is heartbleed still common in the US? amount of attempts on 443 vs. my entire IP ranges in the UK, am seeing more on my /29 from ARP never assume hackers are good at targetting there's been a general increase of scanning in general though not only malicious aye, i've seen a lot of "research" companies are contributing the the noise just glad when i setup this pfsense that i managed to get it's webui to listen on a port other than 443 else i would have probably got admin/admin owned seems like my bank hates me typical.. i tanked my previous CSR/Key for my ssl i hate revoking up_the_irons: Just saw the new web site, and had to drop by and say congrats. Looks great. anyone have some documentation for port knocking and how I would go about setting that up on a Linux system? Like http://linux.die.net/man/1/knockd ? (There are a handful of promising looking google results) thanks np (and here I didn't think I was being very helpful :p) speaking of port knocking / security. with ipv4 ipsec never really took off for casual use because people's ip's are constantly changing, nat etc.. but i wonder with ipv6 having ipsec policies between ip subnets without any vpn or such will become more popular. I'm getting like 2KB/s from ARP o_o oh wait, just picked up a bit 2k/sec?! it looks normal from here fwiw even using this session for IRC (which is screen'd on an ARP server) is painfully lagged mtr please yeah it's probably the route back to you if it's 2k/sec but it could be either direction mtr in both directions is good :) Yea, looking like its in the middle You might try http://ipv4.speedtest.cobryce.com/index-php.html too which is hosted on ARP. I just ran it and maxed my VPS/ISP's bandwidth. middle can mean it's changing paths too like it returns a good path half way to sending to arp, then hops further along go down a bad path back. i'm getting 20/8 from that installing mtr Well it's better than the 2k/s that pjs was getting :P buut i'm not experiencing issues use mtr-tiny pjs if ubuntu it doesn't have all the gtk dependency crap mercutio, os x oh (I got just under 100mbps down from it, and 12mbps up to my speedtest, which is ARP's and my ISP's limits, respectively) cool. It won't even run for me :) heh my mtr install seems to have died as well (fetching files) hmm pjs: would you mind telling us your ip? probably an issue outside of ARP no doubt but yeah sounds like it could be outside arp Agreed. At least it's probably not limited to just your VPS' host machine or subnet. outages says about verizon dallas routing issues can't see anything else are you using verizon pjs? because my verizon smokeping went off earlier today too I do see a Verizon IP hitting my speedtest (but not starting a test) from 71.96.0.0/11 that's dallas isan't it? well the .1.1 is :) mercutio Yes I am.. FiOS a /11 is pretty big I'm in LA :) pjs: yeh i think it's probably just a verizon issuue then i'm sorrey mercutio: It's the netblock whois returned and I didn't want to get too personal with his IP ;P brycec: understand :) Just my luck.. all good.. whatever it'll probably clear up soon i imagine they're talking about issues in NY on outages@ oh and apparently issues on verizon to level3 and ntt both of which arp use thanks dude! that helps \o/ hooray we're a helpful IRC channel. heh, we usually are brycec weird, i have a few mtr's running and they seem to be burning heaps of cpu for some reason like 2 to 13% cpu each I've seen mtr do that on long-running instances, eventually grinding to a halt too. they probably are long running i have too many shells open again (not even 'R' reset cleans it up) i was just noticing my load average is a bit high hmm, i wonder if i should get my window manager tos how how many shells are open i closed a whole lot, and it's down to 245 on grep for zsh :) one of tehm shifted to 100% cpu and isn't responding is that what you meant brycec? yup it doesn't even respond to ^C I've had exactly that happen oh neither does this one not even ctrl \ works hmm second one did the same ctrl-\ ? that's a new one to me... does a coredump ah, TIL sometimes works when ^C doesn't That's what she said!! down to 23 shells, taht's a bit more reasonable :) who do i pester about having my /48 routed to me? That's what she said!! grody: support@ thanks :) And be sure you understand how to configure it on your end. support@ has no patience for that kind of nonsense that's what she said. :) twss Okay! twss! 'that's what she said. :)' And be sure you understand how to configure it on your end. support@ has no patience for that kind of nonsense twss Okay! twss! 'And be sure you understand how to configure it on your end. support@ has no patience for that kind of nonsense' (at least, that's what the FAQ says) I presume ipv6 /48 brycec, indeed.. i've been playing with IPv6 for quite a while.. just never needed more than the /64 on ARP til now if you have a ipv4 /48... scary /48's are easy The /48 gets routed to a link-local address rather than just being made available on the VLAN. It's quite simple really, but comes as a shock to many. i do have two /32's advertised... it's a &*%^"*! nightmare v4 or v6 /32? heh... v4 /32 is a single address "come talk to me at 2.3.4.5!" brycec, yea.. every IP in the scope simply gets sent to the automagic link-local, my end i choose what /64's i want and via link-local on iface and v6 /32 is ISP-sized subnet grody: it's a static link-local, but you've got the idea. I have something like 5 /48's now (You are fe80::2 and ARP is fe80::1) brycec, yea pfsense (freebsd) is piece of piss for networking :) like teh easiest to get things done impo just wanna experiment with VPN based load-balancing have US/EU/UK IP addresses, but ultimately route to a single server blade you could run an accelerator in different locations grody? well for web stuff what would a v4 /48 even be confusing :) "my ip address is 2.3.4.5.00132' actually port is 2 bytes... of course that's only tcp/udp