Did you know that KPN's radius server will ignore your logins for 2 hours if you rapidly try logging in to it ?

We came across this problem when we had some bogus login information supplied by a customers provider (XS4ALL) and a Cisco SOHO series router. The Cisco just tries to login constantly if it can't succeed at once. For some reason the KPN radius servers gives the finger to the connection after 40 times (about 2.5 minutes of cisco logins) and will ignore your cisco for about 2 hours.

Very annoying especially if most DSL providers in the Netherlands don't know about this information. So here it is ISPs learn from it!

Hi There,

The site was down this night because we had an DDOS attack that was aimed at another machine behind the same link that polaris is running on. This was between 00:00 and 01:00. This issue has now been resolved and we hope it won't happen again.

Then again at approximately 15:00 disaster struck again. Due to some unforeseen problems during an scheduled maintenance to replace a broken UPS we had some issues on the router which caused polaris to remain unconnected to the internet for approx 45 minutes. This issue has also been resolved. However I don't trust MGE's Pulsar Evolution 1500 UPS's anymore. Under load they seem to fall down. Maybe it's time to connect the MGE's Comet S11 UPS's we have bought a couple of months ago for use in the Sittard colo (UPDATE 19-04-2004:They are in use now. pictures!).

Ohw, btw It seems I've won the ISP Kart Competitie APC Lasergame Compo. 1st , 2nd and 3rd place because of no-shows! Thanks dave for organizing such a nice event. For more coverage about the competition I refer to Kirstens Elog (dutch).

Here are some Cisco IOS releases available for download for devices which I use at home:

Cisco SOHO 91

• 12.2(8)YN - K9OY6-MZ


• 12.3(4)T2 - K9OY6-MZ


• 12.3(7)T - K9OY6-MZ

Cisco Catalyst 2924XL

• 12.0(5)WC5 - C3H2S-MZ

Slashdot tells me the following: A new Internet worm wriggled across the entire Internet in the span of a few hours Saturday morning to all computers running several recent versions of firewall software from Internet Security Systems, including BlackICE and RealSecure, according to this story at Washingtonpost.com. The flaw that Witty exploited was discovered Wednesday by eEye Digital Security. The worm overwrites data on the first few sectors of the victim's hard drive, making the machine virtually ubootable and potentially destroying much - if not all - of the victim's data.

Isn't that nice... Install a firewall package on your Windows PC to make it more secure and actually open it up to the world. Pretty disturbing actually that all these worms and viruses are targeted against Windows. Linux and Mac have way less problems like these, but probably if we would all switch to these platforms the viruses will also switch. So the argument to use Linux or Mac is little futile. However using a Mac or a UNIX system will make the world a better place :) They are way better operating systems in many facets.

I'm not anti-windows, i'm just PRO-UNIX.

This weblog was intended primarily to have an easy way to type my documents and to make them searchable commentable etc..

After looking at my webservers webstatistics, I saw some search requests for Cisco password recovery techniques. Well then let's explain it here for everyone to read:

1) Attach a console cable to the Cisco
2) Reboot the Cisco
3) When the Cisco shows the first sign of life start sending it breaks (that's ctrl-F in minicom)
4) type confreg 0x2142
5) type reset
6) ... Cisco boots .... zZzZzZ ....
7) Enter no at the first question
8) voila a configless Cisco
9) now get into enable mode (but do NOT type conf term)
10) type copy startup running
11) voila a running cisco with full config in ENABLE mode
12) do your password changing stuff
13) type write mem
14) type config-register 0x2102 in configure mode
15) type reload

That was quite easy huh :)

This guide will grant you ACCESS to an enable prompt on a running router. It will NOT recover the actual password!

When I was at Jeroen's birthday this weekend something I have been thinking about lately plopped into my mind:

A lot of geek-friends of mine keep their computers in their living room or in their bed room. I find this rather annoying. I also have my computers in my bed room, but that is because I still live at my parents.

The ideal setup for me would be wireless in the bed room, wireless + wall-outlets in the living room and a dedicated computer room where all the computers are stashed.

Kirsten seems to agree with me. She also has her computers in her bed room, but as a student with a single room that's the only possible way to do it :)

Oh, iKriz's pictures of the party have a nice and interesting ending. iKriz and Hepp spotted a NS travelinfo board showing a nice Award BIOS bootup screen at Schiphol Airport! Somebody forgot to plugin the floppy cable! *grin*

After being not following webcomics for a long time today. I once again looked back at Little Gamers... Damn this webcomic is sooo cool... One of my other favorite webcomics is Sexy Losers, but hey I'm at Kirstens school at this moment.. So watching that webcomic is a little bit akward.

UserFriendly also stays a popular webcomic that Kirsten and I both like a lot. The UFie books are most welcome here ;)

UPDATE: 07-04-2004: added sexylosers URL

Kirsten pasted this link in a query with me. It's about a possible expansion to the Harry Potter book serie beyond the 7 planned ones...... (more)

After reading about Windows 2000 scheduled jobs on Peter's blog. I also wanted to state something about this.

We use scheduled jobs on Windows 2000 Server at approximately 150 customer servers. Sometimes customers change their administrator passwords, but forget or don't know about the scheduled jobs. Luckily we don't run backups from the scheduled jobs. We only use them for anti-virus updates, to check if all services are running etc...

Still it's a pain in the ass if we get complaints about servers getting infected with viruses or if some service doesn't work because the service checker didn't run.

Also the point that Peter makes is very valid. Where does Windows save these passwords ? If they are stored somewhere they hell can be recovered. Even if it's only a password hash.

Polaris has been renumbered with only 5 minutes of downtime. DNS TTL's at 60 seconds and a manageable switch made this all possible remotely :)

The only problem I encountered was that my Cisco SOHO 91 router's dns caching mechanism still didn't let the entries expire. And there is no such clear dns cache command on it. Probably a reload will fix it. But I don't feel for that right now :)

Atleast we are back online in our own /26! 62.133.205.0/26!

I Just read the following on Slashdot:

According to USATODAY.com, the iPod mini is virtually sold out after two weeks. As we know, it had 100,000 on pre-order. It's the top seller at the Apple Store, where they advise people that there will be a one to three week wait. And it isn't a component shortage that's causing the delays. It's the huge demand amongst teens (for the colors) and athletes who like exercising with the ultralight device. While many here on /. felt that the mini was overpriced and pointed out that for $50 extra, you could buy a regular iPod with 15GB of storage instead of the 4 GB of the mini, Apple seems to have correctly identified the price point and the market they were going after. The space has become so hot that Creative's MuVo2 has also been selling well, but also for a slightly different reason. The MuVo2, which also has 4 GB of capacity, uses a CompactFlash card (which can be used in a digital camera). People have been buying the MP3 player and taking it apart for the card, which would cost more than the $200 dollars for the MuVo2.

Hopefully the Mini iPod will be available for distribution in April/May in the Netherlands as I really want to get my hands on one :)

Polaris (the webserver running this site) will be renumbered tomorrow to a new IP address and range. Polaris it's main ip address will change from 62.133.203.253 to 62.133.205.2

The reason for this renumbering is that polaris will get it's own vlan and ip range. To make it easier to migrate it from sittard to other locations. Also there will be more ip addresses purely available for polaris.

The IP plan at the moment is

62.133.205.2 - polaris.oisec.net
62.133.205.3 - oisec.net (websites)
62.133.205.4 - geekgrrrl.org (irc vhost)

Downtime will be around 14:00 CET tomorrow Saturday March 6. Renumbering will take around 15 minutes including reboot of the machine. DNS entries have been moved to have a low TTL (600 seconds) and will be also migrated at the same time.

I just read the following on Slashdot:

A terse press release from LucasArts, the creator of classic adventure games such as Grim Fandango and the Monkey Island series, reveals that development on Sam & Max: Freelance Police, the planned sequel to Sam & Max Hit the Road, has stopped. Says LucasArts exec Mike Nelson, 'After careful evaluation of current market place realities and underlying economic considerations, we've decided that this was not the appropriate time to launch a graphic adventure on the PC.'" The International House Of Mojo fansite has some editorial comments on this move, the second Sam & Max game cancellation in recent years, lamenting: "LucasArts has made a gigantic mistake."

As a real Sam & Max fan (bought the first Sam & Max game) this is a real shame. The wicked comedy in Sam & Max was always really funny and the great LucasArts adventure style made this a great game! Sorry to see you guys go!

I saw some search request for the BU-303 GPS in my logs. And yes I had some information about it on my site. So here it is again :)

The BU-303 is shipped by two companies so far as I know. They are Deluo and NaviLock. They cost about 90 euro's in the Netherlands and are available from any retailshop that get's their stuff from JavoCom (more)