>What needs to change? Why isn't there Ubiquiti all over them mountain
>ranges?
If we could change the demographics of the hobby that would help. But
to attract some younger tech minded folks is a chicken and egg type of
thing. You have to have something first to entice them.
The second problem is regulatory. Data bandwidth issues, content
issues.. all deturants.
How many people even know about the 44net space? Maybe we need to reach out to;
-The broadband-hamnet developers - presently they use 10.X.X.X address space
-VOIP developers, like IRLP, Echolink, and Allstar.
-Hams who run internet servers, like qsl.net, etc
It would probably help to have our own custom firmware or recommended
hardware. I have to admit, I have been doing everything on a
raspberry pi with a usb ethernet dongle for the second port. I
haven't tried to install the custom rip daemon on something like a
WRT54G or ??
Then there is the issue of how to integrate 44net into your home network.
Well, we suck don't we. I got issued my first 44net IP nearly 30 years
ago, and now back after a "break", I find we don't have much.
What needs to change? Why isn't there Ubiquiti all over them mountain
ranges?
There must be more interesting things to do than fix the portal, track down
one stray packet per hour, or checkthat we don't dDOS the internet..gasp...
I'm sorry, but we suck.
Steve ZL1BHD
Folks, if you're running NTPD (Network Time Protocol daemon) on your
AMPRNet hosts or routers, please be sure that the MONLIST command is
disabled. If it is not, your device can be used to attack other
systems on the Internet.
You can test whether your NTP is thus misconfigured with the command
/usr/sbin/ntpdc -n -c monlist
If MONLIST is enabled, you will see a response including any IP addresses
that have made use of your NTP services.
Recommended Action:
NTPD versions prior to 4.2.7 are vulnerable by default; the simplest
recommended course of action is to upgrade all versions of ntpd that are
publically accessible to 4.2.7 or greater. In cases where upgrading is
not possible, disabling the monitor functionality can be accomplished
via the instructions below.
Add the “noquery” directive to the “restrict default” line in
the system’s ntp.conf, as shown below:
restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
The links below describe the activity in more detail as well as possible
solutions.
US CERT Notifiacation:
https://www.us-cert.gov/ncas/alerts/TA14-013ACERT.ORG Message:
http://www.kb.cert.org/vuls/id/348126
Thank you
- Brian
Over the past few weeks, the portal has been subject to several brute force attacks on random usernames. In the past few days some accounts have been compromised because they used weak passwords. The attackers didn't do anything with any of the compromised accounts, it was most likely a script collecting valid usernames & passwords for later use.
As a result I have tightened up security and some accounts will tell you that you need to verify your email address when you try to login. Please follow the link to have the verification email sent to you, then follow the instructions in the email when you receive it.
Due to the enhanced security you will notice a CAPTCHA appears if you get your password wrong a few times, if you continually get your password wrong, the response time for the login process will get longer - this is intentional.
It would help greatly if you could use a strong password, one that is at least 12 characters in length and contains a mixture of letters, numbers and punctuation characters, no "real" words and no "numbers instead of letters", e.g. "numb3r".
Thanks,
Chris
Hello Rob, thanks for your information, I changed to 44.0.0.1 from
169.228.66.251, but dont see here any rip broadcast from this IP, i
waiting if arrive in any moment.
73 de Gabriel.
YV5KXE
YV AmpNet Coordinator
44net-request at hamradio.ucsd.edu wrote:
> Subject:
> [44net] RIP UDP question
> From:
> Gabriel Medinas <gmedinas at gmail.com>
> Date:
> 02/26/2014 05:48 PM
>
> To:
> 44net at hamradio.ucsd.edu
>
>
> Hello all,
>
> I want test to receive the RIP2 broadcast in my JNOS but dont work:
>
> Trace jnos monitor:
>
> (tun0) 169.228.66.251->192.168.2.110 UDP
Don't use that version. Use the one that is from 44.0.0.1 ->
224.0.0.9 instead.
(there are two RIP broadcasts and some time ago Brian already considered to
stop the one from 169.228.66.251 to the public IP adress. This one is sent to
a different portnumber so your jnos probably does not recognize it)
Rob
44net-request(a)hamradio.ucsd.edu wrote:
> Subject:
> [44net] RIP UDP question
> From:
> Gabriel Medinas <gmedinas(a)gmail.com>
> Date:
> 02/26/2014 05:48 PM
>
> To:
> 44net(a)hamradio.ucsd.edu
>
>
> Hello all,
>
> I want test to receive the RIP2 broadcast in my JNOS but dont work:
>
> Trace jnos monitor:
>
> (tun0) 169.228.66.251->192.168.2.110 UDP
Don't use that version. Use the one that is from 44.0.0.1 -> 224.0.0.9 instead.
(there are two RIP broadcasts and some time ago Brian already considered to
stop the one from 169.228.66.251 to the public IP adress. This one is sent to
a different portnumber so your jnos probably does not recognize it)
Rob
Hello all,
I want test to receive the RIP2 broadcast in my JNOS but dont work:
Trace jnos monitor:
(tun0) 169.228.66.251->192.168.2.110 UDP
0000 ........pLaInTeXtpAsSwD.....,.......[yZ.........,.........Y.....
0040 ....,.......E..>........,.......Q.v>........,I@.....2.D>........
0080 ,.@.....[yZ.........,.......[yZ.........,I......2.D>........,...
00c0 ....W...........,...................,........K..........,.......
0100 ............,........&..........,^..................,.......v...
0140 ........,........K..........,........K..........,.......yc......
0180 ....,........K..........,.......^e0.........,........K..........
01c0 ,........K......
(tun0) 192.168.2.110->169.228.66.251 ICMP UnreachablePort
Returned 169.228.66.251->192.168.2.110 UDP
192.168.2.110 is my JNOS IP in LAN (also 44.152.0.60)
169.228.66.251 (amprnetgw-ucsd)
The jnos return a ICMP UnreachablePort, have check firewall, ip
forwading in opensuse 13.1 linux, router and in my autoexec.nos:
ip upstairs 224.0.0.9
rip ttl 43200
start rip
#rip accept 44.0.0.1
rip accept 169.228.66.251
rip trace 9 rip.log
My question, why my jnos said unreachablePort?
Thanks.
Gabriel YV5KXE
Thanks Chris.
Now if there is a problem originating from one of the gateways we know
who to get a hold of.
It may also be desirable if their callsign had a link to method of
contact (email) that is on file for them. But I heard a whois
function is in the works, and I assume that will have something like
that.
Steve
I've been getting absolutely bombarded with dns query frames most of
which come from commercial IPs (that are now blocked) however I'm seeing
some from what appears to be 44/8, but I suspect most of these are
spoofed. There's always the chance someone's been compromised. An
example from wireshark:
72 13.058158 44.96.84.78 44.88.0.9 DNS Standard query A
oitutrxutxx.www.luse7.com
I know this IP is not configured so it must be spoofed (aka: no DNS) and
it doesn't appear to be alive, nor is this the only one from 44/8.
140 35.327781 44.180.172.99 44.88.0.9 DNS Standard query A
ttx.www.luse8.com
595 181.341697 44.219.111.186 44.88.0.9 DNS Standard query A
m.www.luse9.com
I'm sure this is a DNS worm of sorts but it was attacking my MFNOS node
(which does not even have a dns server compiled in it) at the rate of
500,000 frames a minute. While harmless to such, it's still bandwidth
used for nothing.
Has anyone seen these sort of junk dns requests before?
--
73 de Brian Rogers - N1URO
email: <n1uro(a)n1uro.ampr.org>
Web: http://www.n1uro.net/
Ampr1: http://n1uro.ampr.org/
Ampr2: http://nos.n1uro.ampr.org
Linux Amateur Radio Services
axMail-Fax & URONode
AmprNet coordinator for:
Connecticut, Delaware, Maine,
Maryland, Massachusetts,
New Hampshire, Pennsylvania,
Rhode Island, and Vermont.
