News items for tag english - Koos van den Hout

2021-05-07 Anti-spam measures blocking legitimate e-mail 1 week ago
I am using fail2ban to deal with spamming attempts. Some of the spam senders are quite good at trying the same stupidity again 3 minutes later because the error codes are just for non-criminal mail senders. My logs kept filling up with the same stupidity over and over and over again. So I set up fail2ban to block the offending IPs to keep my logs readable.

But this stopped e-mail based alerts from a certain service. I know, e-mail isn't instant messaging.

The error message was:
gosper sm-mta[14317]: ruleset=check_relay, arg1=xx.xx.xx.xx, arg2=xx.xx.xx.xx, relay=xx.xx.xx.xx [xx.xx.xx.xx], reject=421 4.3.2 Connection rate limit exceeded.
This triggered fail2ban directly because I didn't expect normal traffic to exceed this, but the alerts from the service could. So I whitelisted the sending IP in the sendmail access config to make sure the notifications flow.

I also updated the specific bit of fail2ban configuration to only block this after three errors.

Tags: , ,
2021-05-03 Refreshing rechargeable batteries 1 week ago
With lots of devices running on rechargeable batteries including toys with motors and lights we have accumulated quite a number of rechargeable batteries in our house. Some of them have been around for ages and others are more recent.

With the amount of batteries varying per device (we have seen 1,2,3,4 and 6 batteries per device) it's good to charge each battery individually as they may have different residual charges and always charging them in pairs when one is not as good will only make the difference worse.

But the charger for individual AA/AAA cells we have also wants to charge the batteries quite fast and will abort as soon as one cell doesn't accept the charge. More and more batteries got rejected this way, even relatively new ones.

The solution: a smart charger that has adjustable load current, can refresh a battery that has problems accepting charge and measures the charge in the battery. And does this for 4 batteries at the same time. I gathered batteries from all kinds of places (quite a collection) and started charging and measuring all of them. A number of batteries got rejected because even a "refresh charge" ended at less than 50% of the original capacity. Those batteries will be handled as chemical waste. The others with enough capacity left are now all in the big box of charged batteries. Most of them will not keep their charge until the moment we actually need them, but it's good to know they are usable.

I bought the https://www.conrad.nl/p/voltcraft-ipc-3-batterijlader-li-ion-nicd-nimh-10440-14500-16340-16650-17355-17500-17670-18490-18500-18650-1403321 from Conrad which has only one downside: the fan is somewhat noisy.

Tags: ,
2021-04-28 A repeatable 36 kilometer ride 2 weeks ago
Yesterday I cycled the same ride as I did last October and a few times since then.

It was a good way to spend a few hours riding on our kings day. I stopped along the way to drink some water and relax. It's still 36 kilometers and the average speed according to the speedometer on my recumbent bicycle was 21.77 kilometer per hour.

Tags: ,
2021-04-27 Played in the HackTheBox & CryptoHack Cyber Apocalypse 2021 2 weeks ago
A CTF or Capture the flag is an information security competition where puzzles are offered that have to be solved with techniques from information security. This can range from a simple knowing where to look for clues in data to having to use the latest exploit techniques against systems to get access. The solution is usually a digital 'flag' that proves you solved the puzzle.

A co-worker who has been at the 'receiving end' a few times of the CTF challenges the SURFcert team creates with some help of me invited a number of people at work to the HackTheBox & CryptoHack Cyber Apocalypse 2021.

And I decided to join! We dove into the challenges a number of evenings. I solved a few hardware challenges on my own, and I did parts in solving other challenges. I learned about .sal files and logic analyzers. And I learned cracking a (not too big) public RSA key is doable these days.

Where others wrote bits of python to solve things I used grep and awk. But in the end we got there.

Our team ended in the top 6% which is not bad for doing this on weekday evenings besides our jobs and other bits of life. I posted about this on linkedin in Dutch: Collega Simon Kort BICT nodigde mij uit voor het meedoen in deze CTF.

Tags: ,
2021-04-24 Getting some new countries on the 17 meter band, 10 meter opening 2 weeks ago
With a bit of trying and retrying I tuned my home endfed to the FT8 frequency in the 17 meter amateur band. I'm chasing 'slots' on that band: countries I haven't worked on that band before. Today I got the Balearic Islands, Wales, Kenya, Indonesia and Lebanon in the log, all new on this band for me.

Before that there was a nice 10 meter opening during the day, where I worked several European stations.

Nice to see good propagation!

Update 2021-04-25: On Sunday I tried FT8 on 17 meters again, this got me Thailand as a completely new country! And Belarus, Latvia, Lithuania new on the 17 meter band.

Tags: , ,
2021-04-14 Year 2038 is coming! 1 month ago
Interesting kernel message in Linux today:
[ 3906.977410] ext2 filesystem being mounted at /media/koos/disk supports timestamps until 2038 (0x7fffffff)
So that filesystem (and lots of others) will give issues in 2038. Things need work before that date!

Tags: , ,
2021-04-10 Cleanup of my gpg private key 1 month ago
I learned about changes in GPG needing some updates to private keys so I loaded the private key for 0x5BA9368BE6F334E4 in a backup keyring and tried to find out what needs to be done. The explanation at Fixing old SHA1-infested OpenPGP keys seems to have the important parts.

Make sure the preferences are set correctly (no SHA1) and do a 'clear' on the key. I took the chance to change the expiry date to something a bit more in the future, set the e-mail address that I now use as primary and updated the weblink to my homepage to https://idefix.net/.

I also updated the details on PGP - Koos van den Hout so these can be verified.

Tags: ,
2021-04-08 Stopping with NTP servers at work 1 month ago
For almost 20 years I was involved with the running of NTP time servers at work. But the hardware aged and my job is no longer in systems administration and not in the department actually housing the timeservers.

So, time to stop doing it. The pool ntp server has been retracted, DNS names removed and soon I will make one final trip to shut down hardware one last time and remove it from racks. The end for ntp.cs.uu.nl and others.

I still run an NTP server at home which is available in the IPv6 NTP pool. That server also compared itself to one of the servers at work so it has been reconfigured. I added a few upstream servers and made sure all of them are reachable via IPv6.

The log of NTP service at cs.uu.nl was kept, here is the final version:
DateEvent
8 Apr 2021DNS names for ntp service at cs.uu.nl removed
2 Apr 2021Announcement posted to system administration mailing list that ntp service at cs.uu.nl will stop
24 Sep 2014A second stratum-1 ntp appliance is brought on-line, galileo.cs.uu.nl
28 Nov 2011Fixed the networking for stardate, the full time lab is up and running.
23 Nov 2011The antenna cable connectors are soldered on which results in a working setup after a few tries. Stardate is better at reporting the state of the power to the GPS antenna, but has no working network. Huygens has working network and serves time to metronoom.
22 Nov 2011The server ntp.cs.uu.nl is active at its new IP. Our own GPS reference doesn't work yet: we still need to solder the right connectors on the antenna cable. The server is added to the ntp pool and traffic starts to flow a few hours later.
15 Nov 2011The ntp servers are moved to their new location
14 Nov 2011The ntp servers are switched off
13 Nov 2011We retract ntp.cs.uu.nl at its current address from the pool because the serverroom will move physically, the ntp equipment will move to a different location and the IP will change to deal with the traffic better
18 Sep 2011Stats for doei.cs.uu.nl, five years after withdrawing it from the ntp pool
19 Sep 2010Stats for doei.cs.uu.nl, four years after withdrawing it from the ntp pool
4 Mar 2010The turkish adsl provider ttnet falls off the Internet for a few hours, traffic falls from 2000 packets/second to 100 packets/second in that time
22 Jan 2010We volunteer ntp.cs.uu.nl for the turkish part of the ntp pool. Traffic explodes, peaks over 5000 packets/second
18 Sep 2009Stats for doei.cs.uu.nl, three years after withdrawing it from the ntp pool
28 Jul 2009ntp.cs.uu.nl back at full speed in the ntp pool, firewall configuration fixed
15 Jul 2009rear doors of racks closed again
2 Jul 2009 10:00serverroom airco has problems with high temperatures (28-30 C), we open rear doors of racks which makes the temperature go down a bit in the racks but the airco still has hard work
Mar 2009ntp.cs.uu.nl tuned down in the ntp pool to avoid firewall issue
18 Sep 2008Stats for doei.cs.uu.nl, two years after withdrawing it from the ntp pool
17 Jan 2008huygens.cs.uu.nl has a GPS reception failure, fixed with a software update
18 Sep 2007Stats for doei.cs.uu.nl, a year after withdrawing it from the ntp pool
11 Mar 2007airco failure serverroom
5 Mar 2007all ntp servers moved to one rack close together for temperature stability
20 Jan 2007airco failure serverroom
9 Jan 2007huygens.cs.uu.nl added as stratum-1
23 Dec 2006airco failure serverroom
29 Nov 2006powerfailure in our building
1 Nov 2006metronoom.dmz.cs.uu.nl takes over as ntp.cs.uu.nl and joins pool.ntp.org
~ 24 Oct 2006antenna cable to stardate.cs.uu.nl reconnected
~ 6 Oct 2006ntpd on stardate disabled: free running clock starts to differ too much from correct time
~ 25 Aug 2006antenna cable from stardate.cs.uu.nl disconnected because of building and recabling activities
1 Aug 2006doei.cs.uu.nl leaves pool.ntp.org
19 Aug 2003doei.cs.uu.nl joins pool.ntp.org
10 Jan 1999stardate.cs.uu.nl set up as stratum-1 with GPS time reference

Tags: , , ,

IPv6 check

Running test...
, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred. PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers

RSS
Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: newstag.cgi,v 1.34 2020/12/31 15:36:31 koos Exp $ in 0.022092 seconds.