News items for tag english - Koos van den Hout

2017-08-22 New QSL cards ordered, again from LZ3HI 1 day ago
Almost years after I ordered QSL cards for PD4KH they ran out. I had to print stickers with the PE4KH call sign for a while to update the cards.

PE4KH qsl card front PE4KH qsl card back Now I had time to make new cards and see what the options where. I promised myself nicer cards with not just the standard data but nice colour pictures on the front side so I looked at ideas, drew some things on paper and worked a few evenings in the Gimp to get the ideas into something that would survive being printed. I created files for printing at 600 dots per inch so there should be no strange printing artefacts.

Tags: , ,
2017-08-19 Moving virtualbookcase.com to https 4 days ago
I received a notification from the google webmaster program that chrome browser would start showing security warnings on http://www.virtualbookcase.com/ due to the search box there.

The simple solution: make the site correctly available via https and redirect to the https version. I found out I already started doing the first bit and therefore the conversion was easy. Now with encrypted connections: The Virtual Bookcase.

Tags: , , ,
2017-07-28 Already doing a casemod on the new home server 3 weeks ago
The new homeserver 2017 has arrived and I'm working on installing it. But first I had to do my first 'casemod' which was just rerouting a few cables. The case comes with a fan control, but I want all fan control to come from the mainboard and monitor the fans from the operating system. So I disconnected the fans from the case fan control and reconnected them to fan connectors on the mainboard that allow for voltage based fan control and monitoring.

The case is a bit overkill, but looks really good and offers lots of routes for airflow. New to me was that the case has cableguides which allow it to look really nice internally and have really good airflow. So I used those cableguides when I rerouted the fan cables and even tie-wrapped the cables to keep them looking nice.

Tags: ,
2017-07-25 If you post about "334 VXNlcm5hbWU6" be aware what you are sharing 4 weeks ago
I saw someone post somewhere about problems with sending mail, with the complete session log. E-mail addresses were obfuscated, but there was a part of the session not obfuscated, which had far more interesting secrets than just e-mail addresses. It looked a bit like this:
250-HELP
250-AUTH LOGIN PLAIN
250-SIZE 157286400
250-8BITMIME
250 OK
AUTH LOGIN
334 VXNlcm5hbWU6
dXNlcm5hbWU=
334 UGFzc3dvcmQ6
cGFzc3dvcmQ=
235 ... authentication succeeded
RSET
250 OK
Those "random" letters and digits look a lot like base64, so to decode them:
$ echo "VXNlcm5hbWU6" | base64 -d ; echo
Username:
$ echo "dXNlcm5hbWU=" | base64 -d ; echo
username
$ echo "UGFzc3dvcmQ6" | base64 -d ; echo
Password:
$ echo "cGFzc3dvcmQ=" | base64 -d ; echo
password
So the random letters and digits are actually username and password, very interesting information. Searching for VXNlcm5hbWU6 gives me examples of usernames and passwords.

Tags: ,
2017-07-24 Last night receiving ISS SSTV images 4 weeks ago
And a third night. I used the timed recording option of audacity, which in the current linux version does not offer the option to set in advance how to save the project. This time I 'only' recorded for 7 hours, and was able to save the project afterwards without needing a recover. But on reloading the saved project audacity complained about some internal error in it, and it still had the problem of assuming 44.1 kHz sampling while showing the project sample rate as 48 kHz. Anyway, images decoded from the audio and I even recieved a few new ones.

Tags: , , ,
2017-07-24 Getting a lot more entropy from the Raspberry Pi 1 month ago
Entropy graph of a Raspberry Pi On doing some research on randomness in Linux I found out about the rng-tools package which includes rngd which can get randomness from hardware random generators to linux /dev/random.

On the main homeserver greenblatt there was no hardware randomness source available, I already use randomsound to generate randomness from audio noise. I found out the Raspberry Pi has a hardware randomness source so I installed rng-tools and rngd was able to use it. The impact on the measured available entropy is quite visible.

Tags: , ,
2017-07-23 Another night of receiving ISS SSTV images 1 month ago
On the night from Friday to Saturday I had the whole setup ready to receive more ISS SSTV images. And nothing was received since I had the antenna unplugged during Friday because of thunderstorms and forgot to plug it back in.

So when I found that out I put a note on my desk with 'Antenna unplugged?' which can be a reminder to unplug it when I'm done or plug it in when I want to receive something.

ISS SSTV image ISS SSTV image ISS SSTV image ISS SSTV image ISS SSTV image ISS SSTV image ISS SSTV image ISS SSTV image ISS SSTV image ISS SSTV image ISS SSTV image On the night from Saturday to Sunday I plugged the antenna in and let the whole setup run again like on the earlier run on Friday Received slow scan TV images from ISS while I was sleeping. To make sure I had the antenna plugged in I tuned to 145.750 MHz where I can hear a distant repeater faintly.

Again audacity hung after the recording, and this time on recovery it had some issues with the saved project. At first I could see and hear audio of SSTV passes but qsstv could not decode anything. In the waterfall display of qsstv it looked like the frequencies were too low. I had a thought that maybe something decided the samplerate was back to 44.1 kHz so I simply speeded the audio of an image pass up by 8.8435% and suddenly it decoded fine.

In the end I decoded 11 images from the ISS SSTV project. Numbers seen 8, 10, 9, 6, 7, 8, 6, 4, 5, 6.

And 2 images from nearby radio amateurs who weren't operating according to the bandplan... but at least did not interfere with the ISS SSTV transmissions.

Tags: , ,
2017-07-21 Received slow scan TV images from ISS while I was sleeping 1 month ago
I read about the current ARISS Celebrates it’s 20th Anniversary through SSTV Event and noticed the planned times weren't really compatible with my day/night cyclus. I know, as a hardcore radio amateur I should be up at the weirdest hours for rare events but I also like my sleep a lot and my wife really dislikes alarms at weird hours.

Automation to the rescue: I decided to record all of a night of ISS signals on the computer with audacity and decode images from it later. The computer adjusted the radio for doppler using gpredict. Since I don't have an automatic rotor for satellite antennas I used the VHF/UHF vertical. This may seem strange but the weakest signals from ISS are when it is right above the horizon (which is when the vertical has the best reception). And as noticed on earlier SSTV events that compared to other amateur satellites the ISS has a strong signal.

So I left it running for a night and checked the results afterwards. The result was a 9 hour recording and audacity decided to hang after stopping the recording. I made a backup copy of the audio data just to be safe and restarted audacity. Luckily it recovered the project fine after restarting.

With a recent version of qsstv I decoded the recorded audio and searched for ISS passes in the recording.

The result is 13 decodes in one night. It turns out it received audio from a number of low passes that I did not see in gpredict because I have gpredict set up to skip low passes (those that don't come above a 20 degree angle above the horizon). But the strong signals from ISS make those show up in my radio anyway.

Decoded and seen the numbers sofar: 11 (partially), 12, 9, 10, 9, 10, 9 (partially), 9, 7, 8.

Tags: , , , ,
2017-07-19 New threat going around "Please find attached our purchase order" 1 month ago
E-mail with subject starting with "Please find attached our purchase order number" and a zip, with a zip in it with in that zip an .exe file.
Archive:  PO185 - 188207 X.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
   341805  2017-07-19 04:55   PO362 - 867977 X.zip
---------                     -------
   341805                     1 file
Archive:  PO362 - 867977 X.zip
  Length      Date    Time    Name
---------  ---------- -----   ----
   431458  2017-07-19 15:32   PO362 - 867977 X.exe
---------                     -------
   431458                     1 file
I guess the .exe will cause some serious damage in Windows operating systems. The size is huge, where is the time virus writes tried to stay below 1024 bytes!

Tags: ,
2017-07-17 Wireless access-point TP-LINK TL-WDR4300 firmware 1 month ago
Recently the wireless access-point decided that I should not have access to the management interface. I even tried both the IPv4 address I assigned and the default IPv4 address it gets. And the last days I noticed strange delays, which may have been caused by channel overlaps. So I wanted access to the management interface to check the channel settings. I noticed the management interface decided to respond again on the IPv4 address I assigned, and I saw new firmware available which should also help with some stability issues.

Firmware upgraded, and after the upgrade and automatic reboot my access was gone again. Time for the suggested factory reset to get everything back to normal. Done, and I was able to set it up again from scratch with the right configuration.

Maybe I should start running some kind of wiki or something to keep internal documentation of my home network. I had a hard time remembering several details of my own setup recently.

Tags: , ,
2017-07-17 Now NetworkManager generates resolv.conf .. and starts with legacy IP 1 month ago
I removed rdnssd and resolvconf and fixed the symlink linking /var/run/NetworkManager/resolv.conf and /etc/resolv.conf by hand. The file /etc/NetworkManager/NetworkManager.conf now says:
dns=none
rc-manager=file
But now I run into the 'NetworkManager prefers IPv4 resolvers' again, leaving me with the resolvers from the DHCP answer before those from the IPv6 route advertisment. The search domains are fine now.

Tags: , ,
2017-07-16 Uploading FT8 contacts to eQSL 1 month ago
This evening I noticed incoming FT8 QSO's in eQSL, so the mode is now recognized there. But I needed to retry uploading all FT8 contacts to get them to upload. It took a bit of experimenting, but finally the right SQL command to mark the contacts as not uploaded was:
$ mysql -S /home/koos/.config/cqrlog/database/sock cqrlog002
mysql> update cqrlog_main set eqsl_qslsdate = NULL where mode='FT8';
Query OK, 24 rows affected (0.02 sec)
Rows matched: 26  Changed: 24  Warnings: 0
And now they are all uploaded.

That is about a week between first seeing mentions of FT8 in radio amateur news and the first confirmed contacts.

Tags: , ,
2017-07-16 I participated in the DMC RTTY 2017 contest 1 month ago
Or maybe I should use the word 'played' again: 6 contacts. It was a weekend with not much time for radio and when that time did happen propagation wasn't cooperating very well. The advantage of contests is that there are a lot of stations who want to hear every other station, so I used the last 20 minutes of this contest just to answer a few calls and get in the log.

Tags: , ,
2017-07-16 SSH attacks by Java 1 month ago
Jul 16 04:17:01 greenblatt sshd[9365]: reverse mapping checking getaddrinfo for 121-124-124-73.youiwe.co.kr [121.124.124.73] failed - POSSIBLE BREAK-IN ATTEMPT!
Jul 16 04:17:01 greenblatt sshd[9365]: Invalid user 1234 from 121.124.124.73
Jul 16 04:17:01 greenblatt sshd[9365]: input_userauth_request: invalid user 1234 [preauth]
Jul 16 04:17:01 greenblatt sshd[9365]: Received disconnect from 121.124.124.73: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]
That last bit is not from my sshd but an error message related to a java library for ssh, as noted in Reasons for com.jcraft.jsch.JSchException: Auth fail | Maximilian Böhm which correctly notes that attacks are a reason.

Tags: , ,
2017-07-15 More resolving via IPv6 1 month ago
I was reading Debian Stretch - Het Lab Henk van de Kamer (in Dutch) which mentions removing package rdnssd to avoid a dependency problem. But I like rdnssd as it helps use the nameservers available via IPv6 in a network with only SLAAC and no DHCPv6.

Right away I had to check on my own laptop with Ubuntu 16.04 and noticed all traffic was going to the IPv4 address of the local resolver. Which is not what I want, I want to prefer IPv6 when possible. Searching found Bug #936712 “NetworkManager should put IPv6 DNS servers before I...” : Bugs : network-manager package : Ubuntu which is indeed what I saw, and it's still showing in Ubuntu 16.04 Xenial.

My solution was to stop using dnsmasq, and switch to a generated resolv.conf from NetworkManager. To do that I had to update /etc/NetworkManager/NetworkManager.conf to have:
#dns=dnsmasq
dns=none
rc-manager=file
And now I have a resolv.conf with only 3 IPv6 nameservers and no search domains. Not exactly what I want, but at least IPv6 is preferred. I considered something using only the first three resolvers because that is a maximum somewhere but just advertising two resolvers via radvd also makes two show up in the generated resolv.conf. This is not perfect. The generated resolv.conf has comments that it is generated by resolvconf so maybe this is a conflict between resolvconf and NetworkManager not in 'use resolvconf' mode.

Tags: , ,
2017-07-13 Interesting log item 1 month ago
Haven't seen this before:
Jul 13 09:29:45 greenblatt sshd[24232]: Invalid user  from 193.105.134.187
Jul 13 09:29:45 greenblatt sshd[24232]: input_userauth_request: invalid user  [preauth]
Jul 13 09:29:59 greenblatt sshd[24232]: Disconnecting: Change of username or service not allowed: (,ssh-connection) -> (admin,ssh-connection) [preauth]
I have seen user '' (empty) before, but a change of username is new to me. Searching finds very little information, only one mention: Which ssh exploit works by changing the user name in the middle of the process? - Information Security stack exchange where the assumption was that this was some kind of attack.

Tags: ,
2017-07-12 New digital mode for amateur radio FT8 1 month ago
This week there was a sudden 'buzz' about a new digital mode for amateur radio from Joe Taylor, K1JT. It's like JT65, with a very minimal exchange (callsign, locator, signal report) but with a lot faster timing: each turn is 15 seconds and from what I can see somewhat more than 13 seconds transmitting. I made the first few contacts today after downloading wsjtx from WSJTX-Development : Greg Beam as Ubuntu package.

Screenshot waterfall display WSJT-X with FT8 mode They are now in my log, but uploading to eQSL / Logbook of The World is not possible yet as 'FT8' is not seen as a valid mode yet. The solution for LoTW seems to be to change to 'DATA' but this solution does not work for eQSL. I'll have to upload those contacts later when the mode is recognized.

First contact was with IZ8GNR and I also had contacts with club members PA2RG and PD3RFR.

With JT65/JT9 I sometimes get distracted waiting 50 seconds before it's my turn to react again, with FT8 it's more high-speed work (somewhat less than 2 seconds to react to a CQ or an answer). WSJT-X now has an auto-sequence feature which will step through the exchange automatically.

Tags: ,
2017-07-10 Raspbian mirrors sometimes fail when IPv6-only 1 month ago
Just happening:
Err http://mirrordirector.raspbian.org/raspbian/ jessie/main libgcrypt20 armhf 1.6.3-2+deb8u4
  Cannot initiate the connection to raspbian.42.fr:80 (163.172.250.246). - connect (101: Network is unreachable) [IP: 163.172.250.246 80]
It seems mirrordirector.raspbian.org redirects to IPv4-only sites even when the client connects via IPv6. My Raspberry Pi systems have IPv4 disabled. It's a known problem in Bug #1595563 “Native IPv6 client redirected to IPv4-only mirror” : Bugs : Raspbian where people seem to rather ignore the problem. I could reverse the statement there to "a service that can only be accessed by v4 nodes cannot be reasonablly considered to be available on the internet." but I guess that's "different".
Read the rest of Raspbian mirrors sometimes fail when IPv6-only

Tags: , ,
2017-07-09 I participated in the IARU HF Championship 2017 1 month ago
My activity in radio contesting has been in digital mode contests, with one exception in a mixed-mode contest where I also made some voice contacts: the ARI International DX Contest in 2016.

But this weekend I seriously entered the IARU HF Championship in 'phone' (speech) mode. I made 59 contacts, 50 on the 20 meter band and 9 on the 40 meter band. I managed to work a lot of the HQ stations I heard active for the various national radio clubs. I heard no serious DX, but the local noise at home is prohibitive for voice contacts anyway. My personal reason for entering this contest was reading about its role in the world radio team championship in the book Contact Sport: A Story of Champions, Airwaves, and a One-Day Race around the World by J.K. George.

Screenshot yfktest with large font I used yfktest for the contest logging and found the biggest fixed font I can use which makes the 25*80 xterm almost fill the entire screen. See the screenshot.

Claimed results according to yfktest:
Band    QSO    Qpts   Dupes   Mult1   Mult2
-------------------------------------------
  20     50     112       0      23       0
  40      9      13       0       8       0
-------------------------------------------
 ALL     58     124       1      31       0
===========================================
 Total Score: 3,875

Tags: , ,
2017-07-03 Reboots of the FT-857 radio 1 month ago
The last week I had a problem with the FT-857 radio rebooting when I started transmitting in digital radio modes (PSK31 or JT65). The reboot showed as the radio giving the standard beep and the display and backlight switching off and on. Searching for clues suggested that some form of radio frequency interference would probably be the source.

So I wondered what I changed recently around the radio and remembered I changed something in the power distribution to have connectors available for powering my SARK100 antenna analyzer with a 12 volt battery.

Reseating all those power connectors and fixing some wires seems to have stopped the problem.

Tags: , ,
  Older news items for tag english ⇒
, reachable as koos+website@idefix.net. PGP encrypted e-mail preferred.

PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers pgp key statistics for 0x5BA9368BE6F334E4 Koos van den Hout
RSS
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews, Weather maps