 'plc' (PowerLine Communications) and the way this works suggests to me this is indeed an ethernet-over-coax device (so no docsis). But I can't figure out where the ethernet-coax bridge is. I thought plcStatus would use some ethernet protocol to communicate with the bridge (just as the devolo dlan tools do) but I can't find any trace of the traffic on the wifi interface.

Tags: ,
2022-10-28 Een android tablet die niet meer bruikbaar is
Bijna 10 jaar geleden deed ik mee aan een CTF: Ik heb meegedaan aan de hackcontest ter ere van 20 jaar SURFcert. En daar won ik een Samsung tablet. Die is dus ondertussen ook 10 jaar oud, bevat Android 4.2.2 met Linux kernel 3.0.31 en krijgt geen updates meer.

Recent bedacht ik me dat ik die tablet misschien nog als scherm zou kunnen gebruiken voor mijn thuis grafana server. Maar die server is alleen bereikbaar met https en daar heb ik een LetsEncrypt certificaat voor waarbij ik alleen de chain gebruik vanaf de ISRG Root X1 en niet meer vanaf de DST Root CA X3 omdat dat op andere plekken problemen geeft.

Daarmee werkt het gewoon niet. Ik heb nog pogingen gedaan om de ISRG Root in de certificaten van de tablet te krijgen maar als .pem, .crt of .cer file worden deze niet gezien als certificaat door de tablet.

De tablet is daarmee gewoon afgeschreven en niet meer bruikbaar. Ik heb deze tablet een aantal jaar gebruikt en daarna is deze vooral gebruikt door mijn zoon om spelletjes op te spelen en youtube filmpjes te kijken.

Tags: , ,
2022-10-16 Chasing DX!
This weekend turns out to be a weekend for making radio contacts with countries / entities I haven't contacted before. Or especially trying to get more of those countries contacted in morse.

Friday evening I got Dodecanese contacted in morse, and already confirmed. Dodecanese is part of Greece, but counts as a separate entity for amateur radio. I have had contacts with Dodecanese before on all kinds of frequencies, but it turned out I didn't have it in morse yet. Time to fix that, and I managed to ge the contact.

Saturday I got the Comores in morse on the 12 and 17 meter amateur band. The 12 meter contact was easy with clear signals, the 17 meter contact was in the noise and hard. So I'm not completely surprised the logbook of the Comores dxpedition D60AE only shows the 12 meter contact.

I also managed to get a contact with Guadeloupe, a French oversees department in the Caribian. I had Guadeloupe before in digital modes but adding morse is good. This contact took a lot of tries, I think I was trying to get this one for nearly two hours. Other people probably are working longer at this, so I am not complaining.

Sunday morning I saw the Russian DXpedition team in Benin TY0RU active on 17m FT8. It also took a while of trying and paying attention to the radio to get this contact in the log.

There were also other contacts to special event stations or other activities, mostly in morse.

Radio contacts with dxpeditions can take a while to get through because a lot of radio amateurs in the world want the special contact, and when the contact finally happens it is ultra short. Exchanging callsigns and a default signal report is enough, and the dxpedition wants to get on to the next contact!

I also don't have the ideal callsign for noisy morse contacts: it could be shorter and the H at the end (in morse: ....) can be confused for an S (in morse: ...). Yes, PE4KS is in a few logs out there!

Tags: , ,
2022-10-12 Peeking a bit at Kea DHCP server
Yesterday I learned that ISC DHCP server will be end of life at the end of this year. For a package I started using around 1998 with one of the first versions I expected a bit more announcement time. At the same time I'm so used to using ISC dhcp server in my home network I never subscribed to any mailing list or other announcements about ISC dhcp server, it's just there, I can configure it to do what I want including supporting pxe booting systems for installation or diagnostics or supporting special dhcp options for APC AP7920 rackmount power distribution units. And all the virtual lans of my home network.

ISC suggests using Kea DHCP server to replace it in most server implementations. Kea DHCP server should be able to get a lot of configuration data from databases and allow for dynamic updates of the configuration. That is an improvement over ISC dhcp as it is at the moment, which needs a full restart for every change.

So time to peek at Kea DHCP server. I don't think ISC dhcp server will be unavailable after 31 December 2022 but I don't expect updates anymore and when a good replacement is normalized I expect ISC dhcp server to slowly fall away from linux distributions.

Currently it's not even available for Debian or Devuan stable or oldstable strangely enough. I wonder what happened there. But there are distribution packages for debian buster at Cloudsmith - Repositories - ISC - Internet Systems Consortium (isc) - kea-2-3 (kea-2-3) - Packages / format:deb.

Time to install the latest and let apt fix the dependencies:
koos@testrouter:~$ sudo dpkg -i isc-kea-dhcp4_2.3.1-isc20220928105532_amd64.deb isc-kea-dhcp6_2.3.1-isc20220928105532_amd64.deb isc-kea-common_2.3.1-isc20220928105532_amd64.deb 
Selecting previously unselected package isc-kea-dhcp4.
(Reading database ... 46609 files and directories currently installed.)
Preparing to unpack isc-kea-dhcp4_2.3.1-isc20220928105532_amd64.deb ...
Unpacking isc-kea-dhcp4 (2.3.1-isc20220928105532) ...
Selecting previously unselected package isc-kea-dhcp6.
Preparing to unpack isc-kea-dhcp6_2.3.1-isc20220928105532_amd64.deb ...
Unpacking isc-kea-dhcp6 (2.3.1-isc20220928105532) ...
Selecting previously unselected package isc-kea-common.
Preparing to unpack isc-kea-common_2.3.1-isc20220928105532_amd64.deb ...
Unpacking isc-kea-common (2.3.1-isc20220928105532) ...
dpkg: dependency problems prevent configuration of isc-kea-dhcp4:
 isc-kea-dhcp4 depends on libboost-system1.67.0; however:
  Package libboost-system1.67.0 is not installed.
koos@testrouter:~$ sudo apt install -f
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Correcting dependencies... Done
The following additional packages will be installed:
  libboost-system1.67.0 liblog4cplus-1.1-9 libmariadb3 libpq5 mariadb-common
The following NEW packages will be installed:
  libboost-system1.67.0 liblog4cplus-1.1-9 libmariadb3 libpq5 mariadb-common
0 upgraded, 6 newly installed, 0 to remove and 0 not upgraded.
3 not fully installed or removed.
Need to get 760 kB of archives.
After this operation, 4,001 kB of additional disk space will be used.
Looking at the sample configuration makes me think I can do this with a text-based configuration (it's actually JSON) and get it going fast. For my home network that is probably the best solution. Kea does have options to use MariaDB or PostgreSQL backends for storage which does look really nice for my home network but at the same time adds a dependency and a layer of complexity.

I can see IPAM systems totally going to Kea DHCP and give a full interface on managing the databases directly including APIs for adding/removing objects as they are added in other systems.

Tags: , , ,
2022-10-09 LetsEncrypt found a certificate signing request with a sha1 hash and rejected it
Encrypt all the things meme One of my oldest certificate signing request files was still using a sha1 hash and LetsEncrypt started rejecting it. As soon as I realized it used the old hash I redid it and wondered why it was still accepted in 2022.

This also mean the private key of this service is showing age. Maybe time to regenerate it.

The announcement is at Rejecting SHA-1 CSRs and validation using TLS 1.0 / 1.1 URLs - API Announcements - Let's Encrypt Community Support.

Tags: , ,
2022-10-09 I moved the 1-wire interface to a Raspberry Pi
After the problems with detaching and attaching the USB 1-wire interface from a kvm virtual machine to fix an interference issue showed up again I decided to move the USB 1-wire interface to a different machine, one where kvm virtualisation isn't in the mix. The closest available machine that can deal with the 1-wire interface is a Raspberry Pi which also has other monitoring tasks.

This move worked fine and the 1-wire temperatures are showing up again in influxdb. I decided not to update the rrdtool temperature database. I will have to find time to migrate the rrdtool history to influxdb. Ideally there will be some aggregation for older measurements but I'd like an "infinite" archive of a daily average.

Tags: , , , ,
2022-10-07 Grabbing the firmware from the Corinex CXWC-HD200-WNeH and extracting the root filesystem
My dive into the Corinex CXWC-HD200-WNeH continues. After getting root on the serial console of the Corinex CXWC-HD200-WNeH I ordered similar gear as used in the hardware hacking course to do my own hardware hacking. It arrived this week and today I had some time to play with it.

Using the techniques from the course I found the serial console interface again. The CPU board has 4 through-holes, that is a likely candidate. Next step is finding which pin is which using a multimeter. Ground pin has continuity to any other shield. One pin is at 0 volts without continuity to ground: the receive data pin (from the viewpoint of the chip), another pin has a varying voltage near the maximum voltage, this is the transmit data pin (again from the viewpoint of the chip) and the fourth one has the constant maximum voltage, which was 3.3 volts in this case.

I switched my USB to serial interface to 3.3 volts and connected the TX on the system to the RX on the serial interface and the RX on the system to the TX on the serial interface. I used Dupont cables to make this connection. With minicom as communications program I opened the right interface: minicom -D /dev/ttyUSB0.

After powering the router I got unreadable characters on the screen, I had to adjust the serial port rate. This router has a serial console at 57600 bps, 8 bits, no parity, 1 stopbit.

And messages came out:
U-Boot 1.1.3 (Jan 31 2013 - 17:23:55)

Board: Ralink APSoC DRAM:  32 MB
relocate_code Pointer at: 81fa8000
flash_protect ON: from 0xBF000000 to 0xBF02435F
Read the rest of Grabbing the firmware from the Corinex CXWC-HD200-WNeH and extracting the root filesystem

Tags: , ,
2022-09-28 I participated in the CQWW RTTY 2022 contest
RTTY Contest on websdr Past weekend was the 2022 version of the CQ World Wide RTTY DX Contest and I participated. Not with any preparation: on Saturday after some other tasks I sat behind radio and computer and looked up which set of macros would work for this contest.

But propagation cooperated, especially on the 20 meter band. On Sunday evening after dark I got a nice set of stations in the USA and Canada in the log. I also saw a station from Brunei active but that station never managed to decode my callsign while I tried for a quarter of an hour as this would have been a new country in amateur radio for me.

I made 106 contacts in total: 70 on the 20 meter band and 36 on the 40 meter band.
Read the rest of I participated in the CQWW RTTY 2022 contest

Tags: , , ,
2022-09-25 Found a "Corinex CXWC-HD200-WNeH"? Let me know!
Officially the "Corinex CXWC-HD200-WNeH" cable modem is out of support for years and deployments should have migrated to newer solutions. That is the reason I got my hands on one: it was replaced by a docsis-based modem. For as far as I can tell these modems are based on homepna or homeplug, over coax networks (the tools on the router don't tell what kind of standards the coax side uses).

I'd like to know if any of these are still used in the wild. If you find this post because you got bored and looked at the underside of the wifi box in your holiday park, get in touch!

My e-mail address is at the bottom of this page and I'm on twitter as @khoos.

Tags: , ,
2022-09-24 Can't live-attach a USB device to a kvm virtual host after upgrades
I have a DS2490 USB 1-wire interface on the home server conway which is rerouted to one of the virtual machines so that that virtual machine can read the sensors on the 1-wire network. This rerouting works when the machine is started, the DS2490 USB 1-wire shows up in the virtual machine fine. From time to time this DS2490 USB 1-wire interface gets confused when I am transmitting on the radio so the solution is to detach it from the virtual machine, unplug it from the server, plug it in again and attach it to the virtual machine again. Today this had to be done and I got an unexpected error message:
root@conway:~# virsh attach-device --live gosper /etc/onewire-for-gosper.xml
error: Failed to attach device from /etc/onewire-for-gosper.xml
error: internal error: unable to execute QEMU command 'device_add': failed to find host usb device 2:8
In logfile /var/log/libvirt/libvirtd.log:
2022-09-24 21:16:38.655+0000: 10923: error : qemuMonitorJSONCheckError:395 : internal error: unable to execute QEMU command 'device_add': failed to find host usb device 2:8
To be complete about it: usb device 2:8 is exactly the right one!
root@conway:~# lsusb | grep 2490
Bus 002 Device 008: ID 04fa:2490 Dallas Semiconductor DS1490F 2-in-1 Fob, 1-Wire adapter
This seems to be new since I upgraded the homeserver to Devuan beowulf giving me versions:
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                                  Version         Architecture Descripti
ii  libvirt-clients                       5.0.0-4+deb10u1 amd64        Programs 
ii  libvirt-daemon                        5.0.0-4+deb10u1 amd64        Virtualiz
un  libvirt-daemon-driver-storage-gluster                  (no descr
un  libvirt-daemon-driver-storage-rbd                      (no descr
un  libvirt-daemon-driver-storage-zfs                      (no descr
ii  libvirt-daemon-system                 5.0.0-4+deb10u1 amd64        Libvirt d
ii  libvirt-glib-1.0-0:amd64              1.0.0-1         amd64        libvirt G
ii  libvirt0:amd64                        5.0.0-4+deb10u1 amd64        library f

First idea: AppArmor

The first search result that came up was Bug #1552241 “libvirt-bin apparmor settings for usb host device” : Bugs : libvirt package : Ubuntu. So I tried changing the /etc/apparmor.d/abstractions/libvirt-qemu file. After a few tries and reading the warnings in the rest of the file I made sure the source was AppArmor by completely disabling it. The error did not go away so I reverted the libvirt-qemu rules to the original settings, restarted AppArmor and kept debugging.

Second idea: usb rights

Based on QEMU USB passthrough broken after Ubuntu 18.04 upgrade I added udev rules to make sure group libvirt-qemu had read and write rights on the usb device, with /lib/udev/rules.d/51-qemu-usb-passthrough.rules containing:
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTRS{idVendor}=="04fa", ATTRS{idProduct}=="2490", MODE="0664", GROUP="libvirt-qemu"
And doing the
root@conway:~# udevadm control --reload-rules
And verifying the resulting rule:
root@conway:~# udevadm test -a -p  $(udevadm info -q path -n /dev/bus/usb/002/008)
calling: test
version 3.2.9
This program is for debugging only, it does not run any program
specified by a RUN key. It may show incorrect results, because
some values may be different, or not available at a simulation run.


GROUP 110 /lib/udev/rules.d/51-qemu-usb-passthrough.rules:1
MODE 0664 /lib/udev/rules.d/51-qemu-usb-passthrough.rules:1
handling device node '/dev/bus/usb/002/008', devnum=c189:135, mode=0664, uid=0, gid=110
Indeed the right groupid, but still the same error message when trying the attach-device command.

Interesting find: it's specific to the virtual machine that had the device before

Small update: I can attach the USB device to a different host and detach it from that host again. I just can't attach it to the 'original' host again.

I also posted this question on serverfault: Can't live-attach a USB device to a kvm virtual host again after upgrades.

Update: After a complete reboot of the homeserver the USB 1-wire interface worked again (as I could imagine). But after another interference problem it's now in the same state again. I did change the definition in both the virthost configuration and the xml file from managed='no' to managed='yes' before the reboot but that hasn't helped. Contents of the /etc/onewire-for-gosper.xml file now:
    <hostdev mode='subsystem' type='usb' managed='yes'>
        <vendor id='0x04fa'/>
        <product id='0x2490'/>

Tags: , , ,
2022-09-22 Getting further into the Corinex CXWC-HD200-WNeH: I got root!
Corinex CXWC-HD200-WNeH side with warrantylabel
Corinex CXWC-HD200-WNeH side with warrantylabel. The warranty was voided.
Picture by Koos van den Hout, license CC-BY-SA
This week I was attending a course in hardware hacking: HackLab: Hardware Hacking at the Deloitte office in Den Haag.

How to find the right pins to get a commandline on a router-like device was part of this course, and the last day there was an option to Bring Your Own Device, to hack it. So I brought this router as I thought it was an ideal target to get access to it, since on the earlier try I could not get into the webinterface of the Corinex CXWC-HD200-WNeH device.

Corinex CXWC-HD200-WNeH opened boards visible
Corinex CXWC-HD200-WNeH opened boards visible
Picture by Koos van den Hout, license CC-BY-SA
So this time I took out the screwdriver, voided the warranty of the device by breaking the little sticker on the side and opening it. It has a board with the powersupply and cable interface parts. The powersupply is shielded with some plastic.

There is a smaller board with the main chip which contains the processor, ram, wifi module. The first task was to find the uart interface which should give a serial console. That's a skill I learned in the hacklab: first find out which pins have continuity to ground with the device switched off. With a simple multimeter which has a beeping continuity meter this is simple. The beep makes it possible to test the device without looking at the meter.

After that it's a matter of switching the multimeter to voltage and checking other pins for voltage. Usually there are 4 pins on a uart port: ground which is physically connected to the device ground, receive data and send data and a reference voltage. On measuring the pins the reference voltage will be at the steady maximum voltage, the data transmitting from the device will be varying and the pin where the device expects data will be at 0 volt.

Uart ports can be 5 volt, 3.3 volt, 2.5 volt or 1.8 volt in recent devices. 5 and 3.3 volt are the most common. USB serial interfaces that support 5 and 3.3 volt are cheap (3 euro), USB serial interfaces that support all 4 are somewhat more expensive (10 euro).

For the Corinex router the voltage is 3.3 Volt. There was a 3.3 Volt ftdi USB to serial interface available, so I was able to access the uart port. I connected to the uart port, used a terminal program and searched for the right serial port settings and ended up at 57600 baud, 8 bits, no parity, 1 stopbit.

After looking at all the boot messages I was greeted with a root prompt. No more hacking, just full access. The system boots using the U-Boot bootloader. The system runs linux with a 2.6.21 kernel. I looked around on the filesystem and started looking for the configuration for the webserver hoping to find the username/password. I found this in /flash/config so I could get into that interface as well.

I also found it was running a telnet server, but not on the standard port. The port was 32560. Without commands like netstat or ss I had to learn this from /proc/net/tcp. Browsing the iptables listing shows that port 80 is supposed to be allowed and other ports aren't, but 32560 reacts fine.

Chip found: Ralink RT3052F processor with embedded ram and flash and with 2.4 GHz wifi and a network switch for 1 gigabit port and 5 100 mbit ports.

Things I'd still like to do: copy the entire filesystem to another computer so I can research it and check around the web interface for security issues.
Read the rest of Getting further into the Corinex CXWC-HD200-WNeH: I got root!

Tags: , , ,
2022-09-17 Looking into the Corinex CXWC-HD200-WNeH
Corinex CXWC-HD200-WNeH underside
Corinex CXWC-HD200-WNeH underside
Picture by Koos van den Hout, license CC-BY-SA
I have a "Corinex Detachable Wireless-N Cable Access" Corinex CXWC-HD200-WNeH to play with. This has been used for Internet access over TV coax cable in a bungalow park where it has been replaced.

So it is some sort of cable modem. According to the source it's not managed network over cable (docsis) but more like ethernet over cable, a relative of ethernet over powerline. Searching a bit finds hempro | JPK consulting which seems to be the next generation and isn't compatible.

I also found Docsis, EOC of Moca toegepast in kleine kabeltelevisienetwerken which mentions that Corinex products are ethernet over cable according to the HomePNA (abbreviated HPNA) 3.1 standard.

The only mention of these devices are for Dutch bungalow parks or campsites, for example woon op een camping, open wifi. geen internet.

The site at just lists why you should stop relying on these devices and replace them with newer technologies that are supported.

It's not clear to me whether I can simply set up a network with a bit of coax and another HomePNA coax interface or whether I need some sort of headend.

Time to play with the device and see how far I can get!
Read the rest of Looking into the Corinex CXWC-HD200-WNeH

Tags: ,
2022-09-09 10-jarig jubileum van een illegale adressenlijst
Cybercriminal Ik kreeg vandaag een phishing mailtje gericht aan:
Cher(ère) client(e) Maes-Swerts/A.,

Votre abonnement Proxumis a été suspendu, car vous avez fait opposition à un règlement de dette. Tant que le problème n'a pas été résolu, vous ne pouvez utiluser aucune de vos services proxumis.
De resulterende pagina wil een credit-card betaling. Dus verzamelt gewoon credit-card gegevens. Ik zou me bijna afvragen hoe snel er fraude komt als ik daar echte gegevens invullen. Ik denk dat het in de orde van minuten is, maar dat wil ik niet testen.

De spam voor 'Maes-Swerts/A.' is nu al meer dan 10 jaar bezig!

Eerder, eerder, eerder, eerder, eerder, eerder, eerder de originele ontdekking in 2012.

Tags: , , ,
2022-09-04 Minecraft java edition has issues with IPv6 and CPU
Our child plays minecraft regularly. The start was with the Microsoft minecraft edition but recently the java edition became available too without paying again.

I have set up the bedrock server for the Microsoft minecraft edition to make it possible to play with other people outside the house. So the most recent request was to do this for the java edition too.

I don't know much about minecraft but I can do enough with just some websearching and finding a howto. So I started with How to Set Up a Dedicated Minecraft Server on Linux which seems to be a way to try to sell dedicated servers but I have enough server hardware here at home so I just used the same virtual machine which ran the minecraft bedrock server.

It turned out the default-jdk resulted in openjdk-11 getting installed and this resulted in not being able to run the latest minecraft java server. I switched to openjdk-17-jre-headless because I only need the runtime and I never want to run the graphical stuff, so that saved a lot in needed libraries and other overhead.

The server started fine, but the minecraft java edition couldn't connect to it when trying to connect by name, but gave no usable error message. That's a different rant. I checked on the server side and saw the listening socket in dual-stack mode.

With tcpdump I soon found out the minecraft java edition starts with the IPv4 address and gives up when that fails. The solution was to remove the IPv4 address (A record) from the name, flush the dns cache and after that it worked. This does mean that when friends want to connect that are behind ISPs that only support legacy Internet addresses they will have a different problem.
Read the rest of Minecraft java edition has issues with IPv6 and CPU

Tags: , , ,
2022-09-01 Finding interesting requests for timepro.cgi in the logs
There are always attacks in the logs, but this one caught my eye because someone mentioned it, I saw it in logs and searching for a simple explanation for what I saw gave no answers.

Those are the interesting ones. So here is the logline split into multiple parts in an attempt to make it more readable:
"GET /cgi-bin/timepro.cgi?tmenu=netconf&smenu=wansetup&act=save&
sdns1=&sdns2=&sdns3=&sdns4=&static_mtu=150 HTTP/1.1"
Searching for timepro.cgi finds a2004ns-mod/timepro.cgi at master · hklcf/a2004ns-mod · GitHub which seems to be compiled code: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), dynamically linked, interpreter /lib/, stripped.

Based on Honware: A virtual honeypot framework for capturing CPE and IoT zero days my best guess is that requests to timepro.cgi attempt to reconfigure a home router. And my next guess is that the attempt is to set the DNS resolvers to and Further searching finds another attempt from the same source IPv4 address which also looks a lot like an attempt to reconfigure DNS settings:
"GET /dnscfg.cgi?dnsPrimary= HTTP/1.1"
The theory that this is an attempt to redirect DNS traffic is somewhat confirmed by the fact that indeed runs an open resolver which will give me answers. For the few things I have tried those are valid answers (no clear attempts to redirect traffic to other places). I get no answers from at the moment.

Update: Searching for the string 128.0.104 finds more:
"POST /dnscfg.cgi?dnsPrimary= HTTP/1.1"
"POST /Forms/dns_1?Enable_DNSFollowing=1&dnsPrimary= HTTP/1.1"
Based on the names of the parameters I guess more of the same: attempts to redirect DNS traffic.

Tags: , ,
2022-08-28 Maintenance for the pi4raz igate / learning about esp32 power requirements
Since last Thursday the aprs server at is down. I used that aprs server for the weather station and for the igate.

The change for the weather station was one word in a script, for the igate I had to remember how to change this with the Arduino development environment set up to support the esp32 board. The easiest way seemed to be from the computer, but every time after the igate started the running process after the setup it crashed and rebooted itself. I spent a lot of time looking for the answers, added debug statements all over the code and ended up in the WiFi initialization code as the place of crashing. And that was the hint, according to Crash when trying to connect to wifi - Issue #3935 - espressif/arduino-esp32 this is a sign of a power shortage.

This is purely my fault: the pi4raz igate design calls for an external power supply feeding it.

The solution was to go back to the separate USB power supply and not use a USB hub connected to the computer. Now the igate is started again and visible on the APRS network: track PE4KH-10 on

Tags: , ,
2022-08-26 Limiting URLs to scan with wapiti
I wanted to use wapiti as scanner to check for other vulnerabilities in The Virtual Bookcase after receiving a report about a cross-site scripting vulnerability. Wapiti is open source and free, which is a fitting price for scanning a hobby project site.

I quickly ran into wapiti taking hours to scan because of the URL structure of the site: all /book/detail/x/y URLs map to one handler that deals with the X and Y parameters in SQL queries. Yes those queries are surrounded by very defensive checking and I use positional parameters. Everything to avoid SQL injection and becoming the next Little Bobby Tables.

Wapiti has no simple method that I can find to crawl for a list of URLs and stop at that to allow for selecting the list of URLs to scan. But it has an option to minimize crawling and import a list of additional URLs to scan so I used that option to get at the same result.

Gathering URLs was done with wget:
$ wget --spider -r 2>&1 | grep '^--' | egrep -v '\.(css|jpg|gif|png)' | awk '{ print $3}' >
After that I sorted the file with URLs and threw out a lot of them, making sure all the scripts with several variants of input were still tested.

With that list I start wapiti with some special options. It still needs a starting url at -u so I give it the root but I limit the crawling with the depth parameter -d 1 and the max files parameter --max-files-per-dir 50. Then I add the additional urls from the earlier scan with the -s parameter. It's a lot of tweaking but it does the trick.
$ wapiti -u -d 1 --max-files-per-dir 50 -s -o ~/wapiti/ -v 2
No vulnerabilities were found. I found one PHP warning which only triggered in the kind of corner case a web vulnerability scanner causes, or an attacker. So I fixed that corner case too.

Tags: , , ,
2022-08-25 D'oh!!! A cross-site scripting vulnerability in one of my own sites
I received a responsible disclosure report of a vulnerability in The Virtual Bookcase.

I will directly admit I haven't done a lot of maintenance on this site in the past few years but I want to keep my sites secure.

The report came via and has no details about the vulnerability, so I am not 100% sure where the reported vulnerability is. But based on the report text XSS (Cross Site Scripting) and a peek in the access-log looking for specific requests I found I made a beginner mistake in dealing with a search query: displaying it as-is within an HTML context. I immediately fixed that error in the site.

Now I wonder why it took so long for me to realize the error of my ways or for someone to notice it!

Checking the logs some more finds huge amounts of attempts at SQL injection, which is a vulnerability I am very aware of and where I put up standard defenses. But this is the first time a security researcher made me aware of the cross-site scripting vulnerability.

Update: I contacted the reporter about the vulnerability who responded quickly inquiring about the possible bounty for finding the bug. As this is a site that hasn't delivered any income in years the best I can do is a mention in the credits of the site or on a separate hall of fame.

Update: I also started a vulnerability scanner on the site myself, to find any other vulnerabilities I might have missed. This scanner is going through the development site at the moment. Like many other scanners it doesn't see by default how certain urls all map to the same PHP script.

I already committed a few minor updates to improve handling of corner cases in not set variables and other things popping up in the scan.

Update 2022-09-23: I realized the reporter has never responded with the actual bug information.

Tags: , , ,
2022-08-24 Digging into WPA Enterprise authentication packets
After digging into setting up radius and WPA Enterprise with an Asus WL300g accesspoint the next step was to peek into the traffic on a client.

For that part I used a linux machine with a wired and wireless interface and used tcpdump to try to capture the wireless authentication packets. I configured /etc/network/interfaces for wpa enterprise, based on the eduroam examples.

And this worked, starting the capture:
root@ritchie:~# ifconfig wlan0 up
root@ritchie:~# tcpdump -ni wlan0 -w wlanstart.pcap -s 0 -u -v
And I typed in another window 'ifup wlan0'. This resulted in a capture with the right Extensible Authentication Protocol (EAP) packets included:
root@ritchie:~# tcpdump -nr wlanstart.pcap -v
reading from file wlanstart.pcap, link-type EN10MB (Ethernet)
16:47:39.658963 EAP packet (0) v2, len 5, Request (1), id 0, len 5
                 Type Identity (1)
16:47:39.660863 EAP packet (0) v1, len 25, Response (2), id 0, len 25
                 Type Identity (1), Identity:
16:47:39.662840 IP6 (hlim 1, next-header Options (0) payload length: 56) :: > ff02::16: HBH (rtalert: 0x0000) (padn) [icmp6 sum ok] ICMP6, multicast listener report v2, 2 group record(s) [gaddr ff02::1:ff23:123 to_in, 0 source(s)] [gaddr ff02::1:ff84:afe0 to_ex, 0 source(s)]
16:47:39.668736 EAP packet (0) v2, len 6, Request (1), id 1, len 6
                 Type TTLS (21) TTLSv0 flags [Start bit] 0x20,
16:47:39.670420 EAP packet (0) v1, len 6, Response (2), id 1, len 6
                 Type Nak (3) unknown (25),
16:47:39.682125 EAP packet (0) v2, len 6, Request (1), id 2, len 6
                 Type unknown (25)
16:47:39.741150 EAP packet (0) v1, len 203, Response (2), id 2, len 203
                 Type unknown (25)
16:47:39.756343 EAP packet (0) v2, len 1004, Request (1), id 3, len 1004
                 Type unknown (25)
16:47:39.756598 EAP packet (0) v1, len 6, Response (2), id 3, len 6
                 Type unknown (25)
16:47:39.834920 EAP packet (0) v2, len 1000, Request (1), id 4, len 1000
                 Type unknown (25)
16:47:39.835159 EAP packet (0) v1, len 6, Response (2), id 4, len 6
                 Type unknown (25)
16:47:39.842070 EAP packet (0) v2, len 1000, Request (1), id 5, len 1000
                 Type unknown (25)
16:47:39.842318 EAP packet (0) v1, len 6, Response (2), id 5, len 6
                 Type unknown (25)
16:47:39.866174 EAP packet (0) v2, len 79, Request (1), id 6, len 79
                 Type unknown (25)
16:47:40.006260 EAP packet (0) v1, len 144, Response (2), id 6, len 144
                 Type unknown (25)
16:47:40.014338 EAP packet (0) v2, len 65, Request (1), id 7, len 65
                 Type unknown (25)
16:47:40.016467 EAP packet (0) v1, len 6, Response (2), id 7, len 6
                 Type unknown (25)
16:47:40.028765 EAP packet (0) v2, len 43, Request (1), id 8, len 43
                 Type unknown (25)
16:47:40.029290 EAP packet (0) v1, len 96, Response (2), id 8, len 96
                 Type unknown (25)
16:47:40.036381 EAP packet (0) v2, len 75, Request (1), id 9, len 75
                 Type unknown (25)
16:47:40.043383 EAP packet (0) v1, len 144, Response (2), id 9, len 144
                 Type unknown (25)
16:47:40.057720 EAP packet (0) v2, len 91, Request (1), id 10, len 91
                 Type unknown (25)
16:47:40.058739 EAP packet (0) v1, len 80, Response (2), id 10, len 80
                 Type unknown (25)
16:47:40.071176 EAP packet (0) v2, len 43, Request (1), id 11, len 43
                 Type unknown (25)
16:47:40.072087 EAP packet (0) v1, len 80, Response (2), id 11, len 80
                 Type unknown (25)
16:47:40.082689 EAP packet (0) v2, len 4, Success (3), id 11, len 4
16:47:40.082865 EAPOL key (3) v2, len 117
16:47:40.091607 EAPOL key (3) v1, len 117
16:47:40.107041 EAPOL key (3) v2, len 175
16:47:40.107839 EAPOL key (3) v1, len 95
At the same time I captured the radius traffic. Now time to correlate those two traffic streams in wireshark.
Read the rest of Digging into WPA Enterprise authentication packets

Tags: , , ,
2022-08-23 Testing with radius and 802.1x authentication on wifi
For work I am looking into how Wi-Fi Protected Access (WPA) actually works down to the byte level, to be able to explain what actually happens and where the security strenghts and weaknesses are.

To set this up I need a separation between the access-point and the authentication server. I dug up an old Asus WL300g access-point and looked at FreeRADIUS as authentication, authorization and auditing (AAA) server. I followed the A very basic (but functional) eduroam configuration - FreeRADIUS wiki guide to get to a working setup, but with different passwords.

Getting the access-point to talk to a radius server took a bit of searching and trying: I assumed that "802.1x" which is extended to "Radius with 802.1x" was the right mode to use a radius server in the background, but it turned out this didn't do what I want. I saw no communication with the radius server and I didn't see the SSID advertised.

The right mode is "WPA" and things started to work that way. It still needs a few settings to talk to the radius server: IP address, port and shared secret.

I chose to go the 'eduroam' way because that is what I am used to from work. This does mean I had to set a home domain for authentication. With eduroam I also get Extensible Authentication Protol (EAP) extensions to handle with the real user data. The result is an outer authentication layer visible to the first radius server in the path and an inner authentication layer only visible to the final radius server in the path. Although both the outer and the inner authentication servers run on the same freeradius server they are separate configurations with a trust relation between them.

The traffic to the inner authentication server is wrapped in TLS and needs a certificate. I used LetsEncrypt to generate a trusted certificate. I noticed I am at a point where generating a valid LetsEncrypt certificate was easier for me than fiddling with self-signed certificates. So I could set up my phone to require a valid certificate for

All of this worked and I had a WPA Enterprise connection with the access-point and a lot of debug logging in freeradius.

My next plan is to find some computer with a network card where I can run wpa_supplicant while at the same time grabbing all the raw 802.11 frames and analyzing/understanding the traffic. I will also look at the radius traffic between access-point and outer radius server, and the radius traffic between outer and inner radius server.

Tags: , , ,
2022-08-11 The summer bitcoin extortion scam
Cybercriminal Summertime is also time for some extortion scamming... this one just in:
Hi. How are you?

I know, it’s unpleasant to start the conversation with bad news, but I have no choice.
Few months ago, I have gained access to your devices that used by you for internet browsing.
Afterwards, I could track down all your internet activities.

Here is the history of how it could become possible:
At first, I purchased from hackers the access to multiple email accounts (nowadays, it is a really simple thing to do online).
As result, I could easily log in to your email account

One week later, I installed Trojan virus in Operating Systems of all devices of yours, which you use to open email.
Frankly speaking, it was rather straightforward (since you were opening the links from your inbox emails).
Everything ingenious is quite simple. (o_0)!


Here is my bitcoin wallet provided below: bc1q82tvkvmzjzyqf60guqpxhcn2tuapqup35a9ldr

You should complete the abovementioned transfer within 48 hours (2 days) after opening this email.

The following list contains actions you should avoid attempting:
#Do not try calling police as well as other security forces. In addition, abstain from sharing this story with your friends.
After I find out (be sure, I can easily do that, given that I keep complete control of all your devices) – your kinky video will end up being available to public right away.
#Do not try searching for me – there is absolutely no reason to do that. Moreover, all transactions in cryptocurrency are always anonymous.
#Do not try reinstalling the OS on your devices or throwing them away. It is pointless as well, since all your videos have already been uploaded to remote servers.
As always: don't fall for these scams.

Earlier items about bitcoin extortion scams: Earlier, earlier, earlier, earlier, earlier, earlier, earlier, earlier, earlier (although I think bitcoin is generally a really bad idea and a huge scam)

Tags: , ,
2022-08-06 PGP key needs fetching from time to time
PGP lock logo Someone reported to me my PGP key was expired and whether I was still using it or I gave up on PGP/GPG.

I have an expiry date on my key, but I do update it from time to time when expiry nears. I now notice just doing a gpg --refresh doesn't update the expiry moment. The solution is to hard fetch the key. In the case of my home pgp key:
$ gpg --keyserver --receive-keys 0x5BA9368BE6F334E4
This updates the expiry date(s) and the uids. If you have my key and it looks expired and/or still has an old e-mail address with kzdoos in it please do this now. Complete data at Search results for '0x5BA9368BE6F334E4' where you can see all the details including the revoked bits. Those revoked bits won't show up in normal use.

I know gpg and other pgp related software has to be designed to be really really secure up to the last bit, but some attention to user friendlyness could be a good idea if it's possible to confuse even experienced pgp users.

Tags: ,
2022-07-27 I was at May Contain Hackers MCH2022
Logo MCH2022 May Contain Hackers After I visited earlier Dutch hacker events HEU, HIP97, HAL2001, WTH2005 I missed HAR2009, OHM2013 and SHA2017. I can only say 'life happened' because my son was born in the interim and my interests changed.

In the beginning of this year I heard about the new planning for May Contain Hackers as the original plan was for 2021 and it was postponed due to covid-19. I started thinking about attending and when the opportunity to get a free ticket arose due to my links with Surf I got serious.

Life is still happening so I coordinated with the rest of the family whether I could be missed at home and for how long. The result was that I would go Friday evening until Tuesday afternoon and I would go there by recumbent bicycle with the luggage trailer so the rest of the family could use the car.

The people from Surf set up our own village Village:SMRF next to Village:OS3. I slept in my own tent because I really want my rest at night and I want that rest at a somewhat normal schedule (not really a hacker schedule). I brought a 1-person tent, a sleeping bag, clothes, gear to make breakfast with tea and coffee, a smartphone with charger and a handheld radio with charger. Having to move all my luggage myself on the recumbent bicycle made me very selective in what to bring.

Aerial picture of MCH2022 from water, credit donar on twitter
Aerial picture of MCH2022, links to larger version
I went to several talks spoke a number of well-known people, got to know new ones, saw people there I didn't expect and had a good time.

What I really enjoyed was the friendly atmosphere. One aspect of that caught my attention: besides people with non-traditional clothing and hairstyles I saw several people who looked like they were somewhere in a gender transitioning process. They felt free at MCH to be themselves. One person responded to me when I shared this observation: "I saw more LGTB flags here than at Pride in Amsterdam".

Also MCH was really non-commercial. Mentions of the sponsors were minimal and never in-your-face.

The weather cooperated a lot! It might have been quite different with bad weather. There was some rain before Friday so I saw mentions of "Mud Contains Hackers" on twitter. Saturday and Sunday were hot, Monday was cooler. Tuesday started with rain and some more showers, so my tent wasn't completely dry when I packed.

Cycling the 45 kilometers was fine. I used google maps for navigation (but with the smartphone not visible, just the instructions on my earbuds). I had to stop several times to check the screen to check the instructions and sometimes google came up with weird things. I had it set up for cycle navigation but it still said to take three-quarters of a roundabout to go left while the roundabout allowed me to go from one cycling path on the left of the road to the other. It took me about 2 hours 45 minutes including stops for navigating and stops for drinking, eating and adding some water to nearby trees.

All in all I had a great time. I had my moment of "I am getting too old for this" but that faded and I really enjoyed myself.

List of talks I attended, with links to the place to view it online:

Tags: , ,
2022-07-20 I redid my 'recent QSO map' with leafletjs and openstreetmap tiles
Screenshot pe4kh qso map faroer island My todo-list for hobby projects has had an entry 'redo maps in sites using leaflet' for a while and on an otherwise calm evening I got around to it. The first thing to upgrade was the recent contact map for PE4KH which shows an overview of places where I had the last 150 contacts plotted on a map, with some details per contact.

I'm not good at javascript programming at all so I just look for examples that come close to what I want and I adjust them until they do what I want. Luckily I found some good geojson examples and I managed to get the points on the map. After a bit of massaging, trying and reading I managed to add the popup with the location. The next and harder bit was adding default and non-default icons. Eventually I got my brain wrapped around the bits needed for that too. After that the test version got deployed to production and you can look at it now.

Documentation and code snippets used: The main reasons for switching to leaflet are that google maps was limiting free access to maps although they seem to have mostly reverted this plan and I wanted to promote openstreetmap.

The general conclusion is that sites with maps do need regular maintenance, if hosted leaflet goes away or stops this version, if the rules for using hosted openstreetmap tiles change or if something else happens I have to adapt the site, maybe even quite fast.

Tags: , ,
2022-07-17 VDSL instabiliteit, instelling SNR margin aangepast
De laatste dagen was een deel van de tijd de VDSL weer instabiel en verbrak soms om de 5 minuten. De kabel tussen ISRA punt en modem is wel de verdachte op dit moment.

De standaard oplossing zou natuurlijk zijn om die kabel korter te maken, maar het ISRA punt zit helaas in de kruipruimte en daar wil ik mijn VDSL modem echt niet. Dus er is ongeveer 4 meter kabel nodig van ISRA punt naar meterkast. Op een bepaald moment heb ik daarvoor het bruine aderpaar van een CAT5E kabel gepakt, omdat ik ergens gelezen had dat de twist van dat aderpaar het dichtst bij telefoonkabel komt. Deze kabel heeft wat last van oxidatie, ik heb eerder er ook al een stukje afgehaald vanwege vergaande oxidatie. Misschien moet de hele kabel vervangen worden door een echte KPN telefoonkabel. Ik heb voor de test een keer even een platte kabel zonder twists gebruikt, maar daar werd de uploadsnelheid lager van.

Als tijdelijke oplossing heb ik in de draytek vigor 130 ingesteld dat ik extra 'SNR margin' wil met vdsl snr 10.

Updates 2022-07-18: De instabiliteit bleef vandaag en als we proberen thuis te werken is dat heel gauw heel irritant. Een tijdelijke andere kabel tussen ISRA punt en modem gaf ook geen verbetering, dus rond de lunch maar gebeld met de internet provider Freedom Internet. Die als volgende stap aangaven om de firmware van het modem te upgraden (er was inderdaad een nieuwere versie) en nog eens een factory reset te doen. Bij een draytek Vigor 130 is dat laatste vrij makkelijk door een firmware met .rst extensie te uploaden. Helaas was de recovery procedure Draytek modems weer eens nodig na de eerste upgrade via de webinterface. En het duurde even voordat ik doorhad dat ik het belangrijke woordje binary in die procedure vergat, en dat leverde geen startend modem op. Uiteindelijk gelukt en weer verder...

Maar na een verdere set onderbrekingen was het duidelijk dat het niet verbeterd was en heb ik weer teruggebeld naar Freedom Internet. Na veel ruggespraak, nazoeken en overleg met collega's was de volgende stap dat er nu een monteur gaat komen van KPN Wholesale Broadband Access. Eerste optie op donderdag 21 juli.

Updates 2022-07-21: De KPN monteur heeft uitgebreid gemeten en het ISRA punt vervangen omdat de draadjes in het ISRA punt niet ideaal er in gezet waren. De monteur heeft geprobeerd het ISRA punt te verplaatsen naar de meterkast maar daarvoor is de grondkabel helaas net te kort. Na het vervangen heeft de monteur nog uitgebreid gekeken naar alle lijnstatistieken, zag dat DLM niet aanstaat op deze lijn terwijl hij dat wel verwachtte maar dat kan een keuze zijn van de provider.

Een van de dingen die de monteur zich nog afvroeg was wanneer er glasvezel zou komen naar dit adres. Dat vraag ik me ook regelmatig af, maar ik hoor niets over plannen. Open Dutch Fiber is aan de overkant van het spoor bezig in Tuindorp. Maar geen van de fiber aanbieders laat iets weten over toekomstplannen tot dat er een echt project is om een bepaalde wijk aan te gaan sluiten.

Updates 2022-07-22: De volgende ochtend blijken er toch weer vergelijkbare onderbrekingen te zijn. Freedom mailde pro-actief dat ze van hun kant ook de problemen zagen. Een optie is nog om het te proberen met een ander modem.

Updates 2022-07-28: Terug van MCH2022 blijkt alles sinds de avond 22 juli stabiel en zonder onderbrekingen te werken. De tellers voor fouten blijven sinds de 25e stilstaan. Pas nu ik zelf actief ben op de radio is er weer een korte onderbreking.

Tags: ,
2022-07-16 Trintelhaven revisited
Friday I had the day off and a plan together with Kees PA5Z to visit the location Trintelhaven again, just like we visited the location Trintelhaven in the summer of 2019.

This time the plan was to test some different antennas and make morse contacts. Driving there wasn't too big of a problem although you really have to use navigation to get through Lelystad, it's like through-traffic from the main highway (A6) to Enkhuizen isn't really promoted.

We got there fine, looked for a nice spot, found all the work machines we saw on the previous visit gone so there was a nice spot again. We selected a secluded field not to close to someone working on a boat, far away from everything else.

Endfed antenna set up at Trintelhaven
Endfed antenna set up at Trintelhaven
We set up my endfed antenna with one end up in the trees and the other end supported by a metal pole. On testing this antenna worked fine again. I redid all the soldered connections in it after it failed me a few weeks ago.

I called CQ in the 20 meter band in a spot where one can usually find slow morse and got some contacts with nice people in the log. One with SM6RWJ in Sweden, one with WB2YVY Kurt in the state of New York in the US and one with LA9FG Nol in Norway near Aalesund.

Kees PA5Z en Koos PE4KH behind the radio
Kees PA5Z en Koos PE4KH behind the radio
Kees also made some contacts. His nicest contact was with SK6SAQ the amateur radio station at the World Heritage Grimeton radio station. After a few morse contacts the radio Kees brought stopped working, it switched off and restarted when trying to transmit morse. It wasn't very clear what caused this.

As planned we took turns on the antenna sending morse, while both listening for answers and writing down the callsigns and the replies that came, including first names and weather reports: it was cloudy in Norway.

A nice day out. Sending standard messages and writing down what was coming back is getting easier after all our morse training!

Tags: ,
2022-07-14 Don't use mifare classic cards for stored value
More than 11 years ago I wrote about the Magna Carta card systems for access / payment and the use of the mifare classic (in Dutch). I found a strong statement on the Magna Carta website back then that using mifare classic for stored value was a really bad idea, since the encryption on the card is broken.

It's now 2022 and I read MIFARE Cracking about a company using a mifare classic for stored value which shows the steps from discovering what type of card that company uses to the option of manipulating the stored monetairy value on the card.

Found via Travis Goodspeed on twitter - A practical article on cloning a Mifare Classic employee badge to tamper with the snack machine.

Tags: , ,
2022-07-13 Adding pictures to the reports of our trip to Iceland
I created a flickr album Iceland 2022 - Our trip to Iceland in April/May 2022 and linking to the pictures from the right report was still kind of hard because it's a complicated bit of html with repetitions and chances of errors.

The solution: make the computer help me. The flickr API allows me to fetch data about an album and about the pictures in that album, so I spent an evening writing some perl to get links to all the pictures in the album with thumbnails.

Now most days of Complete reports of our trip to Iceland have been enhanced with pictures.

Tags: , , ,
2022-07-10 I participated in the IARU HF contest
CW contest filling the bands on a websdr This weekend was the IARU HF World Championship contest and I participated after fully planning this in advance. I made sure my contest logger was set up and communicating with the remote radio and its morse keyer in advance.

I participated on the 10, 15 and 20 meter bands. The original plan was to also include 40 and maybe 80 but there was enough to contact on 10 and 15 on Saturday evening, so I only got around to the 20 meter band on sunday. In total 182 contacts: 20 in SSB (speech) and 162 in CW (morse).
Band   160   80   40   20   15   10
QSO's    0    0    0   58   83   41
Mult     0    0    0   24   33   16
Pts: 586  Mul: 73 Score: 42778     
I managed to make a few contacts outside Europe, not a lot of real DX.

Calculation when entering the log: Raw Score: 453 Qpts x 73 Mults = 33,069 (181 QSOs) so there is a difference in opinion between TLF and the ARRL contest website. The difference in number of contacts is due to one duplicate. The difference in Qpts (QSO points) is due to a difference in the scoring rules. As the ARRL contest website is up to date with the current rules I think they are right and I need to have a look at the TLF ruleset.

Hearing and understanding the morse went ok, I don't think I have a high number of errors.
Read the rest of I participated in the IARU HF contest

Tags: , ,
2022-07-07 First signals on the logic analyzer circuit
The logic analyzer circuit I ordered came in today with the test leads. Both the circuit and the test leads have pins so I need something to connect those two. So the crate with PC cables was ransacked and a floppy drive cable is now connecting the logic analyzer and the test leads.

The logic analyzer shows up in linux as usb device:
Bus 002 Device 008: ID 1d50:608c OpenMoko, Inc. Fx2lafw
Finding software was quite easy: pulseview indeed works out of the box, complete with support for this logic analyzer.

I had a look around for something to analyze and finally settled on the ESP32 based NTP clock because that's still on a breadboard and signals are available. I can see the bits flowing between the ESP32 microcontroller and the display module.

I'm still seeing some bits come in on unconnected testleads so I'm not sure I am doing everything right. But it's a start!

Tags: ,
2022-07-07 Upgraded the homeserver OS to devuan beowulf and replaced the UPS battery
A few days ago I noticed some interesting messages in the apcupsd log:
2022-07-04 10:14:15 +0200  Battery disconnected.
2022-07-04 10:16:24 +0200  Battery reattached.
2022-07-04 10:19:53 +0200  Battery disconnected.
2022-07-04 10:20:40 +0200  Battery reattached.
Checking the UPS statistics showed me the battery charge was dropping to about 7 % of the capacity while the mains power was available. Since the battery was over 5 years old I ordered a new one to replace it.

This battery was scheduled to arrive Wednesday at the start of the afternoon and I wanted to do an upgrade of the Linux distribution on the main homeserver conway anyway because devuan ascii is already 'oldoldstable' (but still getting updates).

The homeserver uses 2 disks with the main lvm volume in a raid-1. The /boot and /boot/efi filesystems are mirrored by hand with the idea to end with a working boot even when 1 disk is missing.

After the shutdown and replacing the UPS battery I switched the server on again and I was greeted by a grub prompt and nothing to boot. After a few tries I got the system booting again, after that I went searching for what went wrong. Eventually I found out the file /boot/efi/EFI/devuan/grub.cfg pointed at a missing filesystem. I found out the best way to fix this is with
# dpkg-reconfigure grub-efi-amd64
both with /dev/sda and /dev/sdb filesystems on /boot and /boot/efi.
Read the rest of Upgraded the homeserver OS to devuan beowulf and replaced the UPS battery

Tags: , ,
2022-07-02 Checking hotel keycard security
For the first time in years I was staying in a hotel again for one night. The key for the hotel was a creditcard sized plastic card so I assumed immediately it was an RFID based card.

Years ago I would have needed my linux laptop and the touchatag NFC reader to understand more about the keycard, but we're in some form of the future now, so I used NFC taginfo by NXP on my phone and held the keycard up to the phone.

The taginfo app made the happy noise and told me it was an NXP mifare classic card. The app even told me most sectors had a default key of FF:FF:FF:FF:FF:FF. One sector was not accessible due to a different key but with mfoc (Mifare Classic offline cracker) or one of the other attacks on the Mifare classic I could probably get access to that sector.

So in theory with something like the proxmark I could clone keycards of other visitors. Or clone the keycard of the cleaning crew which gives a lot more access.

Update: A bit of searching finds this: Researchers Find Way to Create Master Keys to Hotels - F-Secure Blog. I don't know if the lock I looked at is the same system as the system in this article.

Tags: , ,
2022-06-26 Regenwater vasthouden voor de achtertuin
Blad met regendruppels
Blad met regendruppels
De regenton die we al jaren in de achtertuin hadden is een keer lek geraakt, vermoedelijk door het bevriezen van het water er in. Sindsdien maak ik regentonnen ergens in oktober leeg en sluit de toevoer af, en in maart sluit ik de toevoer weer aan. Maar het gevolg van het lek was ook dat er steeds een erg vochtige hoek was in de achtertuin.

Vanwege de goede ervaringen met de regenton aan de voorkant van het huis en de gevolgen van de regelmatige lekkage wilde ik die aan de achterkant ook vervangen. Op die plek is ruimte voor een grotere regenton, dus is de keuze uiteindelijk gevallen op een 225 liter regenton groen Big Storm - met een vulautomaat Harcostar. Dus ook weer van want het aanbod daar is me prima bevallen.

Na installatie was het wachten op regen. Het duurde een paar buien voor de ton redelijk vol was, want het deel dak waar deze regenton op aangesloten is is niet zo groot. Maar nu kunnen we de tuin weer water geven vanuit de regenton. En de plantjes binnen water geven met regenwater.

Het uiteindelijke doel: minder regenwater in het riool en minder gebruik van drinkwater in de tuin. Het werkt: sinds we de regenton aan de voorkant hebben is de kraan aan de voorkant niet meer gebruikt.

Aanvulling: Ondertussen is duidelijk dat een te kleine voet voor een regenton niet werkt. De regenton was opgesteld op een stapel tegels en stak daar aan alle kanten overheen. Nadat de ton helemaal gevuld was met water (circa 225 liter dus) ging deze scheef hangen en op een bepaald moment zakte de ton omver en stroomde er 200 liter water door de tuin. Daarna zat er een deuk in de bodem van de ton met duidelijk de afdruk van een hoek van een tegel. De deuk is gelijk weer teruggeduwd. Er zit nu een plaat onder die de volledige bodem ondersteund.

Tags: , ,
2022-06-23 It seems someone doesn't like it I write about bitcoin extortion scams
Cybercriminal Today I'm seeing bounces of bitcoin scam mail, with about the same text as in the bitcoin extortion scam of about a week ago, but with a different bitcoin wallet.

In the body of the mail the claim is that the criminal hacked the mailbox of the victim and can now send as the victim, but this criminal decided to 'get even' with me at the same time and contradict himself by setting the sender address to my e-mail address.

So I'm now browsing the bounces and see the bitcoin wallet for this scam is 1Mjt2xobFExdZBGfjTVDcgzJWQxRxoHBdA which hasn't scammed anyone yet.

As always: don't fall for these scams.

Earlier items about bitcoin extortion scams: Earlier, earlier, earlier, earlier, earlier, earlier, earlier, earlier, earlier (although I think bitcoin is generally a really bad idea and a huge scam)
Read the rest of It seems someone doesn't like it I write about bitcoin extortion scams

Tags: , ,
2022-06-22 Bijhouden software netwerkgroep website
Van tijd tot tijd controleer ik of de netwerkgroep weblog nog updates nodig heeft aan de Serendipity weblog software die draait sinds de installatie van Serendipity voor de netwerkgroep in 2006. Nu is Serendipity zeer veilig geschreven want dit komt maar heel zelden voor.

Toch bleek het vandaag nodig te zijn en kreeg ik de update niet in een keer rond. Blijkbaar stonden er nog wat rechten verkeerd sinds de virtuele machine voor de webserver een crash had gehad. Na het oplossen hiervan draait het weer rustig door.

In de oude artikelen gaan natuurlijk wel eens links naar externe sites kapot. Daar doe ik nog wat onderhoud aan.

Tags: , ,
2022-06-19 Complete reports of our trip to Iceland
Recently I realized I am quite enjoy stories and videos of travel. As we had our own travel adventure a month ago I decided to write about it extensively as the memory was still fresh and I wanted to mentally relive that trip and get some experience in writing about my travels.

Iceland road sign einbreið brú for a one-lane bridge With some help of the pictures, the list of hotel reservations and checking the maps there is now a complete set of stories of this holiday. I backdated the stories to the days they happened which was for me the logical choice.

The reports per day: In general this was a really good vacation. Iceland has the kind of raw nature and geology I enjoy visiting. The people are really friendly and helpful. Compared to our earlier visits it is clear Iceland is more prepared for visiting tourists without turning into a tourist trap.

Iceland has turned even more cashless than in earlier visits. With a credit card and a debit card you can pay almost everything, even contactless international payments work. We saw a problem with paying with Android pay after a few days so we stopped doing that.

Mobile phone and mobile data coverage is near-perfect along the roads. It's probably a good idea to not rely on mobile phone when you go on inland hiking trails but as long as you are sticking to paved and gravel roads there is lots of coverage.

The first pictures have been integrated, for some days I need to copy more pictures from the camera to flickr to add these to the collection.

Tags: ,
2022-06-16 Time for some more bitcoin extortion spam
Cybercriminal I hadn't seen these in my inbox in English for a while, but here we go again.
Hi! You can consider this message as the last warning. We've hacked your
This information can destroy your reputation once and for all in a matter in
minutes. You have the opportunity to prevent irreversible consequences. To do
so you need to:

Transfer 1200 USD (US dollars) to our Bitcoin wallet.
Don't know how to make a transfer? Enter "Buy Bitcoin" into the search box.

Our Bitcoin wallet (BTC Wallet): bc1q4r05c7wdazh87ty9x9968e2r90w72rhtq5jl43

After you make the payment, your video and audio recordings will be
completely destroyed and you can be 100% sure that we won't bother you
again. You have time to think about it and make the transfer - 50 hours!
As always: don't fall for these scams.

Earlier items about bitcoin extortion scams: Earlier, earlier, earlier, earlier, earlier, earlier, earlier, earlier (although I think bitcoin is generally a really bad idea and a huge scam)

Tags: , ,
2022-06-15 Grafana 9.0.0 available, and downgraded back to 8.5.6 and back up...
I saw an upgrade of Grafana available, which turned out to be 9.0.0. When upgrading to 9.0.0 I get...
An unexpected error happened
TypeError: Object(...) is not a function

So maybe the grafana-clock-panel plugin isn't compatible with 9.0.0 somehow.

Downgrading to 8.5.6 and reloading everything makes it work again.

Update: I checked the grafana-clock-panel plugin and noticed it hadn't been updated. So I did that update and retried grafana 9.0.0, and that made everything run smoothly again.

Tags: , ,
2022-06-12 And the really annoying block at Microsoft is back
After receiving another mail in the mail exchange that made me note Microsoft wasn't blocking my mailserver anymore we're back right in the same spot:
   ----- Transcript of session follows -----
... while talking to
>>> MAIL From:<***** .at.> SIZE=2035 BODY=7BIT
<<< 550 5.7.1 Unfortunately, messages from [] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3150). You can also refer your provider to []
554 5.0.0 Service unavailable
Aaargh. I thought it wasn't broken anymore. Utterly unreliable stuff at Microsoft.

And I'm back to having to use SMS to explain to very non-technical people why their mail isn't getting through: because they are using

Update 2022-06-13
As a workaround I am now using SMTP2GO to send mail to and SMTP2GO does interesting things (even in a free account) to get the mail delivered and keep their mail 'reputation' in the plus. I hate having to use such a service to get my mail delivered but this is one of those signs that Internet e-mail has been demolished by spammers.

Tags: , ,
2022-06-11 Finally CW included on paper
Today the updated registration documents and card arrived with the much wanted "CW included". I passed the exam on 18 April 2022 and informed Agentschap Telecom on Tuesday 19 April 2022 about passing the morse test.

In the autoreply from Agentschap Telecom there was a remark that changes in existing certificates or registrations can take up to 8 weeks to process. At almost 7 weeks they lived up to their promise.

Tags: ,
2022-06-08 My interests in electronics and security together: trying some hardware hacking
One of the subject areas I'm interested in at work is hardware security and hardware hacking. After doing things with rfid earlier I'm now looking at low-level electric interfaces. With the earlier hardware challenges in CTF contests in HackTheBox Cyber Apocalypse CTF 2022 - Intergalactic Chase and The HackTheBox & CryptoHack Cyber Apocalypse 2021 I got interested in logic analyzers. Those sounded expensive (but I never actually checked).

And then I read this bit: I recently got this 8ch cheap USB-C logic analyzer from AliExpress and the price shown is 5.42 US dollar. That's really cheap!

For that price I can buy one and not be too dissapointed when it blows up or fails to give me the joy I hope. So, ordered: one 8 channel logic analyzer and a set of test leads so I can actually clip this to a circuit. The price for me for the logic analyzer circuit is EUR 6.78 including delivery and taxes.

For software I learned about PulseView.

This hardware has limitations, but for simple decoding of hardware protocols this is a nice start.

Tags: , ,
2022-06-06 It seems Microsoft doesn't block my mailserver anymore
Recently I tried to contact someone with an address and it went fine. So it seems the really annoying block I ran into earlier is gone. I still get enough spam from/via so I'm still not convinced the spamfiltering at outlook is working very well but that's a different rant. The incoming block is now gone.

Tags: , ,
2022-06-05 Having multiple wsjt-x instances available from CQRLOG
I'm currently also doing some contacts with a special event station call and I wanted to separate the wsjt-x history for my normal call from the history for the special event station call, just like I split the log databases in CQRLOG.

For the non-amateurradio persons: I have my own callsign, PE4KH which is linked to me. It is also possible to have one extra temporary callsign. Those are usually linked to an event or some other reason for a 'special' callsign. Temporary callsigns in the Netherlands have either the digit 6 or more than one digit.

There is an option for multiple profiles in wsjt-x but those are just for the settings (including callsign) but not for the logging location. This means all different profiles share the same history and will show the same countries as 'new' or 'already contacted'.

When I was looking at the options for starting wsjt-x with different settings I noticed the -r --rig-name <rig-name> Where is for multi-instance support. option in the help. With this option, all the logging is in ~/.local/share/WSJT-X - <rig-name>/ which is what I want.

The next challenge is to start wsjt-x with the extra commandline paramater from CQRLOG. It seems the 'path to wsjt-x' setting doesn't accept commandline parameters. So I created a script ~/bin/ses-wsjtx with:

/usr/bin/wsjtx -r ses
Changed the 'path to wsjt-x' setting to /home/koos/bin/ses-wsjtx and now I get what I want.

Tags: , ,
2022-06-04 Grolsch Puur Weizen
Beer illustration Grolsch is one of my choices for 'standard' Pilsener beer. So I keep an eye for the available special beers. This time I saw Grolsch Puur Weizen available and decided to give it a try.

It's a slightly hoppy taste, and I can appreciate this. Nothing too strong in the taste. Grolsch follows the German Weizen style including the Reinheitsgebot. This beer does taste slightly different from what I would expect from a German Weizen. Grolsch themselves name it clove, I agree to the taste going in that direction. I wouldn't expect that in a German Weizen.

The beer details

Beer namePuur Weizen
Beer styleWeizen
Alcohol by volume5.1 %

Tags: ,
2022-06-01 HackTheBox Cyber Apocalypse CTF 2022 - Intergalactic Chase
With a team of people from work we participated in this years HackTheBox Cyber Apocalypse CTF 2022. And while my teammates managed to solve several challenges, some of them with some thinking from me, I personally solved zero challenges. Which was a bit dissapointing.

I was especially interested in the hardware hacking challenges because that is a subject I am quite interested in.

Hardware / Space pulses

This challenge had a .sal file. After I learned about Salea Logic Analyzer in the 2021 HackTheBox Cyber Apocalypse I opened the file in this logic analyzer and started trying to find out what I was looking at.

It was a one-channel digital signal. It turned out to have a variable duty cycle, with complete cycles being 255 and a bit milliseconds. I noticed the maximum duty cycle was somewhat less than 50%.

I spent a lot of time trying to decode this, mostly thinking in the direction of it being a pulse width encoded signal with probably 4 bits of information per cycle to get 54 characters which seemed reasonable for a flag. But with the assumption that the smallest pulse is the representation of 0000 and the widest pulse is the representation of 1111 I could not get valid data from it, and it was nowhere near decoding a flag. I was sure I was overthinking it somewhere, but couldn't find out where.

A while after the CTF I read Writeup] Cyber Apocalypse 2022 — Space Pulse [Hardware] and I obviously made a big "D'Oh!" sound as I was getting to the solution, but indeed overthinking it.

Hardware / Secret Codes

With this challenge I also downloaded a .sal file with two signals: a digital one and an analog one. The digital one stops after the first 'databurst' while the analog one is clearly the 'unpolished' version of the digital signal.

I first tried to decode the digital signal as an async serial signal and found nothing. I also tried manchester encoding and also found nothing. Staring and pondering never fixed this.

I found a writeup at HTB 2022 Cyber Apocalypse CTF - Hardware - Secret Codes which made me go "D'Oh!" again: it was manchester encoding. BUT (big but) Manchester encoding has 2 changes per bit and I left the bitrate at the same as for the async serial decoder.

Tags: ,
2022-05-30 I participated in the CQ WPX CW contest
CW contest filling the bands on a websdr Last weekend was the CQ World Wide WPX Contest CW organized by CQ Amateur Radio magazine. The term 'WPX' stands for 'Worked All Prefixes'. The objective of this contest is to get contacts and exchange information with as many different other radio amateurs using morse code. Points are awarded for each contact, based on which amateur band and whether they are in the same or different continents. Multipliers are calculated from the number of different prefixes contacted. The prefix of my callsign PE4KH is PE4 which is a different prefix from for example PE3. This is a 48-hour contest.

A good reason for me to participate was to practise my morse in contesting skills. Those skills still need work as I had trouble understanding the serial numbers. But with a bit of asking for a retransmission or guessing from the previous/next serial it sort of worked out for me. I felt like I had a lot more trouble understanding the serial numbers compared to a week ago in the King of Spain CW contest.

I guess my call PE4KH is now in the list(s) of regular contest calls. When my callsign is repeated completely, it's never a PE4KS. In morse, an H is four dots .... and an S is three dots .... In the first few contests I had to correct PE4KS a few times, or ended in the log with the wrong call, so this feels to me like my call is now more familiair.

I got 102 contacts in the log. I operated Saturday afternoon and parts of the evening, and late Sunday evening, wrapped around things like sleeping and other things in the weekend. I got one new country in the log: Mongolia. And I made my first morse contacts to Japan, China and Malta. The score table:
Band   160   80   40   20   15   10
QSO's    0    0   31   71    0    0

Pts: 144  Mul: 84 Score: 12096
Read the rest of I participated in the CQ WPX CW contest

Tags: , ,
2022-05-23 I participated in the King of Spain CW contest
CW contest filling the bands on a websdr Since I have been learning morse code and passed the morse exam I notice I get more enjoyment out of contacts in morse code than out of contacts in digital modes. In digital modes (FT8) it is the computer doing hard work decoding and there isn't much variation, in morse I do the decoding and contacts can be from very simple confirmations of callsigns to longer chats about things.

This also means I like chances to make morse contacts. One of the simple ways to make more morse contacts is to get involved in an amateur radio contest with morse. Last weekend was the His Majesty The King of Spain CW Contest and I participated. Before the contest I tried to build a contest scoring file for TLF Linux contest software. During the contest I found out the file wasn't correct as the score wasn't calculated correctly but I will debug that later.

I participated Saturday evening and I made 41 contacts: 37 on the 20 meter band, 3 on the 10 meter band and 1 on the 40 meter band.

That's 41 in total, which is not a lot: the minimum number to get a digital certificate in PDF format is 50 or 100 contacts. But I'm not doing this to win anything, I'm doing this to get more experience in morse and morse contesting.

I still have trouble decoding morse at 'contest speed' so I use a morse decoder on the computer. There are moments it's a lot better at decoding a callsign at speed than I am, but sometimes I decode a serial number better than the computer does.

This also mean I do all of this in 'search and pounce' mode, where I look for stations calling CQ TEST at a signal quality where I can decode the callsign with help from the computer, and I can hear whether they get my callsign correctly.
Read the rest of I participated in the King of Spain CW contest

Tags: , ,
2022-05-23 Recente instabiliteit VDSL verbinding
Sinds donderdagochtend viel de VDSL een aantal keer uit. Dit begon vrijdag erg opvallend te worden omdat we toen thuis werkten, en midden in een vergadering met video valt het erg op als de Internet verbinding uitvalt, zelfs als het maar heel even is.

Ik dacht even dat het aan het weer lag, maar het uitvallen is begonnen voordat het heel slecht weer werd donderdagmiddag en vrijdagmiddag. Sinds zondag heel erg vroeg is het weer stabiel, dus het probleem lijkt zichzelf opgelost te hebben.

Alle instellingen om de verbinding zo snel mogelijk weer gestart te krijgen werken wel, de onderbrekingen zijn vrij kort.

Update 2022-05-23: De uitval is weer terug, na een stevige regenbui. Dit voorspelt vervelende problemen.

Update 2022-05-30: Zaterdag verbrak de verbinding ongeveer iedere 5 minuten. Dat leverde een onbruikbare situatie op. Ik ben eens begonnen met de kabel tussen ISRA punt en VDSL modem na te lopen en heb deze aan beide zijden eens opnieuw in de RJ11 socket geduwd. Daarna was het een stuk beter, er zijn nu nog maar een paar onderbrekingen per dag. Maar ik wil natuurlijk naar een verbinding die wekenlang stabiel blijft.

Tags: ,
2022-05-19 Uitval zonnepanelen door slecht weer
Vanmiddag aan het begin van de middag trok er een gebied met regenbuien en onweer over en dat zag ik echt terug aan de productie van de zonnepanelen. Het werd ook zo donker op dat moment dat ik het licht aan gedaan heb. Maar de zonnepanelen schakelden terug van productie naar slaapstand, wat ze normaal alleen doen na zonsondergang.

Wat me ook opviel is dat de frequentie van de netspanning inzakte tijdens deze periode, net alsof de productie in het net er ook even moeite mee had dat overdag de zon wegviel.

De grap was dat ik de afwasmachine geprogrammeerd had met het idee dat deze zou draaien op energie opgewekt door de zonnepanelen, door deze bewolking en regenbuien is dat plan niet gelukt. De twee pieken in energiegebruik van de afwasmachine vielen precies samen met donkere perioden.

Tags: ,
2022-05-18 A nice 10 meter opening to Italy, getting more WRTC stations in the log
Today when I had time to use the radio I noticed the 10 meter band was open. I had some nice contacts and saw II3WRTC on 10 meter FT8 and made the contact. II3WRTC is one of the WRTC 2022 Award stations and before today I had a lot of those in the log but none on the 10 meter band.

I changed this quickly with II3WRTC on 10 meter SSB too, II9WRTC on 10 meter CW and II3WRTC on 10 meter RTTY.

Tags: ,
2022-05-12 Generations of Netgear switches and interface names
In my time at Utrecht University computer science I wrote a script to search Cisco switches for a given ethernet address and respond with the port. This could be used to trace things on the network, which helped on incidents in progress.

This script was based on the typical things Cisco switches do with vlan CAM table lookups and the best implementation. CAM stands for Content Addressable Memory: memory optimized for doing lookups by certain content. In the case of a network switch a 6-byte MAC address plus 2-byte vlan id will be used to do a lookup of the 2-byte interface number where it was last seen, and this lookup is done in hardware.

This CAM table is accessible via SNMP, and the funny part is the MAC address for the lookup is also encoded as SNMP identifier. I could get the whole CAM table via snmpwalk but as I only want to lookup 1 MAC address it is way faster to go directly from MAC address to interface number. After that the interface number is translated to an interface name and that name is usually something recognizable to a network engineer.

When I started using managed switches at home from Netgear I adapted the script at home and enhanced it for Netgear switches.

I recently added a third netgear switch when upgrading the fiber to the shed and I updated the script to learn about the new switch.

I noticed the interface names are quite different over the generations of netgear switches.

The oldest switch is a Netgear GSM7224. The interface name from a query is "Unit: 1 Slot: 0 Port: 15 Gigabit - Level".

The second switch is a Netgear GS716Tv2. The interface name from a query is "Slot: 0 Port: 11 Gigabit - Level".

The newest switch is a Netgear GS310TP. The interface name from a query is "GigabitEthernet9".

The Unit: 1 in the GSM7224 suggests some option for stacking multiple switches, but I can't find any mention of that option in the on-line documentation.

The other fun part I notice is interface names never showing the fact that they are actually an SFP interface with an SFP in them. The port status for a port with an SFP is not different from the status for a copper cable at gigabit.

Tags: ,
2022-05-11 SolarEdge omvormers 'THROTTLING'
Na het aanpassen van het netwerk naar de schuur naar gigabit was ik natuurlijk ook de monitoring van de SolarEdge inverter met modbus/tcp aan het testen. En toen viel me even iets op, de inverter stond in mode THROTTLING en dat was me nog niet eerder opgevallen.

De uitvoer is dan
$ ./sunspec-status -v se-schuur -m 0
             Model: SolarEdge  SE2200
  Firmware version: 3.2537
     Serial Number: xxxxxxxx

            Status: THROTTLING

 Power Output (AC):          342 W
  Power Input (DC):          348 W
        Efficiency:        98.50 %
  Total Production:     3964.313 kWh
      Voltage (AC):       237.40 V (49.94 Hz)
      Current (AC):         1.53 A
      Voltage (DC):       378.80 V
      Current (DC):         0.92 A
       Temperature:        42.75 C (heatsink)
Ik kon niet vinden wat de reden was van het terugregelen van het uitgangsvermogen. Ik log nu wel de statuswaarde van de inverters om te zien of dit vaker voorkomt.

Update: Achteraf denk ik dat dit gekomen is omdat ik de omvormer in de schuur gereboot had om het juiste IPv4 adres te krijgen voor monitoring. Dit was op een best wel zonnig moment. Na de reboot was ik snel aan het testen of de modbus/tcp monitoring het deed naar het nieuwe adres, en de omvormer gaat niet in een klap voluit electriciteit leveren maar brengt dat langzaam op gang.

Tags: , ,
2022-05-11 The fiber to the shed network has been upgraded
I got around to doing the upgrade of the fiber to the shed network I had on my mind today.

A friendly network layer 1 engineer had some leftover Cisco SFP modules and the netgear GS310TP and netgear GS716Tv2 switches accepted these without any issue. So the layer 1 network link came up fine.

The layer 2 link with vlan support took me a few hours, somehow I managed to get confused with vlan tagging, vlan tagged only frames and the primary vlan id. I haven't done this in a while and I sort of copied the configuration from another port which may be less than optimal too. I had to run through the house a number of times to get the configuration right, wireless devices can't access the managed switches. At least I got the whole configuration working in the end. I think I can add other vlans to the link too (I want the option of a wireless access-point in the shed).

Putting the switch, the power supply for the switch, the raspberry Pi, the power injector for the 1-wire measurement network and all network cables and fiber in the plastic box I bought for this work was a bit of work, it just fits (so a wireless access point will have to live outside that box..). But it's all in there and the box is closed again. It's just not airtight anymore with the new holes for power, fiber, network cable, gps antenna cable and 1-wire network. I may need to stuff the holes with foam or something similar to keep insects from crawling into the box.

Everything works now and the measurements from the solar inverter are coming in!

Tags: ,
2022-05-09 Grafana alerts working again
After reverting to Grafana 8.4.7 for a while because alerts were failing in Grafana 8.5.0 I had a look at the available version today and saw version 8.5.2. I assumed the problem with DataSourceNoData errors was fixed by now and did the upgrade.

Indeed the alerts are seeing data fine now and I trust they will work when needed.

Tags: , ,
2022-05-08 Trip to Iceland day 15
Our flight was leaving Keflavik International airport at 07:40 so we wanted to walk through the door of the airport at 05:40 and return our car before that time. So the alarm went of at 05:00 and we put everything in the car and drove to the airport rental return area.

Hertz has a huge parking area for returning rental cars so we parked in that area and walked to the return office. The office was still closed so we dropped the key in the key return box and walked to the main airport building. There we used a luggage cart and went to the check-in for our flight back home. The check-in was a bit of waiting but nothing really bad. After check-in it was time to go through the security check and even with a bit of extra checking of our luggage we were past that point fast. We found ourselves in the main waiting area for departing flights with lots of time to spare, so we finally had time to eat some breakfast and get an extra fresh juice.

The flight back was fine, I decided to watch the film 'Rush Hour' from the entertainment system.

Back in the Netherlands temperatures were higher again! We took the train from Schiphol airport back to our house.

Tags: ,
2022-05-07 Trip to Iceland day 14
After breakfast we left the apartments and walked towards the center of the city and the main shopping street. Most of the shops were still closed in the morning. We changed plans a bit and visited the Reykjavík Park and Zoo which was more of a botanic garden.

We tried to hop on a bus to get there but that was the first time we actually needed cash money. Trying to get the app for the Reykjavik bus working with a Dutch credit card also did not work. So we had to get actual money from an ATM to pay for bus trips.

My wife and son went swimming for a while and we went back to the city center, now open.

We walked along Laugavegur, which is the main street of Reykjavik. We also visited the Hallgrimskirkja which is a magnificent church building. Several signs were there to remind the tourists that it was also a house of worship.

The only bit of train track in Iceland - KvdHout on flickr
The only bit of train track in Iceland
We visited the harbour in Reykjavik. It has a bit of traintrack and a locomotive which was used in building the harbour! I think that was the only bit of train track in Iceland.

For an early dinner we found a nice pizza restaurant on Laugavegur.

After dinner we returned to Keflavik. We had arranged another night at the Nupan de Luxe hotel. We set an early alarm because of our flight back the next day. We also packed our bags again with being on an airplane in mind, or rather going through the security check. It was also time to make sure the fuel tank of our rental car was filled completely before returning it the next morning.

Tags: ,
2022-05-06 Trip to Iceland day 13
We woke up in Eldhestar hotel and had breakfast. My wife and son had booked a horse ride for the afternoon, so we had some hours before that started and visited Hveragerði.

The area around Hveragerði has had several serious earthquakes. The library and shops building had an exhibition on the 2008 earthquake with pictures and stories from eyewitnesses. The building that this is all in has a scary detail of its own: during construction a huge crack in the earth was found right between the foundations. The decision was made to not build the 4 floor tower nearby and adapt the building to deal with earthquakes. Still the 2008 earthquake caused damage.

To the north-east of Hveragerði is an area with lots of geothermal activity which can be hiked easily.

Geothermal activity around Hveragerði - KvdHout on flickr
Geothermal activity around Hveragerði
We also visited the geothermal park inside Hveragerði. According to the descriptions some parts of this park have changed as a result of that 2008 earthquake.

In the afternoon was the horse ride. My son and wife had a great time with very easygoing Icelandic horses. I decided to drive to the coast and have a look there. It turned out this was a non-tourist area so the coast was just some harbour areas and industrial fish handling.

After all that it was a relatively short drive to Reykjavik. We wanted to visit the city the day after so we drove to our place to stay. We went from driving on the 2-lane ring road near Hveragerði to huge highways near Reykjavik. But with only 1 serious correction we managed to find our apartment: Stay Apartments Bolholt where we made dinner and went to bed somewhat early.

Tags: ,
2022-05-05 Trip to Iceland day 12
We left from Lækjaborgir Guesthouse and started driving along the ring road again.

We stopped in Vik for a visit to the local souvenir shop. When we visited Vik in 2006 it was very rainy and cold so we were looking for warm gloves. The gloves were found in a small shop. Between 2006 and 2022 this small shop was replaced by a huge store with all kinds of Iceland souvenirs. And they still had gloves, but we had brought our own.

Along the coast were some great views. The erosion of lava rocks is very interesting.

We stopped at Skógafoss Waterfall which is so high the last 50 meters before the fall you're already walking in a big spray. There is a path to climb to the top but we decided against it as it's quite high up.

We stopped at the Lava centre in the afternoon. The Lava centre has exhibitions around the very active volcanoes on Iceland including reports on the 'famous' Eyjafjallajökull eruption in 2010. Outside of Iceland it mainly made the news for causing massive disruption to air travel because of the ash that was in the air which made flying impossible. The Lava centre had the Iceland side of the experience which was with disruptions everywhere due to ash falling down all over, and people who looked out the window to see if the rumbling volcano had changed and seeing the first explosive eruptions.

The Lava centre has a lot of explanations on how volcanic eruptions work and how certain influences can change them completely. And it turned out the person behind the cash register in the entrance also had extensive knowledge of volcanoes so we chatted with them about our views.

The Lava centre also has an observation deck where you can see a few of the big volcanoes of Iceland in the distance. But due to rain and thick clouds there was nothing interesting visible.

Electricity pylon near Hveragerði - KvdHout on flickr
Electricity pylon near Hveragerði
In the afternoon we continued our drive and ended up at Eldhestar hotel. Yes we visited that hotel before. We wanted to get back there so my wife and son could go horseback riding the next day. The Eldhestar hotel is close to the city of Hveragerði so we drove over there for a nice dinner and an evening walk.

Tags: ,
2022-05-04 Trip to Iceland day 11
We had breakfast in the Framtíð Apartments cabin and got going again. The Framtíð hotel wasn't staffed very well as there wasn't someone available to return the cabin key. Eventually a cleaning person showed up and took our key.

This day was again going to be a long drive. The Iceland ring road is quite close to the Atlantic Ocean here in parts. The ring road is also close to the mountains and glaciers, there just is not a lot of space for the road here.

The weather was warmer and with a lot more sun than the day before. We were glad to have sunglasses while driving and on stops we could do with less layers.

Amfibious vehicle leaving Jökulsárlón Iceberg Lagoon - KvdHout on flickr
Amfibious vehicle leaving Jökulsárlón Iceberg Lagoon
Bridge between Jökulsárlón Iceberg Lagoon and the ocean - KvdHout on flickr
Bridge between Jökulsárlón Iceberg Lagoon and the ocean
Iceberg in Jökulsárlón Iceberg Lagoon - KvdHout on flickr
Iceberg in Jökulsárlón Iceberg Lagoon
Ice from Jökulsárlón Iceberg Lagoon - KvdHout on flickr
Ice from Jökulsárlón Iceberg Lagoon
Iceberg in Jökulsárlón Iceberg Lagoon - KvdHout on flickr
Iceberg in Jökulsárlón Iceberg Lagoon
The main attraction for the day was a visit to Jökulsárlón Iceberg Lagoon where we parked and got a ticket for a tour on the lake. After we got the ticket we walked around looking at all the beauty from the side. This is a lake filled with ice and water from glaciers on one side and the water flows out to the ocean on the other side. This water flow is quite strong, making me think about the amount of ice entering the lake. There are also seals in the lake. The underwater ledge between the lake and the ocean keeps all the predators out that hunt seals. That ledge is also the reason the bridge in the ring road over the water flowing out to see is not threatened by the ice. Icebergs with 90% of their volume under water first have to break and melt to small sizes to leave the lake.

The tour on the lake was with an amphibious vehicle, first driving a bit over land and entering the lake to continue as a boat. We had a guide who seemed to make a set of standard jokes on the tour and they were a bit predictable and not so funny. But the views were great and the information we got was fine. Eventually global warming will put an end to this lake as an attraction.

We also walked across the ring road to the 'diamond beach' which is a black beach with lava sand where the smaller blocks of ice land on the beach after floating through the Jökulsárlón channel.

Fjallsárlón glacier lake - KvdHout on flickr
Fjallsárlón glacier lake
After the tour we stopped at the Fjallsárlón glacier lake for coffee. That lake also had tours, but in big rafts with people in survival gear.

We passed the Skeiðará Bridge Monument on the ring road, which is where a glacier flood once took out the bridge in the ring road. When we visited in 2006, we had to cross the new bridge. This time I was really surprised, the whole Skeiðará one-lane Bridge has been replaced by the road next to the side of it. I guess the increased traffic made the one-lane bridge delay traffic too much and the cost of rebuilding the road when the glacier flood happens is lower than the cost of rebuilding the bridge.

Our place for the evening was Lækjaborgir Guesthouse. Like other places we had received an e-mail with a door code to get in after payment via and we never saw a person handling things. This was a studio apartment so there was one not too big room with table, a small kitchen and the beds.

For dinner we went to Fosshótel Núpar. In Iceland there are a lot of 'Fosshótel' places which doesn't mean they are using Free and Open Source Software, but Foss is Icelandic for waterfall.

Tags: ,
2022-05-03 Trip to Iceland day 10
Snow on our rental car - KvdHout on flickr
Snow on our rental car
When we looked out the window to get from the building where our room was to the building with the breakfast buffet we noted a fresh layer of snow had fallen. Everything was covered in snow, including our rental car.

For days we saw weather reports stating that there would be precipitation on this day, but we didn't expect it to be snow. Because of this weather forecast we planned to drive for a large part of the day and get to the eastern part of Iceland.

At breakfast it wasn't as busy as the day before, we saw only a few persons in the guesthouse.

After breakfast we started driving. After a while the snow returned, sometimes with hail. As the road got to higher elevations more snow started falling. Heaps of snow started to form on the road and we saw a few plow trucks trying to clear the road. Eventually snow dunes started to form and we had to slow down seriously to keep driving safely. It was very cloudy but with the completely white landscape due to the snow I used sunglasses while driving to see as much detail as possible.

We stopped at Rjúkandafoss waterfall where the cold had turned a lot of the spray into snow and ice. This helped for special views, but it was very cold and we took extra layers of clothing outside.

At one of the higher mountain passes we saw a house on the map right next to the road. We wondered who would build a house so far from the rest of civilization so close to the road, since most houses in the remote areas are far enough from the road, probably to reduce road noise. As we passed this house it turned out to be a refugee shelter in case you got trapped in a snowstorm or something, right on the edge of the road. We did not expect such a shelter next to a major road. I guess the weather can be really bad!

In the afternoon we stopped at Fossardalur waterfall and took some pictures there. This stop wasn't as cold as the earlier waterfall stop of the day. Interesting (to me) was an old bridge next to the road which looked like it was the original path of the ring road.

At the end of our drive we got into Djupivogur and we saw lots of caribou grazing on the local sports field. They migrate from coastal areas in winter to higher in the mountains in the summer, I guess the caribou thought winter was just ending. I agree there after the snow and hail. It was a big herd, with clearly a few large animals acting as leaders for the rest of them. We stayed at a safe distance, we weren't sure they might get annoyed if we got to close. Eventually they all moved on to other fields.

At the end of this drive we ended up at Framtíð Apartments, Djupivogur. This turned out to be a wooden cabin near Framtíð hotel (we had to pick up the keys at the hotel). The cabin wasn't isolated very well so I was glad there was heating in the main area. It turned out the heater in the bathroom wasn't working so it stayed very cold there. I reported this problem to the front desk and they brought an electric heater to solved this problem. The cabin did have a great view of the harbour at Djupivogur.

We had dinner at the Framtíð Hotel. Our cabin had a bedroom with two beds and a sofa bed in the living room. But that did mean we had to 'build' the bed in the evening and revert it to a sofa before breakfast the next day.

Tags: ,
2022-05-02 Trip to Iceland day 9
First we had breakfast at the guesthouse, which was included. It was reasonably busy at the breakfast and we chatted with some tourists from the United States of America who turned out to be from the city of Las Vegas in Nevada. When they asked if I had ever been in Las Vegas I told of my red-eye flight in the US in 1997 between Michigan and San Fransisco where I had a stopover in Las Vegas in the middle of the night and the daylight saving time in the US started during walking around the airport in Las Vegas which was very weird. And even in the Las Vegas airport you can gamble! It's fun to recall old travel stories.

We left for a daytrip from Eldá Guesthouse, Reykjahlið for a drive around Myvatn, the mosquito lake, and surrounding areas. Beforehand we thought we would maybe rent bicycles to get around Myvatn but with temperatures around 0 degrees Celcius it was too cold for that option so we stuck to the rental car.

Our first visit was to Krafla Power Plant which is a huge geothermal energy based power plant. The use of geothermal energy means they do vent some sulfuric acid gasses all the time. So we drove on the road through the powerplant with the windows closed and the ventilation set close to the outside world and we only stopped on a viewpoint high above the powerplant where you don't smell it that much.

Icy rope in Krafla Lava Fields - KvdHout on flickr
Icy rope in Krafla Lava Fields
Krafla Lava Fields - KvdHout on flickr
Krafla Lava Fields
After that we stopped at the Krafla Lava Fields. Those were still partially covered in snow. We saw areas with a thick layer of snow and areas with steam coming out of small cracks close together, which looks strange when you're not used to living in a geothermally active area. Some of the sand-coloured rocks in the area had black surfaces, which is for as far as I know due to bacteria living in the hot steam!

In the afternoon we walked in an area with very special volcanic rock formations. This area had walking paths, including one for experienced walkers. On the tourist scale we seemed to be experienced walkers with mountain shoes, so we were able to leave the paved walking paths and walk the more interesting paths.

In the evening we made dinner in the kitchen available in the guesthouse.

Tags: ,
2022-05-01 Trip to Iceland day 8
We left from Sunnuhlid houses apartments. There is a toll tunnel in the ringroad from the Akureyri bay to the east but Sunnuhlid houses is so far to the North it is easier to take the old route around the mountain. We could see why the tunnel was built: the old route was a high and winding route through the mountains, which could be difficult to keep open in winter conditions.

Húsavík parking lot with Mylady Landy - KvdHout on flickr
Húsavík parking lot with Mylady Landy
We went along the roads to Húsavík and stopped there for some shopping. In the parking lot of the supermarket I saw a Land Rover Defender with Dutch license plates and had a look at it. A man showed up who turned out to be with the Defender so I complimented him on the nice vehicle and we had a chat. He was there on a longer visit to Iceland and had seen even more types of weather than we had until that moment: from serious freezing temperatures to sunny and hot days. They came over on the ferry to Iceland. If you have more time the ferry Denmark / Faroe Islands / Iceland is the way to get there, but the complete trip to these three places is about a week of travel time.

The owners of the Land Rover Defender also maintain a website with stories, pictures and videos of their trips: Milady Landy.

Northernmost point on our trip - KvdHout on flickr
Northernmost point on our trip
On road 85 we came to the Northernmost place on our trip so we stopped for a picture and a screenshot of the GPS. North 66 degree 12.0852 minutes West 17 degrees 02.8633 minutes.

We drove to the Ásbyrgi Visitor Centre where we got an explanation about the very special area there, now filled with waterfalls. This area looks like a huge trench in the landscape, created by a massive flood from a glacier flood event hundreds of years ago. People made rope bridges over big obstacles in the landscape to get goods from one place to the other.

Low temperatures near Ásbyrgi - KvdHout on flickr
Low temperatures near Ásbyrgi
We drove to Ásbyrgi itself which is a park with some lakes and forested areas. It was getting colder, we had to put on an extra layer and walk through snow. We stopped for lunch on the way back out of Ásbyrgi and the road information sign outside on the 85 road was showing -2 degrees Celcius temperature. Lunch options were somewhat limited, the first of May is a holiday in Iceland.

We went South along road 862 and visited some of the waterfalls, Hafragilsfoss, Dettifoss and Selfoss. Those are big waterfalls with large open areas and it was windy, so it was really cold!

We arrived at Eldá Guesthouse, Reykjahlið in the afternoon where we booked for two nights. For dinner we went to a nearby pizza restaurant: Daddi's Pizza which had a nice selection of pizza. I drank a beer from Einstök Beer Co. because I remembered that name from the Reykjavik grapevine youtube channel we followed to see the latest on the eruption of the Fagradalsfjall volcano in 2021.

Weather conditions changed a lot during the day: we started with sunny weather near Akureyri but we ended with freezing temperatures.

Tags: ,
2022-04-30 Trip to Iceland day 7
After breakfast we went on a lazy visit to Akureyri. We walked a bit around the city and my wife and son went to the Akureyri Swimming Pool. I walked around town a bit. I soon noticed a big antenna setup on a house suggesting I found the home of a radio amateur. I later confirmed this.

Nice design for an electricity substation in Akureyri - KvdHout on flickr
Nice design for an electricity substation in Akureyri
It was a nice and sunny day so walking around Akureyri was really nice. I walked a bit in the direction of the mountains and later along the harbour. It was a bit too early in the season for lots of activity on the water. The flags about the winter sport area in Akureyri were still up. When we asked about it the tourist information told us the wintersport resort had just closed the slopes one week earlier. Even with the sun and the nice temperatures we could see lots of snow on the higher mountains. The end of the wintersport season was also visible in another way: we saw quite a number of snowmobiles being moved on trailers.

Evening over the bay at Akureyri - KvdHout on flickr
Evening over the bay at Akureyri
In the afternoon we picked up some groceries at a supermarket in Akureyri and went back to the apartment at the other side of the bay and made and had dinner in the apartment and enjoyed an evening with great views.

Tags: ,
2022-04-29 Trip to Iceland day 6
After a second night in the Sauðafell Guesthouse it was time for breakfast. We talked a bit with Berglind around breakfast and she told us she has several guests who returned after earlier visits. We immediately understood why people want to return to Sauðafell Guesthouse, it is a wonderful place, great views, nice location for several trips and a great hostess.

Sign einbreið brú - KvdHout on flickr
Sign einbreið brú
Einbreið brú (single lane bridge) with gravel road - KvdHout on flickr
Einbreið brú (single lane bridge) with gravel road
Iceland road sign einbreið brú for a one-lane bridge We were planning to go to Akureyri this day. This was partly over unpaved roads with gravel. We both had the idea to take a picture of a gravel road with an 'einbreið brú' sign and bridge. People who drive in Iceland will soon learn about the 'einbreið brú' or one lane bridge. While driving on one of the gravel roads we indeed saw this scene as expected and stopped to take that picture. This is our idea of 'peak Iceland'.

Officially you are not allowed to stop on the road for pictures, you always have to park in a safe spot and assume other traffic may show up. We saw no other traffic at all.

Our place for the night was an apartment on the other side of the bay where Akureyri is. So we had to drive through Akureyri and took our time to shop for our evening meal and breakfast, and we walked around the city centre. We found it very amusing there was a car with license plate 'MARIA' parked near a church.

We even came to the town square we remembered from our visit in 2006. Back in 2006 we were on an evening walk in Akureyri and on that town square we saw the way young people have fun on a Friday evening in Akureyri: they get a big fourwheel drive car and drive in circles through the city while playing music on the car stereo and looking at the other cars and the people in those cars. As we went to our apartment at the end of the afternoon we weren't able to see whether the local youth still does this.

We arrived in the Sunnuhlid houses apartments and after having dinner we enjoyed a magnificent view over the bay near Akureyri. With the distance from Akureyri it was good to have done shopping for dinner.

Tags: ,
2022-04-28 Trip to Iceland day 5
We woke up at the time arranged for breakfast and our friendly hostess Berglind from Sauðafell Guesthouse ( link) was busy making breakfast available for us. When we told her we wanted to visit the Snæfellsnes peninsula she explained about places to visit and things to see on and around Snæfellsnes peninsula.

Birds nesting around Snæfellsnes peninsula - KvdHout on flickr
Birds nesting around Snæfellsnes peninsula
Parts of this peninsula have cliff coasts where birds nest in the cliff rocks in the weirdest corners. We visited several of these cliffs which had viewing platforms allowing safe viewing by visitors without disturbing the birds. Although most of the birds seemed aggressive enough to fend for themselves and capable of letting people know when they got too close.

This coast is also dangerous for ships so we saw several lighthouses and remains of ships that got wrecked on this coast in the last century.

Driving along the coast of Snæfellsnes we passed the village of Hellissandur where I noticed a huge tower, the Hellissandur longwave radio mast which is the antenna for the RÚV program on 189 kHz. I'm the kind of person to note things like this! The building for the transmitter had the RÚV name in big letters on it.

At Svöðufoss waterfall drones are also forbidden - KvdHout on flickr
At Svöðufoss waterfall drones are also forbidden
Svöðufoss waterfall - KvdHout on flickr
Svöðufoss waterfall
Snæfellsjökull with snow cover - KvdHout on flickr
Snæfellsjökull with snow cover
Snæfellsnes is also known for having Snæfellsjökull, a glacier in a national park. We didn't visit the glacier but we did stop at Svöðufoss waterfall where we were able to take pictures of the Svöðufoss waterfall with Snæfellsjökull behind it. It was great weather for pictures and warm enough to be outside with just a jacket.

Kirkjufellsfoss waterfall - KvdHout on flickr
Kirkjufellsfoss waterfall
Kirkjufellsfoss waterfall - KvdHout on flickr
Kirkjufellsfoss waterfall
We went on and also stopped at Kirkjufellsfoss waterfall which was again very nice to look at.

For dinner we went to Stykkishólmur where we found Narfeyrarstofa restaurant which had really nice food and drinks.

After dinner we returned to the guesthouse and enjoyed the majestic view.

Tags: ,
2022-04-27 Trip to Iceland day 4
We woke up in the Hótel Laxárbakki and made breakfast. After breakfast we packed our stuff and got going again.

Our main activity for the day was a visit to The Cave which is an underground lava tunnel.

We read the description of how to get to the cave and this was 'follow route X and follow signs to the cave'. The detail was that 'follow signs to the cave' was over quite a length of winding and not very wide gravel road so we were happy to have a four-wheel drive car. There were some steep grades in the gravel road which made driving interesting, especially with an automatic transmission. Thankfully this was an automatic transmission with an override so we could keep it in the same gear on a steep downhill.

We were greeted at The Cave by our guide who was a geology student from England. He was very good at explaining everything and answering questions from the people in the group. His level of knowledge was clearly far above the standard explanation of everything, but he was good at explaining things at multiple levels. This made for a very interesting tour with lots of nice details.

It was quite cold in the cave. There was snow in the opening and cold air from outside flows in. The opening is a collapsed part of the lava with stairs to get from the surface to inside the tunnel. If the collapse hadn't been there or hadn't been in just one place this lava tunnel would not have been open for visitors.

After the opening came a few turns and a part where the floor of the tunnel rose to quite close to the ceiling. The effect was that all moisture in the cold air formed interesting ice sculptures in this part, and there was almost no ice after this point.

At the far end of our tour into the tunnel was a viewing platform. The tunnel continues but without walkways and lighting, so the rest of the tunnel is only available to researchers. Our guide turned off the light for a few moments so we could see how dark it really is inside the earth.

On the return trip through the tunnel we saw the next group come in. The two group guides keep contact via radio to make sure the groups pass in a safe location.

After the tour we had a late lunch and went on. We visited Barnafossar falls which are very special: due to the volcanic terrain an entire waterfall grows out of the side of the mountain. The water gets into the lava easily since lava is very porous and at the side of the lava near the river there is just water flowing out of it at all levels, creating a wild river. With the explanation how this is possible from our visit to The Cave this was a nice place to visit and see for ourselves how nature and recent geological history interact here.

Our place to stay for the evening was Sauðafell Guesthouse ( link) which is a renovated 19th century farm house. The house is in a valley with one neighbouring house visible, but at a distance too far for walking. The other neighbours are further away, one in the next valley and one across the river.

This guesthouse is on an active sheep farm. So farm life continues during your stay and it's a great way to experience daily life on a farm in Iceland.

We were greeted by the very friendly hostess Berglind and she directly assumed we drove over the paved road to get to the guesthouse because our white car was still white. The other nearby road is a gravel road and with some rain in the air and dust from the road white cars don't stay white.

In the evening we cooked our own dinner in the kitchen and cleaned up afterwards. The guesthouse has a nice kitchen and living room for all the guests. We decided to stay two nights so we could drive around Snæfellsnes peninsula the next day and return to the guesthouse the next evening.

For an evening walk we walked up the hill next to the guesthouse. Eventually we ended up at a height of about 343 meters with a great view all around.

Tags: ,
2022-04-26 Trip to Iceland day 3
We woke up in the Eldhestar Hotel, had breakfast there and packed our belongings to keep going.

Strokkur geyser - KvdHout on flickr
Strokkur geyser
Geysir area - KvdHout on flickr
Geysir area
Our plans for this day were a few of the 'standard' tourist attractions of Iceland: first the geysers at Geysir where the 'original' geyser named Geysir isn't very active but the next one Strokkur is active with large eruptions of boiling water. Strokkur erupts every 6 to 10 minutes, which is very tourist friendly. This is all part of an area with high geothermal activity, so there are also other hot springs and pools with boiling mud. Since this is a huge tourist attraction there is also a gift shop and restaurant nearby. I was used to signs asking you to not continue on outside shoes in Iceland, but the door to this gift shop and restaurant had a request to not walk in with crampons. I would consider it a very bad idea to walk anywhere without snow on crampons, but maybe other people didn't consider this.

For lunch we stopped at a campsite that was officially closed. It was a field with a small wooden building with a covered table. The only thing that made it look 'closed' to us was the fact that the doors of the toilets on the other side of the wooden building were locked. Otherwise it was a very minimalist camping with just a field and a toilet building and a table. No power outlets, no swimming pool. I assumed there was a place with clean drinking water but I didn't see it.

Drones are forbidden at Gullfoss waterfall - KvdHout on flickr
Drones are forbidden at Gullfoss waterfall
Gullfoss waterfall - KvdHout on flickr
Gullfoss waterfall
The other attraction in that area is Gullfoss waterfall which is a very big waterfall. Being there in the month of April was a bit early so it was quite chilly. The view at Gullfoss is amazing. To make sure everybody gets to enjoy views like Gullfoss waterfall and Strokkur geyser there were signs forbidding drones. I agree with forbidding drones at places like this. First of all drones make a really annoying sound. There is a reason drone video never has original sound: you don't want that sound, it's just a high-pitch whine. And the second reason to forbid drones at a site like this: there are lots of ways for drones to crash in a place like this. And having the natural beauty of a place like a huge waterfall or a geyser spoiled by heaps of drone remains would be annoying too.

Huge trucks in Iceland - KvdHout on flickr
Huge trucks in Iceland
Huge trucks in Iceland - KvdHout on flickr
Huge trucks in Iceland
The parking lot at Gullfoss had a number of big four-wheel drive or eight-wheel drive cars with special installations for driving on rough terrain. Those probably drive tourists around Iceland and mostly stay on roads!

Waterfall at Þingvellir - KvdHout on flickr
Waterfall at Þingvellir
We also visited the Þingvellir which is now a national park. It was the site where the parliament of Iceland came together every year from 930 until 1798. It's a valley and it's directly on the Mid-Atlantic Ridge so you can see Europe and North-America drift apart. It's both a historic site and some beautiful nature. There is a path to walk along the Mid-Atlantic Ridge and in some parts there are walkways over it because the ground keeps subsiding.

After all this we drove on to our hotel for the evening: Hótel Laxárbakki which is on the ring road. This was more of an apartment with a small kitchen than a 'hotel' room but we got used to this in Iceland. We had dinner in the hotel and had a nice evening walk along the river that flows right besides the hotel. The ring road was now two lanes over a bridge, but the old one lane bridge Einbreid brú was still standing. But it looked too old and unmaintained to walk over it so we just had a look at it.

Tags: ,
2022-04-25 Trip to Iceland day 2
We woke up in our nice hotel and my wife took the car to get things for breakfast. This sounds completely strange for someone living in the Netherlands but Iceland has a bit of urban sprawl so bigger supermarkets are located on the outskirts of cities and the distance between our hotel and a reasonable supermarket was a bit too far for walking. The hotel had no own breakfast options, but they did have a room with a toaster, an electric kettle, plates, cutlery so enough place to make our own breakfast.

There was a bit of shelf space with a sign 'leave something, take something' which reminded me a lot of a hiker box as described in the stories I have read about hiking on long-distance trails like the Appalachian Trail. This hiker box had one thing I was interested in: instant coffee. I like some coffee after breakfast in the morning and this was my option to get something resembling coffee.

After breakfast we packed our bags and left. We re-packed a few things because we went from 'packing for in an airplane' to 'packing for day-trips' so the pocket knife could be somewhere ready for use and the hiking poles were unpacked and put in an easy to reach place in the car.

Our main plan for the day was to visit the Fagradalsfjall volcano. This volcano erupted during 2021 and this was one of our main reasons for visiting Iceland again.

We wanted to visit this volcano either in the first few days or in the last few days of our stay in Iceland. The weather forecast for this day was really nice so we planned it this way. And the weather was indeed nice and sunny.

Fagradalsfjall volcano - KvdHout on Flickr
Fagradalsfjall volcano
This is a very visitor-friendly volcano: it is about an hour driving from the Reykjavik / Keflavik area, it has nearby car parking and after that it is a relatively short walk to get to an area with volcanic activity. We saw no hot lava streams but a very large area covered with lava cooling down. Smoke plumes and some burning vegetation showed that the lava was still warm and hot in some places. We hiked the main path along the lava flow which went mostly up and gave great views of the lava field. Eventually we reached a point with a good overview of the place where the eruption happened. Somewhat further there was also a place where we could get to the edge of the lava and touch it. The solidified lava still felt warmer than the surrounding area.

Fresh lava has interesting qualities. It has very sharp edges and with the lava exposed to the air solidifying first there are usually tunnels inside fresh lava, leading to collapses. Two good reasons not to walk on the lava, it can be dangerous.

Lava at the edge of the eruption of Fagradalsfjall volcano - KvdHout on Flickr
Lava at the edge of the eruption of Fagradalsfjall volcano
The car park had paid parking. But in a very icelandic way: there were signs with a QR code for a parking website where you just entered your license plate details and the type of car and paid online with a creditcard. This is not a problem at all because mobile coverage including data in Iceland is very good and they are used to paying almost everything with debitcard or creditcard.

While walking the path along the volcano I noticed I recognized certain views from the videos we watched while following the news about the eruption. It's funny to recognize a remote area from videos watched at home on the couch. The views were amazing, especially with the nice weather and I came to the conclusion that this kind of spectacular view of pure nature and geology was exactly why I came to Iceland.

Hveradalir Geothermal Area - KvdHout on Flickr
Hveradalir Geothermal Area
After the visit to the volcano we drove in the direction of our hotel for the evening. We made a stop at Hveradalir Geothermal Area which is an area where the geothermal activity is easy to visit. This includes the smell that comes from hot sulfur exposed to water and air. This is the same as the smell from rotten eggs so you have to endure this to get a good view of this special area.

The hotel was Hotel Eldhestar. The drive was partly along the Iceland ring road (road number 1) which was in the process of being upgraded to 4 lanes with a median in some areas. This was quite a change from what we remembered from driving on the ring road in 2006. At the hotel we also had dinner. One feature we liked about this hotel is the hottub: we soaked in it for a while after dinner.

Tags: ,
2022-04-24 Trip to Iceland day 1
We filled the two week holiday in April/May with a trip to Iceland. My wife and I have visited Iceland before, and this time our son visited Iceland for the first time in his life.

The first day was filled with the interesting project of getting to Iceland. Because we didn't want to add days of sitting on a ferry to the trip we booked tickets with Iceland airways and rented a car to pick up and return at Keflavik airport.

Our plans for Iceland were a general idea to drive the ring road also known as route 1, beginning with going North from the Keflavik/Reykjavik area and generally keeping to the ring road in clockwise direction.

The easy way to get to Schiphol airport is by train. Our flight was leaving at 14:10. This Sunday was right after the first problems on Saturday with long waiting times at Schiphol so we made sure to be really on time So we had breakfast and left after that. Train connections worked as planned.

We just had to drag the luggage from the house to the station and in most other places luggage carts were available. We had two duffel bags with us, and payed the fee for the luggage with our booking.

At Schiphol we searched for our check-in desk and saw it behind a long line of people. The mood in the line was positive and we slowly moved towards the check-in desk where our luggage was accepted swiftly. The next line was for the security checks (I could write a huge rant about this security theater) which was long. It's almost an "Efteling" experience with "there is a waiting time of 40 minutes from here" signs. Eventually we made it through the checks and the people manning the security checks weren't too grumpy this time. By the time we were at the security checkpoint our water bottles were empty and we refilled them after the checkpoint.

After the security check and long distances walking through hallways in Schiphol we had about 20 minutes left before boarding the flight started.

Boarding was fine. We had seats really far in the back of the plane but I was able to get my legs in the space available. The unexpected bit to me was that the seatback in front of me had an entertainment screen. I expected those screens to only be available on longer flights. So I came prepared for the flight with new books on my e-reader but I also was able to watch some episodes of The Muppets a series I didn't know existed!

The flight was fine. The interesting change was from around 22 degrees Celcius in the Netherlands to about 14 degrees Celcius in Keflavik! So it was chilly when we got out of the plane. We picked up our luggage and .. took it easy. We expected more delays in the airport so we had the pickup of our rental car planned for later in the afternoon. This means we had some time left before we wanted to get in line for the desk at the rental car company. We used that time to sit down and get something from Joe & The Juice at the airport.

Eventually the time came to get moving. We walked over to the Hertz rental desk and everything was prepared for the car rental. We booked a "Skoda Octavia with all-wheel-drive or comparable car" in advance and they had a Toyota RAV-4 automatic with all-wheel-drive available for us. Which was fine with us. Everything was organized perfect so we showed drivers licenses, added the second driver and insurance against broken windows and got the extended instructions on driving in Iceland. Keep the maximum speed, switch on the headlights and taillights when driving and make sure to arrange payment for the toll-tunnel on the Iceland ringroad beforehand because the rental company adds a serious fee when they get billed.

We walked with our luggage to the car. It had one feature that took a bit of getting used to: an automatic rear door which wanted to be opened and closed with button presses.

We had a room arranged for the first night in Keflavik in the Hotel Núpan Deluxe. It was easy to find in Keflavik and we checked ourselves in. We found a nice restaurant Kaffi Duus with a good view of the harbour of Keflavik.

In the evening we walked along the main street of Keflavik to get an idea of the place and see the options for getting something for breakfast the next morning. Temperatures were really lower than we were used to in the Netherlands so we made sure to wear extra layers!

Tags: ,
2022-04-23 New country in amateur radio: Iran
A notable and rare country in the log today: Iran. I've seen Iranian calls on the air a few times but it is rare. Today I saw EP2C on the air in FT8 in the 17 meter band and got the contact.

Confirming it is the next step: they have a QSL manager so I'll have to pay a few euros to get a paper card. Although the call seems active on Logbook of The World.

Tags: , ,
2022-04-23 Grafana alerts failing in 8.5.0
I installed Grafana from their debian repository, so I get updates via the normal apt update / apt dist-upgrade process. Since upgrading to version 8.5.0 the alerts were all firing because of 'DatasourceNoData' errors. According to Alert Rule returned no data (after upgrade to 8.5.0) #48128 other people are seeing this too.

For now I downgraded to version 8.4.7 where things work fine and I'll see if a newer version shows up.

Tags: , ,
2022-04-20 I passed the morse exam in Belgium
In October 2018 a morse course started at my local radio club under the leadership of Ab PA5ABW. Around March 2020 the people still going strong practising morse thought they had a chance of passing the morse exam in Belgium. But that pandemic happened, borders closed and gatherings of radio amateurs were impossible.

Why go to Belgium? The Dutch telecommunications authority does note whether you have 'CW included' or 'CW not included' but there is no exam possibility in the Netherlands. So in the past doing the exam in Belgium, presenting the certificate to the Belgian telecommunications authorities to get it converted to a certificate the Dutch authoritities accepted and converting that certificate to a Dutch 'CW included' note was the way.

When there was an option of a Morse exam in April 2022 in Belgium again there was a note the Belgian telecommunications authorities were not willing to do the 'conversion' for foreign radio amateurs who weren't living in Belgium. This seemed to kill the route to get the much coveted 'CW included'. After writing an article about this a suggestion came to 'skip' the Belgian telecommunications authorities and present the Belgian certificate to the Dutch telecommunications authorities. Later there was news from the Veron amateur club: Morse examen doen in België voor een ‘CW included’ aantekening kan nog steeds with a statement from Agentschap Telecom (Dutch telecommunications authorities) stating they would accept the certificate from the UBA club in Belgium at this time.

So when that became an option we registered for the exam in Belgium and kept practising. Personally I had to change to using actual pen and paper and not a keyboard because the exam would be using paper!

Between October 2018 and April 2022 we practised for about three and a half years. That means I practised morse in one way or the other for almost every day of the week.

The three of us went to Diest last Monday and all passed the test. On Tuesday I sent scans of all the needed documents to Agentschap Telecom to get those three letters removed from the amateur radio license document, going from "CW not included" to "CW included".

Tags: ,
2022-04-13 First IPv6 sightings at work
Years and years after writing proposals to start doing something with IPv6 at work I noticed the first systems actually having IPv6 connectivity in production networks.

Finally getting there! I wonder when workstations will start having IPv6 connectivity.

Tags: , ,
2022-04-10 A contact with a Brazilian radio amateur in morse on the 10 meter band
As noted before Brazil was a rare country for me on 10 meter until a few weeks ago but it got easier to get those contacts with the 10 meter band getting better due to the changing sunspot cycle. I changed this even more yesterday with a morse contact with PY2ZEA on the 10 meter band. I heard him calling and getting a lot of short contacts into Europe. At first the signal started fading into the noise but about 20 minutes later it came back slowly and with more calling cq for new contacts.

I gave it a try and on the second attempt he got my call correctly and we exchanged some messages. More than just a signal report and a call, I told in morse that this was my first morse contact into Brazil.

Tags: , ,
2022-04-06 I participated in the EA RTTY contest 2022 last weekend
RTTY Contest on websdr Last weekend was the EA RTTY Contest 2022 edition. At the last moment I decided to participate because I appreciate the contests organized by the Unión de Radioaficionados Españoles.

Conditions were good: I made contacts on the 20 meter amateur band Saturday afternoon, on the 40 meter amateur band Saturday evening and even got contacts on the 10 meter amateur band on Sunday morning. Hasn't happened a lot in the last few years: contest contacts on the 10 meter band. Including a contact with a station in Brazil which was a bit remarkable: I had my first contact with Brazil on the 10 meter band only 2 weeks earlier! For most Dutch amateurs Brazil is 'easy' DX, but my antenna points mostly to the East / South.

In the end I made 135 contacts which is a nice score for this contest.
Read the rest of I participated in the EA RTTY contest 2022 last weekend

Tags: , , ,
2022-04-01 Mention of my igate
In 2020 I built an igate: a device for receiving status packets on amateur frequencies and got it succesfully receiving packets and publishing them to the APRS network.

Since then the hardware has been in a corner of the radio shack receiving packets, building a good coverage of received packets and doing fine.

Today I noticed in Razzies April 2022 a Dutch-language electronic magazine of the Radio Amateurs Zoetermeer a nice mention of 'my' igate:
De enige gateway die dapper stand houdt is PE4KH-10: nota bene een iGate naar ontwerp van onze club: een RAZ iGate...
or translated: the only gateway still standing strong is PE4KH-10: notably an igate made to the design from our club: a RAZ igate.

It's nice to get this mention! The hardware is in the corner of the shack just doing its job and nothing else.

Tags: , ,
2022-04-01 Sneeuw op de zonnepanelen
Gisteren en vandaag zijn dagen met sneeuw. Een van de gevolgen is dat er ook sneeuw ligt op de zonnepanelen. En dat heeft duidelijke gevolgen voor de opbrengst.

Wat als eerste opvalt is 31 maart, een enigzins donkere dag met wat natte sneeuw in 's ochtends vroeg. De opbrengst van die dag is ongeveer net zo laag als 1 maart. In de tussentijd zijn er in maart veel dagen geweest met een goede opbrengst van de zonnepanelen.

En nu vandaag 1 april heeft het in de avond en nacht gesneeuwd en blijft die sneeuw liggen op de panelen. Dan komt er erg weinig licht door! Pas om 12:00 begon er iets uit de omvormers te komen.

Tags: , ,
2022-03-26 SPF/DKIM/DMARC and mailing lists
One of the founding forms of information exchange and community building on the Internet is the mailing list. A subscriber sends mail to a central mail address and the mail gets redistributed to all members.

As this mechanism has been abused by spammers in lots of ways there has been a lot of work in stopping unwanted mail being distributed by mailing lists.

There has also been a lot of work in publishing the official way in which outgoing mail from organizations is handled: Sender Policy Framework (SPF), documenting the sources from which e-mail can be send, DomainKeys Identified Mail (DKIM) for signing outgoing mail headers and body and Domain-based Message Authentication, Reporting and Conformance (DMARC) for publishing the policies for mails that fail SPF/DKIM and reporting on those. The way mailing lists forward mail isn't really compatible with SPF and DKIM. There is a 'new' source of mail from the original sender and some headers are changed/added when forwarding it with mailing list software.

Yesterday I sent something to a mailing list from an address and this morning I see a number of dmarc reports with failures, because the mailing list server isn't authorised to send on behalf of So maybe some people on this mailing list haven't received my reply. In the long run lots of SPF errors from this IP could also hurt its 'reputation score' for outgoing e-mail. Some mailing lists 'fix' this by not allowing domains with strict spf/dmarc policies, others go through interesting adjustments with 'sent on behalf of'.

I have no simple solution for this, I see an example of security measures breaking an existing use case, for which adjustments may have to be made.

Update: The general approach here seems to be 'sender rewriting'. Recently updated mailing list software should support this. But it depends on the mailing list owner to check the settings and update the software.

Tags: , ,
2022-03-18 Using grafana for alerting too
I've been playing with grafana for about a year since starting with updating my statistics gathering and I keep seeing new options and updates in grafana.

Grafana recently got some new options for alerting and I am trying a few of those. Alerts for things that are a real problem and can cause other problems are a good start. Based on some earlier problems I keep an eye on some filesystems that are over 90% full.

Today I read Three DDoS attacks on my personal website found via Three DDoS attacks on my personal website : r/homelab reddit and this made me wonder about overloads on my webserver. The easiest way to detect problems with web serving I could think of is to look at the queue size in haproxy which is monitored in influxdb/grafana anyway for nice graphs of website traffic.

I did have a time with too high queues for backend webservers. But that was when the backend server was completely broken due to a filesystem problem so that was a logical reason.

It would be nice if I could iterate alerts, like 'for the root filesystem of every monitored system'. Or at least copy them changing only the system name in the rules and alerts.

Tags: ,
2022-03-10 Dear linux kernel, I know what I want with nomodeset
Just noted on bootup of a virtual machine:
Mar 10 19:42:14 turing kernel: [    0.181861] You have booted with nomodeset. This means your GPU drivers are DISABLED
Mar 10 19:42:14 turing kernel: [    0.181862] Any video related functionality will be severely degraded, and you may not even be able to suspend the system properly
Mar 10 19:42:14 turing kernel: [    0.181862] Unless you actually understand what nomodeset does, you should reboot without enabling it
It's a virtual machine which does server tasks. Anything more than 80x25 VGA text mode is pure overkill. It's currently the default card in qemu (Cirrus CLGD 5446 PCI VGA card), I could try the virtio VGA card to see if that saves on memory/cpu.

Tags: , ,
2022-03-05 SMTP auth bruteforce attacks seen
Cybercriminal In checking recent logs I noticed several tries to find SMTP authentication credentials. Most notably is that anything that vaguely resembles something that might be an SMTP account is tried. Including plussed e-mail addresses and information from SIP urls.
Mar  5 14:12:09 gosper saslauthd[16336]:                 : auth failure: [user=8006] [service=smtp] [] [mech=pam] [reason=PAM auth error]
Mar  5 17:15:00 gosper saslauthd[16339]:                 : auth failure: [user=koos+web] [service=smtp] [] [mech=pam] [reason=PAM auth error]
Mar  5 18:08:04 gosper saslauthd[16339]:                 : auth failure: [user=belspel] [service=smtp] [] [mech=pam] [reason=PAM auth error]

Tags: ,
2022-02-25 Why the wifi in the shed is probably unreliable
I used the raspberry pi in the shed to do a wifi scan, to get an idea of the usage of the 2.4 GHz wifi band as seen in the shed.

This finds 18 to 22 networks, with our own network not as the strongest network. As you can imagine most channels have multiple networks on them. And the overlap in wifi channels makes this worse: the networks on channel 2 see interference from those on channel 1.

From the list of networks, with names and address information removed, just leaving signal strength and channel / frequency:
-93 dBm, ch   1, 2412 MHz
-91 dBm, ch   1, 2412 MHz
-92 dBm, ch   1, 2412 MHz
-72 dBm, ch   1, 2412 MHz
-92 dBm, ch   1, 2412 MHz
-88 dBm, ch   1, 2412 MHz
-92 dBm, ch   1, 2412 MHz
-91 dBm, ch   2, 2417 MHz
-80 dBm, ch   2, 2417 MHz
-90 dBm, ch   3, 2422 MHz
-94 dBm, ch   4, 2427 MHz
-93 dBm, ch   5, 2432 MHz
-94 dBm, ch   5, 2432 MHz
-80 dBm, ch   6, 2437 MHz
-94 dBm, ch   8, 2447 MHz
-95 dBm, ch   8, 2447 MHz
-94 dBm, ch   9, 2452 MHz
-95 dBm, ch   9, 2452 MHz
-77 dBm, ch  10, 2457 MHz
-84 dBm, ch  11, 2462 MHz
-93 dBm, ch  11, 2462 MHz
This is a right mess. If I ever want reliable wifi in the back garden/shed I will have to have an extra access-point there. This option of having wireless vlan(s) available in the shed has influenced the choice in switch for the shed.

Tags: , ,
2022-02-25 Fraudepoging "Vergeet niet binnen 2 dagen je belasting te betalen!"
Cybercriminal Ook weer een typisch geval van bitcoin afpersing. De tekst is ook hier behoorlijk goed nederlands. Bekend en berucht bij de fraudehelpdesk: Opnieuw afpersmails over bezoek pornosite -
Hallo, hoe gaat het met jou? Ik weet het, het is vervelend om een gesprek te beginnen met slecht nieuws, maar ik kan niet anders. Enkele maanden geleden heb ik toegang gekregen tot je apparaten die je gebruikt om op het internet te browsen. Vervolgens heb ik al je internet activiteiten kunnen traceren. Hieronder kun je lezen hoe ik dit voor elkaar heb gekregen: Allereerst heb ik van hackers de toegang tot meerdere e-mail accounts gekocht (tegenwoordig is dat een fluitje van een cent om dat online te doen). Daarna kon ik heel makkelijk op je e-mail account ( inloggen. Een week later heb ik een Trojan virus geïnstalleerd in de besturingssystemen van al de apparaten die je gebruikt om je mails te openen en te lezen. Om eerlijk te zijn ging dat vrij simpel (want je opent de links uit je inbox mails).
Het bitcoinadres waar 1790 euro heen mag is 1AJcoDsSGe9teEfzSMicXprJFae7729J5y.

Update 2022-02-26: Nog een keer dezelfde spam gezien met bitcoinadres 1AJcoDsSGe9teEfzSMicXprJFae7729J5y en 1DfSBC5xbeswbXingkkf3i6VyQwYb8kYGh.

Tags: , ,
2022-02-23 Filtering logs to only get relevant reports
I want to know if something goes wrong but with the number of (virtual) servers here at home it is not possible to check all logs constantly. So the main machines use logcheck to find the interesting error messages and the rest gets filtered out.

Ideally that leaves no messages, but I do want to know about patterns that indicate attacks so I do get messages constantly about ssh attack attempts and weird nameserver requests or misconfigured nameserver responses.

Recently I've been checking the resulting reports again carefully and noticed some more patterns that could be filtered. And I found two misconfigurations that I solved. Normally those misconfigurations would drown in the noise of the log, only to be found if I was looking for something else. Now it started to stand out after filtering out a lot of messages that are to be expected.

Tags: , ,
2022-02-22 Shed switch ordered
In the project to upgrade the connectivity to our shed I ordered a switch with sfp slots: a netgear GS310TP. The choice is to have the same brand as in other places in the network so I can select compatible SFP modules easily. With this switch I also have vlan support so I can have a wifi access point in the shed if I want.

Tags: , ,
2022-02-21 I participated in the ARRL DX CW contest 2022
CW contest filling the bands on a websdr As I'm trying to make more morse contacts the 'easy' way is to participate in contests in morse. Last weekend was the ARRL DX CW contest and I heard quite a bit of contest morse on the 20 meter band. I tried a few contacts and after two contacts got the reply 'USA ONLY'. So I looked up the ARRL DX contest rules and found out that indeed for non-US/Canada stations only contacts with US/Canada are valid. Since I didn't hear any stations from that area in the late afternoon I left it at that. But in the early evening after the sun goes down but before the propagation on 20 meters dies down completely it is possible to make contacts with North America. So on Saturday and Sunday evening I used that 'window' to get several stations in the log. If these get all confirmed I should get several new US states in morse.

It was also a good practise in decoding callsigns and return information in morse with noisy conditions.
Band   160   80   40   20   15   10
QSO's    0    0    0   30    0    0
Mult     0    0    0   16    0    0
Raw Score: 84 Qpts x 16 Mults = 1344.

The objective for this contest is to expand knowledge of DX propagation, so I already met that objective with fine-tuning my operating window to have a good opportunity to work US stations in morse.
Read the rest of I participated in the ARRL DX CW contest 2022

Tags: , ,
2022-02-19 Receiving DMARC reports and trying to debug my DKIM setup
Since November 2021 I have been running DKIM with sendmail. First for a test domain, later also for the main domain sending e-mail.

I directly added a DMARC record with options to notify me of spf/dkim errors. I have seen a few reports of fake mail injected but most reports were about valid mail. For a long time google kept sending reports about dkim errors but I couldn't find out why. After I added the option to receive debug information this problem did not come back, so I'm not sure whether I fixed this.

Today I sent something to a mailing list and got a debug report instantly. Somewhere after the mailing list software had changed the body of my message (it stripped the pgp signature and noted this) a mail server checked the DKIM headers and found out the body signature was wrong. Indeed. Mailing lists and DKIM/SPF are complicated.

Tags: ,
2022-02-16 Closing 2021 in amateur radio
QSO count plot up to December 2021 I noticed I didn't do a "Closing 2021 in amateur radio" post yet, so time to catch up. Looking back at the Review of 2020 in amateur radio with plans for 2021 I can say:
  • Practising morse has happened! Just no exam yet, but that is mainly due to the current circumstances
  • Satellite contacts: none.
  • Morse and phone in contest: yes!
  • New qsl cards ordered and in use
And the plans for 2022:
  • More and more morse, and that exam. There is an exam date now and it will be possible to get the wanted 'CW included' on my radio amateur identification
  • Again satellites
  • In contests: try to get more morse and phone contacts.
  • Use the better propagation to get contacts on different bands

More detailed statistics over 2021

And I had to check my own notes again how I got these numbers last year, so I'm adding the sql queries I typed at the mysql/mariadb client. With the database behind cqrlog available I can make all kinds of queries.

By month

The influence of months with (digital) contests isn't as strong as in previous years.
| month | cnt |
|     1 | 234 |
|     2 | 204 |
|     3 | 238 |
|     4 | 161 |
|     5 | 131 |
|     6 | 111 |
|     7 | 211 |
|     8 |  19 |
|     9 | 232 |
|    10 | 204 |
|    11 | 191 |
|    12 | 101 |
Query: select month(qsodate) as month,count(id_cqrlog_main) as cnt from cqrlog_main where year(qsodate)=2021 group by month order by month;

By band

No real surprises there. And the feeling that 10 meter was improving isn't showing in the statistics yet.
| band | cnt |
| 40M  | 699 |
| 20M  | 849 |
| 17M  | 151 |
| 15M  |  40 |
| 10M  | 243 |
| 2M   |  51 |
| 70CM |   4 |
Query: select band,count(id_cqrlog_main) as cnt from cqrlog_main where year(qsodate)=2021 group by band order by freq;

By mode

Almost double the number of morse contacts compared to the previous year.
| mode  | cnt |
| JT65  |   2 |
| PSK31 |   3 |
| FM    |  19 |
| FT4   |  35 |
| PSK63 | 226 |
| CW    | 240 |
| SSB   | 267 |
| RTTY  | 386 |
| FT8   | 859 |
Query: select mode,count(id_cqrlog_main) as cnt from cqrlog_main where year(qsodate)=2021 group by mode order by cnt;

Tags: , , ,
2022-02-15 My work PGP key needed replacement and using PGP keys in thunderbird with their original passphrases
PGP logo Today I tried to sign a key with my work PGP key, and after lots of tries the conclusion was that my 2006 work pgp key was too infected with SHA1 signatures that I couldn't remove, so I created a replacement work PGP key. Even a signature for the new key with the old key was rejected.

So the new work key:
pub   rsa4096/0x36FF19C6159C0262 2022-02-15 [SC] [expires: 2027-02-14]
      Key fingerprint = 1401 EE9F 25AD 23F1 C299  FD07 36FF 19C6 159C 0262
uid                   [ultimate] Koos van den Hout <k.vandenhout(at)>
uid                   [ultimate] Koos van den Hout <koos(at)>
sub   rsa4096/0x918F8E7A170EA93E 2022-02-15 [E] [expires: 2027-02-14]
I also signed it with my personal key, and I will try to get more signatures for the new work key to make things work better. Available at PGP key 0x36ff19c6159c0262. There you will see I also signed it with my old work key 0x42216fe29ee949cf but since that signature is also a SHA1 signature the new gpg implementation immediately rejects it. So I should get some signatures from people who have relatively new PGP keys. I've been using PGP since 1993 (29 years now!) and I can see the developments in PGP over the years in my keys.

In the process I noticed one thunderbird installation insists on managing PGP keys completely and the other doesn't. Searching for the reason eventually found Use Thunderbird 78 with System GnuPG Keyring and I made sure the option mail.openpgp.allow_external_gnupg was set to true.

Tags: , ,
2022-02-14 I participated in the CQ WPX RTTY 2022 contest
RTTY Contest on websdr Last weekend was the same as in 2021: the PACC and the CQ WPX RTTY contest in one weekend. Since the CQ WPX RTTY contest is 48 hours and the PACC contest is 24 hours I participated in both. Not for 48 hours, I had a normal weekend otherwise.

In the end I made 106 contacts in the CQ WPX RTTY contest. 50 contacts on the 40 meter band and 56 contacts on the 20 meter band.

Tags: , ,
2022-02-14 I participated in the PACC 2022 contest
CW contest filling the bands on a websdr Last weekend was the weekend of the Dutch PACC contest, 'our' contest organized by the Veron. Open for radio amateurs from all over the world, making contacts with Dutch radio amateurs especially interesting.

I decided to only do morse in the PACC this year, to get the practice with contest-speed morse and maybe improve the number of countries with morse I have in the logs. In the end I made 43 contacts. The report:
Callsign: PE4KH

Band     Qso    Cancelled  Dup  Point  Penalty  Mult        Score
160M       0            0    0      0        0     0
 80M       0            0    0      0        0     0
 40M      38            0    0     38        0     6
 20M       5            0    0      5        0     4
 15M       0            0    0      0        0     0
 10M       0            0    0      0        0     0
          43            0    0     43        0    10          430
I'm not going to be the winner in my category with this score but I'm happy with my amount of CW contacts.

Tags: , ,
2022-02-08 Upgrading the fiber to the shed network
The current fiber to the shed network is working fine but only gives the Raspberry Pi based NTP server network at a speed of 100 mbit.

The link is working fine but the next device with network problems due to unreliable wifi is showing up: the solarpanel inverter in the shed is sometimes unreachable for my solar inverter monitoring using modbus/tcp and that means I 'miss' measurements. The propetairy monitoring that solaredge does can deal with interruptions in reachability and upload older data, but the modbus/tcp monitoring I use can only access real-time data.

My first plan was to look at industrial switches because of the extended temperature and humidity ranges in the shed. But having both 'industrial' and 'sfp slot' costs a lot of money.

My next thought is to put all the possibly sensitive electronics in one case and hope the temperature and humidity inside that case stay within a reasonable range. This thought is based on the fact that the Raspberry Pi based NTP server functions fine in a not very closed wooden box without being affected by temperature or humidity.

Tags: , ,
2022-01-29 Brand krachtig blond
Beer illustration There is a lot of special beer available in the Netherlands too. I checked what was available in the local supermarket and found this one: Brand krachtig blond.

By colour it is indeed a blonde beer, but by taste it was quite hoppy, almost like an IPA.
Beer nameKrachtig blond
Beer styleBlond
Alcohol by volume7.8 %

Tags: ,
2022-01-21 Looking at RFID cards and NFC again
I haven't done anything with NFC in ages. Almost three years ago I dug up my knowledge again and learned about UID changeable cards and before that the last real digging into RFID was 11 years ago: Interesting development with the magna carta rfid card.

Anyway, my interest is renewed due to several factors, with "just looking for something to learn about and enjoy the process" as main one. As a first step I dug up my trusty touchatag reader and the collection of RFID tokens/cards. The touchatag reader still doesn't see any of the collected ski passes so I guess those are for other frequencies.

The collection of RFID tokens includes a number of one-use public transport tickets. Those are based on Mifare Ultralight "MF0ICU1" according to NXP TagInfo. The little bit that annoys me is that NXP TagInfo manages to list the transport company and the transaction date/time while I can't find any listing of the fields in a Mifare Ultralight for transport use online on a first search. Later searches (see below) give a lot more!

So I have to do some digging myself. And maybe get a few more recent one-time-use public transport tickets to get an idea.
Read the rest of Looking at RFID cards and NFC again

Tags: , ,
2022-01-17 I participated in the UBA PSK63 contest 2022
PSK63 contest in fldigi As the UBA PSK63 is the first radiocontest I participated in after the start of my HF career in 2015 I decided not to miss it this year and get some contacts going. My first article about the UBA PSK63 contest: Playing in a radio contest.

Last weekend was the 2022 edition of this contest and I participated on Saturday and Sunday. The bands didn't seem as full with PSK63 signals as I have seen them in other years. Most remarkably the PSK63 traffic seemed gone late Saturday evening. When I tried again Sunday end of the morning the traffic was back. Returned serial numbers suggested stations with more time and/or better reception could get enough contacts in the log.

In the end I made 74 contacts. I started on the 20 meter band on Saturday afternoon, switched to 40 meter after dark. Late in the evening I tried to make a few more contacts but saw only a few other stations on 40 meter. On Sunday I resumed in the 40 meter band and made a number of contacts there. In the last hour of the contest I switched back to 20 meter in the hope of finding a lot of new calls there but only one new call showed up, the rest was in the log already. So I squeezed out a last few contacts on 40 meter before the end of the contest. I may have switched back to 40 meters a bit too fast according to the rules of the contest, I'll see what happens.

Anyway, a good contest. I see a few things to improve in how I participate in digimode contests that aren't really huge: better timing, especially trying to get more contacts during daylight hours on higher bands.
Read the rest of I participated in the UBA PSK63 contest 2022

Tags: , ,
2022-01-08 Artikel op Veron A08 website geschreven over de morse cursus en het niet meer kunnen krijgen van 'CW included' via een examen in België
Ik ben al heel lang bezig met morse leren, en de nieuwste ontwikkelingen zijn dat het niet gaat lukken om de 'CW not included' op het pasje van Agentschap Telecom wat me identificeert als gelicenseerd zendamateur om te laten zetten in een 'CW included'. Dat was even een zware tegenvaller, maar ik heb die energie omgezet in een artikel met onze ervaringen. Misschien dat het nog ergens tot gevolg heeft dat er toch een route komt om dit op te lossen.

En daarnaast is het wel leuk om te schrijven merk ik. Misschien moet ik over meer onderwerpen die me bezig houden schrijven.

De illustratie bij het artikel van de 'CW not included' en 'CW included' op de pasjes heb ik zelf gemaakt (samenstelling van foto's van pasjes), de illustratie met de certificaten heeft Frank van der Pol PE2A gemaakt.

Het artikel is verschenen op België-route voor “CW included” niet meer mogelijk - Veron A08 Centrum en ook in sociale media gedeeld: België-route voor “CW included” niet meer mogelijk @pi4utr. Ook op het forum: Morse examen in België niet meer mogelijk. Daar is een antwoord gekomen dat de stap via het Belgisch instituut voor postdiensten en telecommunicatie (BIPT) overgeslagen kan worden, dus die route gaan we proberen.

Tags: ,

IPv6 check

Running test...
, reachable as PGP encrypted e-mail preferred. PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers

Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
Other webprojects: Camp Wireless, wireless Internet access at campsites
This page generated by $Id: morenews.cgi,v 1.58 2023/06/14 14:04:46 koos Exp $ in 0.258492 seconds.