News items for tag shiny - Koos van den Hout

There are always attacks in the logs, but this one caught my eye because someone mentioned it, I saw it in logs and searching for a simple explanation for what I saw gave no answers.

Those are the interesting ones. So here is the logline split into multiple parts in an attempt to make it more readable:

"GET /cgi-bin/timepro.cgi?tmenu=netconf&smenu=wansetup&act=save&
sel=dynamic&dns_dynamic_chk=on&fdns_dynamic1=128.0.104.18&
fdns_dynamic2=128.0.104.33&fdns_dynamic3=128.0.104.18&
fdns_dynamic4=128.0.104.18&sdns_dynamic1=128.0.104.18&
sdns_dynamic2=128.0.104.33&sdns_dynamic3=128.0.104.18&
sdns_dynamic4=128.0.104.33&userid=&passwd=&mtu=1454&
ip1=192&ip2=168&ip3=254&ip4=2&
sm1=255&sm2=255&sm3=255&sm4=0&
gw1=192&gw2=168&gw3=254&gw4=254&
fdns1=&fdns2=&fdns3=&fdns4=&
sdns1=&sdns2=&sdns3=&sdns4=&static_mtu=150 HTTP/1.1"

Searching for timepro.cgi finds a2004ns-mod/timepro.cgi at master · hklcf/a2004ns-mod · GitHub which seems to be compiled code: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), dynamically linked, interpreter /lib/ld-uClibc.so.0, stripped.

Based on Honware: A virtual honeypot framework for capturing CPE and IoT zero days my best guess is that requests to timepro.cgi attempt to reconfigure a home router. And my next guess is that the attempt is to set the DNS resolvers to 128.0.104.18 and 128.0.104.33. Further searching finds another attempt from the same source IPv4 address which also looks a lot like an attempt to reconfigure DNS settings:

"GET /dnscfg.cgi?dnsPrimary=128.0.104.18&dnsSecondary=128.0.104.33&dnsDynamic=0&dnsRefresh=1 HTTP/1.1"

The theory that this is an attempt to redirect DNS traffic is somewhat confirmed by the fact that 128.0.104.18 indeed runs an open resolver which will give me answers. For the few things I have tried those are valid answers (no clear attempts to redirect traffic to other places). I get no answers from 128.0.104.33 at the moment.

Update: Searching for the string 128.0.104 finds more:

"POST /dnscfg.cgi?dnsPrimary=128.0.104.18&dnsSecondary=128.0.104.18&dnsDynamic=0&dnsRefresh=1&dnsIfcsList= HTTP/1.1"
"POST /Forms/dns_1?Enable_DNSFollowing=1&dnsPrimary=128.0.104.18&dnsSecondary=8.8.8.8 HTTP/1.1"

Based on the names of the parameters I guess more of the same: attempts to redirect DNS traffic.

Voor mijn stukje over het luisteren naar marifoon kanalen zocht ik eigenlijk naar een afbeelding van een marifoon op een schip.

En het aanbod viel zwaar tegen. Via de de wikipedia pagina over het ontwerp Marifoon kom ik wel een creative commons afbeeldingen tegen van een oude marifoon, maar niets actueels. Kwa beeld zocht ik iets als een moderne marifoon zoals te koop via Inbouwmarifoons - Maritiem - hamshop.nl en dan ingebouwd op een schip, want dat is mijn persoonlijke beeld. Blijkbaar heeft nog niemand die foto gemaakt en onder creative commons beschikbaar gesteld. Termen 'marifoon', 'marine radio' en 'ship radio' in combinatie met de juiste licentie leveren niet het beeld op wat ik heb.

Als ik de vraag om een open licentie er af laat kom ik best voorbeelden tegen zoals in het artikel Marifoon aan boord - Myon zeiljacht verhuur maar die zijn niet expliciet vrij te gebruiken.

Gisteren op een zeilboot geweest en vanuit mijn hobby als radioamateur was ik natuurlijk ook benieuwd naar de radio aan boord. Daar werd niet veel mee gedaan omdat de eigenaar van de zeilboot nog geen marifoon bedienings certificaat heeft. Verder leuk een stukje mee gevaren. Ik heb geen idee van zeilen maar met iemand er bij met kennis en inzicht is het leuk om mee te maken.

Dat was natuurlijk wel aanleiding om me eens te verdiepen in de ontvangst van het marifoon verkeer. Hier in Utrecht is er niet zoveel te beleven maar er zijn een paar bruggen en sluizen met misschien wat verkeer wat ik zou kunnen ontvangen. Dus ik heb de programmeerkabel voor de QYT KT-8900 opgedoken en na wat zoeken deed deze het weer. Marifoonkanalen en gebruik gevonden op Marifoon kanalen en marifoon frequenties en de frequenties via Overzicht VHF marifoonkanalen - frequentieland en daarnaast nog Marifoonkanalen Nederland - Binnenvaart kennis.

Uiteindelijk een set kanalen gevonden die kans gaven op verkeer en deze in de radio geprogrammeerd. Puur voor ontvangst, niet om daar ooit op te willen zenden!

De kanalen en frequenties waarvan ik denk dat ze interresant zijn:

Kanaal	Frequentie schip	Frequentie wal	Gebruik
1	156.050 MHz	160.650 MHz	Centrale meldpost IJsselmeer
6	156.300 MHz	Simplex	Intership
10	156.500 MHz	Simplex	Intership
13	156.650 MHz	Simplex	Intership
15	156.750 MHz	Simplex	Intraship
17	156.850 MHz	Simplex	Intraship
16	156.800 MHz	Simplex	Noodoproepen
18	156.900 MHz	161.500 MHz	Sluizen en bruggen, Merwedekanaal
20	157.000 MHz	161.600 MHz	Sluizen en bruggen
22	157.100 MHz	161.700 MHz	Sluizen en bruggen
61	156.075 MHz	160.675 MHz	Verkeersbegeleiding blokkanaal Maarssen Amsterdam-Rijn kanaal
72	156.625 MHz	Simplex	Sociaal
77	156.875 MHz	Simplex	Sociaal
84	157.225 MHz	161.825 MHz	Sluizen en bruggen
85	157.275 MHz	161.875 MHz	Sluizen en bruggen

Een deel van de kanalen zoals die voor sluizen en bruggen hebben een aparte schip en wal frequentie. Dat zorgt natuurlijk dat de brugwachter of sluiswachter altijd het woord kan nemen en een mededeling kan doen zonder dat er een radio vanaf een schip doorheen kan storen.

Met het lezen over marifoon gebruik en kanalen is het wel duidelijk dat het allemaal zeer goed gestructureerd is en gebruikers dienen te weten welk kanaal voor welk gebruik is en hoe de procedures zijn. Sociaal gebruik was eerst helemaal niet de bedoeling, bij uitbreiding van de kanalen is daar iets ruimte voor gekomen. De frequenties laten zien dat de uitbreiding van de beschikbare kanalen is gekomen door het overschakelen op een ander kanaalraster.

Dus nu staat de radio constant deze frequenties en daarnaast diverse amateur frequenties en pmr frequenties te scannen. Voorlopig is de conclusie dat het vrij rustig is op de marifoon kanalen en dat als ik wat hoor de communicatie volgens nette regels gaat en vrij kort is, er is duidelijke etherdiscipline. Daarnaast hoor ik op PMR kanaal 7 soms een babyfoon en soms gesprekken die me het idee geven dat een restaurant dat kanaal gebruikt voor communicatie. Ik denk dat ze elkaar niet horen, ik heb een veel hogere antenne.

Since January 2008 I measure temperatures and other environmental data in and around the house with 1-wire sensors and adaptors. These work fine but need wires between the sensors and that isn't ideal for quick spot measurements.

So I looked into other options recently, and found affordable zigbee temperature/air pressure/humidity sensors. And an USB zigbee interface which works with linux and with a lot of the available application software. Because the next problem is going sensor - zigbee network - zigbee usb interface - some magic - database of measurements.

Because I see myself wanting long series of measurements from a number of places in the house and testing without breaking those series I ordered two USB zigbee interfaces and eight environmental sensors. I guess I want production and development enviromental monitoring.

• Zigbee interface: zzh! CC2652R Multiprotocol RF Stick (tindie)
• Sensors: Xiaomi Aquara smart home sensor air pressure temperature humidity (aliexpress)

The zigbee stick is not the cheapest solution but it is documented to work with zigbee2mqtt and buying one supports work on that software.

For a while I had a notification set for someone selling a morse paddle. Finally one came along at a reasonable price so I bought it.

And.. I mentioned this detail to some people at work. Who had an idea of what a morse key is, but didn't know about morse paddles. So with my big mouth I said "I'll make a video about it". This was triggered by the fact that I recently learned about OpenShot non-linear video editor which is available for Linux too.

So I created a video. And found out making a video of 30 seconds is a lot more work than 30 seconds. I watched some tutorial videos about OpenShot first and thought about what I wanted to show. I haven't added spoken comments because I didn't feel like doing those too.

The video isn't great, I can see several beginner mistakes. But I get the point across of what a paddle does. There is a continuity problem because I used sunlight. Which isn't very constant. And I made several clips because I didn't think I would get everything I wanted to show right. But now there are changes in light and a bit in camera angle, even with using a tripod.

And our neighbours were busy hammering indoors, so that can be heard too.

Satellite image of the Netherlands 2021-02-13 with snow cover.
I acknowledge the use of imagery provided by services from NASA's Global Imagery Browse Services (GIBS), part of NASA's Earth Observing System Data and Information System (EOSDIS).

In the weekend of 6 and 7 February 2021 the Netherlands got covered in snow and temperatures dropped to -10 degrees Celcius. In the week after that weekend temperatures stayed low and clear skies made for nice weather for outdoor skating and other wintersports. I was reminded of being on wintersport holiday.

I just had to look up the available images from the NASA Global Imagery Browse Services (GIBS) and found a great image from 13 February 2021. Click for more pixels!

A while ago the YouTube suggestion algorithm came up with a video about a TV journalist / cameraperson who decided to live and work full-time on a narrowboat in the canals of England. The suggested video: TV Journalist Quits His Job to Live on a Tiny House Boat & Cruise UK Canals Full-Time.

I guess the suggestion was in relation to some videos I watched about people with expedition vehicles.

After that video I checked out the YouTube channel mentioned in the video: Cruising the Cut and I got addicted. By now I have watched more than two-thirds of the videos in the channel. David Johns describes the first steps in buying the boat, getting the boat ready to live on and the journeys along the canal network in England. The exact measures of the narrowboat are to make it fit in the canals that were dug in England as the first way to move goods when the industrial revolution allowed centralized production. The boats are 2.08 meter (6 feet 10 inches) wide to fit in all the canals and locks. The canals were dug by hand, so they are no wider and deeper than needed to transport goods.

I did ask David about the term 'the Cut' because I couldn't find a good explanation for it. It is the term for the canal, because the canals were cut out of the land by hand.

For my Dutch readers who wonder about canals in a not completely flat landscape: canals in England have lots of locks, tunnels and aqueducts to deal with those.

Somehow this idea of a moveable home is nice to me. At the same time I am not a person for living on the water, and with all the plans for long cycling tours I still want to return to a nice home with all the comforts.

One note: I do notice that David Johns comes from a background in television. Great quality video. And yes, I am fully aware that takes a lot of editing.

• Cruising the Cut youtube channel
• Cruising The Cut website

In the last few weeks I had actual time to work on the planned rewrite of Camp Wireless in perl.

I rewrote it in perl and redid a small part of the CSS to use the CSS grid model to optimize Camp Wireless based on screen size. In the coming days I will create an 'acceptance' version of the site using the production version of the database, to iron out the last errors.

I still need to finish the correct 404 generation from within mod_perl scripts, advertising and some specific cases. And it's a good idea to run a website security scan on my work.

The look and feel hasn't changed a lot. I decided to present the same information in the same order and maintain most of the screenlayout.

As I mentioned before I have some future cycling goals which include some form of long-distance cycling journey, with serious influences from the book Computing Across America. Naturally amateur radio will play a part in such a cycling journey, just as Steven K. Roberts had on his trips.

Via the german amateur radio club DARC I found this bit in the "Deutschland-Rundspruch 24/2020":

DK3JB erreicht erstes Ziel auf seiner Funk-Fahrrad-Reise

Hans-Gerhard Maiwald, DK3JB, hat nach mühsamer und beschwerlicher Fahrt, teilweise auch wegen schlechter Radwege, am 15. Juni gegen 21 Uhr sein erstes Ziel, Kappel im Hochschwarzwald, erreicht. Dabei legte er ohne E-Unterstützung 580 km mit seinem 40 kg schweren Radanhänger zurück. Dem 72-jährigen OM geht es gesundheitlich gut. Hans-Gerhard gelang es, den weitaus größten Teil der Strecke permanent mit seinem TH-D74 in APRS aufzuzeichnen. Dabei hat sich der 1200 g schwere 12 V/20-Ah-Lithium-Ionen-Akku sehr bewährt. DK3JB hat zahlreiche Verbindungen in FM und D-Star vom Fahrrad aus getätigt. Durch Ludwigshafen wurde er von mehreren Funkamateuren gelotst und seine Route mitverfolgt. Hans-Gerhard bleibt bis Sonntag in Kappel und radelt danach vorerst an den Bodensee weiter.

And I found out more about the cycling tours between Siegen and Friedrichshafen in Germany via Funk-Fahrradtouren of DK3JB and it is very inspiring to me. There is also an article DK3JB wieder mit dem Fahrrad unterwegs nach Friedrichshafen - funkamateur.de with information about this tour in 2020 (all in German, which I can read but not really write). He has done this tour several years already, I found an article from the June 2008 trip: Mit Fahrrad, Zelft und FTM-10SE durch Süddeutschland (pdf).

After having read a book about cycling through Europe with the Rhine as one possible route, this confirms my earlier thoughts. Combining recumbent cycling, amateur radio and a nice ride through Europe is the direction I'm thinking.

A special feature I realized when working with the CSS grids is that I can change the order in which objects are displayed based on screen width. Or whether they appear at all on small screens.

So now I'm working on stylesheets that change the grid to what works better on a mobile device. Which is what a lot of the visitors to Camp Wireless use!

On a small screen I want the important content to come first. There is not enough space for the extras at the top, and a mobile visitor wants fast answers to the question "where can I find a campsite".