***: Travis__ has left
lyarick has left
jcv has quit IRC (Ping timeout: 250 seconds)
jcv has joined #arpnetworks
carvite has quit IRC (Ping timeout: 250 seconds)
carvite has joined #arpnetworks
medum has joined #arpnetworks
pyvpx has quit IRC (Ping timeout: 240 seconds)
pyvpx has joined #arpnetworks
chrismsnz has joined #arpnetworks chrismsnz: Hi guys, I was trying to find an arp networks official position on running Tor exit nodes and thought I would ask here before emailing support mercutio: i think it'd be considered network abuse. chrismsnz: that is unfortunate - i'll email support for an official statement brycec: Not tor specifically, but it's fair to assume a similar stance would be taken http://support.arpnetworks.com/kb/main/do-you-allow-irc-traffic
(I think it's been covered here in IRC before too
) chrismsnz: heh
fair enough - their house their rules brycec: Oh imagine that, I asked that question a couple years back http://irclogger.arpnetworks.com/irclogger_log/arpnetworks?date=2013-12-28,Sat&sel=475#l471
here was the reply chrismsnz http://irclogger.arpnetworks.com/irclogger_log/arpnetworks?date=2013-12-29,Sun&sel=2#l-2 chrismsnz: oh i saw the question, did not see the reply
pretty ruthless on the old banhammer it seems brycec: ARP provides a service, but will take no legal risk on you *shrug*
To be fair, that's relatively consistent among hosting providers mercutio: chris: well it tends to invite ddos's etc.
and can hvae legal ramifications
a lot of people abuse tor nodes. up_the_irons: chrismsnz: what everyone is saying is right mercutio: i mean it's a nice idea for anonymising, but as it happens currently it's mostly people doing illegal etc stuff. brycec: Not to mention even the automated DMCA senders hit the exit nodes, and then someone from $host has to figure out who's responsible, or take on the legal burden of ignoring the notice. mercutio: i tried using tor once, it was so slow chrismsnz: mercutio: if only there were some more exit nodes :D mercutio: chris heh chrismsnz: well, i would take precautions to limit the amount of abuse but it is unreasonable to expect that no strangeness would ever occur mercutio: unless someone with a lot of money is going to set about to setup lots of exit nodes on their own and encourage everyone to use it i can't see it changing. mjp_: seems like a really bad idea mercutio: a few exit nodes here and there won't really fix the problem chrismsnz: up_the_irons: thanks up_the_irons: chrismsnz: we've had customers run exit nodes successfully, as well as VPN services, but the responsibility is really all on you. And if, for example, you get a $10 VPS and I get one complaint, it's hardly even worth it for me. chrismsnz: up_the_irons: would the result of an abuse complaint due to tor traffic result in a nuked server or permanent ban of my account
oh it would be a $150/mo dedi up_the_irons: it somewhat concerns me even more, since a dedi can handle a lot more exit traffic, and thus, far greater chances of illegitimate traffic. chrismsnz: the limiting factor would be my data cap provision, i expect up_the_irons: why not just get a $50 dedi at Hetzner, or OVH, i'm sure they don't even care ;) mercutio: i suspect ovh is where most of them are. chrismsnz: up_the_irons: i was pretty keen to move some personal stuff to a new provider and was looking for openbsd support mercutio: apparently hostgator supprot exit nodes up_the_irons: chrismsnz: I'd be uncomfortable with 10TB of tor exit traffic, to be honest chrismsnz: as well as an exit node
up_the_irons: :O i did not expect that! mercutio: https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs
there's a list here. up_the_irons: chrismsnz: well, you came to the right place for openbsd support :) chrismsnz: i hadn't checked your plans was just my budget up_the_irons: chrismsnz: ah ok chrismsnz: up_the_irons: yeah so basically im looking for a host but don't want all my other legit stuff burned down if someone get snooty about a mean comment left via tor and subs a complaint
i will probably keep them seperated >_< mercutio: yeah keep 'em separated. brycec: As Tor themselves recommend ;) up_the_irons: chrismsnz: ya know, in general, if you want to host personal services and then also do somewhat "questionable" services, I'd recommend just use two different providers chrismsnz: thanks guys up_the_irons: no problem! mercutio: oh wow you're in nz :) chrismsnz: yessir mercutio: well if you can get ufb, you could just run your own tor exit node from home? :) chrismsnz: well i have 200/200 tubes mercutio: cool. chrismsnz: i did consider
but residential isp's probably going to be more trigger happy than the grizzled old colo owners
:D mercutio: interesting.
i'd be more concerned about legal ramifications. chrismsnz: that too mercutio: it's kind of crazy how fast internet in new zealand got
it was only 5 years ago that it was hard to get 10 megabit chrismsnz: and there's no easy way to segregate the tor stuff from my home netwokr too - unlike a multi homed box out on the net up_the_irons: chrismsnz: hey, who you callin' grizzled old colo owners ;) mercutio: i heard snap do /29s for $5 chrismsnz: yeah absolutely mercutio: so you could have diff ip at least. chrismsnz: up_the_irons: i'm abuse@ for my companies netblock... we're pentesters
i know the feels :) up_the_irons: ;) jpalmer: chrismsnz: curious, what do you think about things like cybrary> chrismsnz: jpalmer: never heard of it o_O mnathani_: up_the_irons: gotta love a host with values, morals, ethics RE: [20:56] <@up_the_irons> chrismsnz: I'd be uncomfortable with 10TB of tor exit traffic, to be honest chrismsnz: hmm, is that a criticism? if so I feel it's unfairly made
(of up_the_irons, that is) mnathani_: chrismsnz: it was intended as a compliment
:-)
mercutio: whats a good way to determine how many upstream ISPs my ISP is using? mercutio: bgp.he.net
although it still wouldn't be conclusive
it'll underreport rather than overreport though
what asn is your isp? mnathani_: Origin AS: 5645 mercutio: eww cogent :) mnathani_: few mtr seem to point to level3 and hel.net
he.net
cogent? mercutio: yeah, tata, he.net, level3, cogent, tinet,
i dunno some of these
seems to hvae a lot of level3 though
but mostly he.net for ipv6 mnathani_: they dont provide ipv6 to me mercutio: they might not be doing ipv6 to customers yet mnathani_: gtt also
whats a good ip hosted by cogent? mercutio: my forward route to a random ip is via he.net from here
tinet = gtt meingtsla: c.root-servers.net? mercutio: i'm trying to remember
cogent has a lg
www.cogentco.com ?
it's not on cdn mnathani_: trace to this ip is the only one using cogent upstream: 38.9.52.2
from the few I tested mercutio: that uses cogent for me
do cogent and he not peer with each other?
http://bgp.he.net/AS174#_graph6
oh c.root-servers.net was cogent too
weirdly for me i have level3 -> cogent for that route
other cogent routes is going to cogent directly mnathani_: he.net and cogent do not peer IPv6. Not sure about v4 mercutio: yeah i was looking at v6 for some reason mnathani_: not only do they not peer, they do not have reachability either between each other mercutio: you sure? mnathani_: pretty sure
Ipv6 internet is fragmented
when it comes to cogent and he.net
http://www.cogentco.com/en/network/looking-glass
https://lg.he.net/
quick test will show mercutio: yeh i see
i just did the same
from cogent
why does dns work? :) mnathani_: pretty sad state of affairs
you mean the ipv6 address of c.root? mercutio: lg.he.net
can be resolved by cogent mnathani_: probably v4 lookup? mercutio: oh that'll be v4
yeh
so who's fault is it? mnathani_: cogent wants he.net to pay for IPv6 transit mercutio: but he.net has heaps of ipv6 mnathani_: he.net has a global dual stack backbone and is ready to pper
peer mercutio: so it's cogents fault mnathani_: cogent wants to be an ipv6 tier1 and wants he.net not to have that same status
yea - cogents fault mercutio: they're both tier 2 mnathani_: striving to be ipv6 leaders mercutio: http://bgp.he.net/country/US mnathani_: too bad you cant sort by column
nevermind
you can mercutio: yeh it's sorted reasonably anyway mnathani_: IPv6 isnt mainstream yet, else cogent and he.net would communicate mercutio: this sorting is hell slow mnathani_: over 13,000 routes vs under 3000 from cogent mercutio: well he.net has pushed ipv6 hard for YEARS
basically as a way to get their foot in the door from what i can tell
like they're not trying to make a lot of money, they're trying to make enough, and get netowrko reach and customers mnathani_: source code for that page is like 146,000 lines mercutio: and so it was in their best interests to push v6 BryceBot: That's what she said!! mercutio: chrome came up with the wait/kill thing
i've heard that cogent and he.net are cheap if you want > 1 gigabit
compared to other providers mnathani_: would you say you get what you pay for
in terms of quality mercutio: well i used to hate he.net mnathani_: certainly for cogent mercutio: but i haven't seen any major issues since the new york flooding
where he.net had terrible packet loss between US/EU
but the thing is it was inw orld news
and it wasn't unreachable, just severely degraded.
i think he.net as part of a mix isn't too bad mnathani_: I need someone to come up with a more efficient way to manage chrome tabs mercutio: or if you want to do cheap high bandwidth stuff
i use windows+tabs
at least it gives a bit more order
but yeah i struggle mnathani_: do you mean separate chrome windows? mercutio: yes
as well as tabs mnathani_: or some kind of addon
ahh mercutio: so you can have 8 windows with 8 tabs
and it's easier to find things
cos you group things together a bit
i hardly use any plugins
i'm loving ublock origin though mnathani_: I currently have 73 tabs open
+1 for ublock origin mercutio: did you count?
i dunno how many i have open, and i don't want to have to count them :) mnathani_: I installed toomanytabs mercutio: ahh mnathani_: an addon that aims to manage your tabs mercutio: i probably have more than that
i'm guessing mnathani_: lets you search between them, provides previews etc mercutio: i close them every now and then
but i like being able to go bakc and see what i've been looking at mnathani_: I sometimes declare bankrupcy and close them all mercutio: so i've got a window open about this he.net/cogent thing
actually i have two, one of them was more about cogent vs he.net in the end though mnathani_: are you a tarsnap user? mercutio: nope
hmm i still have window open about ram :)
i'm trying to decide if i should get 3x8gb of 6x4gb for my server mnathani_: upgradeability is nice to have mercutio: yeh you pay for it though mnathani_: go from 24 to 48 in the future
is it ddr3? mercutio: and you can in theory have 9 sticks
yeh
ddr3 registered
it's e5620 cpu, so it only does 1066 mhz mnathani_: what OS do you plan on running mercutio: linux mnathani_: Xen Vms? mercutio: nah kvm
yeah 48gb may be nice sometime
http://www.ebay.com/itm/Lot-of-3-KTH-PL313-8G-KINGSTON-24GB-3x8GB-DDR3-REG-ECC-MEMORY-w-Heatsink-/252116820487?hash=item3ab3556207
watching this atm
there's a lot of ddr2 fbdimms on ebay now mnathani_: do you have any bids on there yet? mercutio: not yet
i prefer to bid late ;)
on ebay lots of people bid in the last couple of seconds though mnathani_: I prefer buy it now sales mercutio: yeh so do i
but it's like $90 or so that way
i suppose it's not that bad
i could just get 6x8 from the get go too mnathani_: what motherboard did you go with? mercutio: it's hp ml330 g6
came with mbd, cpu, ram etc.
for like $80 NZ up_the_irons: mercutio: mnathani_ : bgp.he.net, as well as other ASN reporting services, tend to be really off (under report) mercutio: up_the_irons: yeh it underreports rather than over at least. up_the_irons: yeah mercutio: up_the_irons: is there something better to get an idea though? up_the_irons: mercutio: not sure mnathani_: fire up looking glass? mercutio: mnathani_: you'd nede a looking glass that showed your providers routes though up_the_irons: yeah mercutio: once it gets to another provider you don't get to see all the providers mnathani_: http://pastebin.ca/3196103
that shows 3356,6453,3257,6939,174
not sure which providers those are other than level3 he.net and cogent meingtsla: hm, that prefix is originating from savvis (3561) mercutio: 3356 is level3 i think
6453 is tata
3257 is gtt/tinet/etc. brycec: lol I just noticed the SeaBIOS compile host string, mercutio ;) mercutio: oh i have a fixed version of that actually
it just hasn't been pushed
i mean it's only cosmetic.