All,
I've added a new tool that I'd like you to test. This web application
should provide the registration code required by APRS software suites.
In order to use it, you must browse to:
http://kb3vwg-010.ampr.org/tools/aprscode
or
http://44.60.44.10/tools/aprscode
If you're on AMPRNet, you should be able to enter the callsign and look
up the registration code. If you access it from outside of AMPRNet, you
will be prompted for an access code (1234).
Please let me know how it works
73,
KB3VWG
First, Lynwood thanks for sharing PHP code snippet.
Does anyone know much about google maps?
More than 15 years ago a younger local ham friend of mine wrote some
web based interactive tools for wireless link planning.
Maybe you have run into them:
http://n9zia.ampr.org/
This isn't presently on 44-net. I have just been using the ampr dns
to give it a hostname that has been pointing to my home cable modem
for a long time now. They run horribly slow (same computer for 15
years and slow upload speed)
I'd love to see these tools freshened up a bit to use PHP, and
possibly integrate google maps. Neither the original author, Joe
N9ZIA or myself really have a lot of experience with either. But we
are both surprised someone hasn't already done this.
Just throwing the idea out there for anyone who would like a project,
the code is open under GPL. The tools help promote modern RF network
planning.
After a rewrite perhaps they could be hosted on a 44 IP, and put a
paypal please donate nag screen if you come in from a commercial IP.
The paypal proceeds can go to helping ARDC with Brian's ok.
Steve, KB9MWR
> Warning to 'echo', 'discard' and 'daytime' services too
> since as per the 'chargen' they can otherwise be
> used for some nasty denial-of-service attacks.
This is a frequently encountered problem, stemming either from lazyness or
inexperience.
Do we need a standard ruleset, and documentation to use it, and have this
in the wiki? iptables or iproute2? Does anyone HAVE a working iproute2
setup?
This stuff can be a pain I know - a bit like mowing your lawns, but if you
don't do it, eventually you'll be sorry.
John,
Lol...you know I meant the major /8's that were handed out long ago that, to date, have never signed an agreement with their RIR.
I stand corrected, though, there are Legacy allocations smaller than /8 that exist as well...but they are not listed in RFCs (as fixtures of the 'DARPA Internet').
-KB3VWG
> On Mon, Apr 28, 2014 at 7:00 AM, <44net-request(a)hamradio.ucsd.edu> wrote:
>
> BTW, your emails trigger gmail's spam filter --
I'm surprised any of this weeks' postings got past the spam filter
whatsoever....
Can we get some tech content please, people? Enough of this rules and
politics crap.
You should check to make sure that you have the 'chargen' service
disabled on your hosts, and block it in your routers if you can.
I've already contacted the people whose system was involved in this attack.
- Brian
----- Forwarded message -----
Subject: Exploitable chargen service used for an attack: 44.x.x.x.
It appears that a public "chargen" service on your network, running
on IP address 44.x.x.x, participated in a large-scale attack against a
customer of ours today, generating large UDP responses to spoofed probes
that claimed to be from the attack target.
chargen is an old testing service that generates large quantities of
traffic with only a small request required. It is commonly enabled by
default on old printers and other connected appliances, but it has no
useful purpose over the open internet.
Please block UDP port 19 (inbound and outbound) at your network
edge, as this should stop these chargen attacks without blocking
legitimate traffic. If the endpoint device that generated this traffic
is configurable, please further investigate whether it is running a
chargen service (and disable it, if so) -- commonly exploited devices
include Cisco hardware that has "udp small servers" mistakenly enabled,
old printers, old UNIX boxes with "chargen" running under inetd, and
Windows boxes with the "Simple TCP/IP services" package installed. Also,
it is worth checking if it is a machine that has been compromised, as
some malware directly generates port 19 traffic, simulating chargen,
and in this way masks its presence.
If you are an ISP, please also look at your network configuration and
make sure that you do not allow spoofed traffic (that pretends to be from
external IP addresses) to leave the network. Hosts that allow spoofed
traffic make possible this type of attack.
----- End forwarded message -----
Brian. Can u tell me how. Been having some kind of issues here. Also think my router it sick. Have a new one on way. Buffalo wzr-600dhp running dd-wrt latest .. Non beta..
73 jerry
On Apr 29, 2014 1:34 PM, Brian Kantor <Brian(a)UCSD.Edu> wrote:
>
> (Please trim inclusions from previous messages)
> _______________________________________________
> You should check to make sure that you have the 'chargen' service
> disabled on your hosts, and block it in your routers if you can.
>
> I've already contacted the people whose system was involved in this attack.
> - Brian
>
>
> ----- Forwarded message -----
>
> Subject: Exploitable chargen service used for an attack: 44.x.x.x.
>
> It appears that a public "chargen" service on your network, running
> on IP address 44.x.x.x, participated in a large-scale attack against a
> customer of ours today, generating large UDP responses to spoofed probes
> that claimed to be from the attack target.
>
> chargen is an old testing service that generates large quantities of
> traffic with only a small request required. It is commonly enabled by
> default on old printers and other connected appliances, but it has no
> useful purpose over the open internet.
>
> Please block UDP port 19 (inbound and outbound) at your network
> edge, as this should stop these chargen attacks without blocking
> legitimate traffic. If the endpoint device that generated this traffic
> is configurable, please further investigate whether it is running a
> chargen service (and disable it, if so) -- commonly exploited devices
> include Cisco hardware that has "udp small servers" mistakenly enabled,
> old printers, old UNIX boxes with "chargen" running under inetd, and
> Windows boxes with the "Simple TCP/IP services" package installed. Also,
> it is worth checking if it is a machine that has been compromised, as
> some malware directly generates port 19 traffic, simulating chargen,
> and in this way masks its presence.
>
> If you are an ISP, please also look at your network configuration and
> make sure that you do not allow spoofed traffic (that pretends to be from
> external IP addresses) to leave the network. Hosts that allow spoofed
> traffic make possible this type of attack.
>
> ----- End forwarded message -----
>
> _________________________________________
> 44Net mailing list
> 44Net(a)hamradio.ucsd.edu
> http://hamradio.ucsd.edu/mailman/listinfo/44net
>
