#arpnetworks 2010-08-11,Wed

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
***nakano_ is now known as nakano [00:16]
.... (idle for 16mn)
nakano is now known as nakano_ [00:32]
.... (idle for 17mn)
mattx86I've been in a similar situation with our upstream at work
not fun, to say the least
[00:49]
.... (idle for 18mn)
***schmir has joined #arpnetworks [01:08]
...... (idle for 28mn)
nakano_ is now known as nakano [01:36]
.......... (idle for 48mn)
schmir has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks
[02:24]
.................. (idle for 1h29mn)
schmir has quit IRC (Ping timeout: 240 seconds) [03:55]
.......... (idle for 45mn)
baklava has joined #arpnetworks [04:40]
............. (idle for 1h3mn)
schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
[05:43]
........ (idle for 38mn)
schmir has joined #arpnetworks [06:23]
awyeahmornin' [06:24]
infraredhi [06:29]
***schmir has quit IRC (Ping timeout: 246 seconds) [06:29]
schmir has joined #arpnetworks [06:36]
..... (idle for 24mn)
schmir has quit IRC (Ping timeout: 265 seconds) [07:00]
................................... (idle for 2h52mn)
jdoemattx86: yeah, same situation. [09:52]
phluxheh, my arpnetworks vps is one of the most stable servers I've ever ran
[phlux@bryant ~]$ uptime
9:58AM up 188 days, 8:14, 1 user, load averages: 0.00, 0.02, 0.00
been up since the day I bought it
[10:00]
..... (idle for 21mn)
mhoranSo much for security patches. :)
mhoran now knows who to exploit.
[10:22]
....... (idle for 32mn)
RandalSchwartzthere aren't any remote holes in that period, are there?
just some local escalations
[10:54]
has anyone here installed freebsd using the DVD and sysinstall, as opposed to a ZFS install which I've done a lot of?
I'm actually trying to install it into virtualbox
but it seems to error, and I have no idea what I did wrong
[11:04]
***nesta_ has joined #arpnetworks
nesta has quit IRC (Read error: Operation timed out)
[11:08]
mtve has quit IRC (Ping timeout: 265 seconds) [11:17]
mtve has joined #arpnetworks [11:22]
cedwardsRandalSchwartz: my experience with sysinstall is, if you ever need to "go back" or redo something, you're better off restarting. [11:24]
RandalSchwartzAhh! I was missing the step of "committing" on the final menu
so of course it said "there are errors"
it never wrote to the disk :)
I like that it err'ed on the side of "doing nothing"
but that still seemed a bit silly
[11:28]
***`nh has quit IRC (Quit: Changing server)
`nh has joined #arpnetworks
[11:33]
nesta has joined #arpnetworks
nesta_ has quit IRC (Read error: Operation timed out)
[11:46]
RandalSchwartzHmm. that still installed a non-bootable system. :( [11:47]
awyeahbrb. [11:51]
***awyeah has quit IRC (Quit: Reconnecting)
awyeah has joined #arpnetworks
[11:51]
awyeahHooray, reverse DNS is up and running.
RandalSchwartz - know what it was? Twisted4life was returning garbage.
Switched my secondaries all over to he.net - and voila.
and - up_the_irons - thanks for putting up with my crap ;)
[11:52]
RandalSchwartzcool [11:58]
.... (idle for 19mn)
***mtve has quit IRC (Ping timeout: 265 seconds) [12:17]
awyeahawyeah is now an IPv6 guru, apparently.
woot. Now I'm a sage.
no more tests for today.
[12:28]
RandalSchwartzI'm a sage, but I deliberately stopped at 1024 points.
The only reason to continue is to show that you know how to write a script that submits it daily :)
[12:31]
.... (idle for 15mn)
cedwardsman I love puppet [12:46]
............... (idle for 1h10mn)
***nakano is now known as nakano_ [13:56]
awyeahReally? The question "What is a registry?" is on the sage technical test? [14:05]
Also
There are really less than 3,000 IPv6 nameservers in existence?
[14:10]
RandalSchwartzwhere's that from? [14:11]
awyeahThe HE stats widget [14:15]
RandalSchwartzhow do you figure?
that's glue. I have many domains that have no need for glue
[14:16]
bob^^me too, i'm very careful not to drop them
;)
[14:17]
RandalSchwartzand yet are v6 enabled
for example, geekcruises.com is served by insightcruises.com, and has no need for glue to get to it
[14:17]
***mtve has joined #arpnetworks [14:23]
....... (idle for 34mn)
nakano_ is now known as nakano [14:57]
.................. (idle for 1h29mn)
dj_goku has joined #arpnetworks [16:26]
dj_gokuanyone having issues connecting to port 22 on there VPS?
weird. works on my phone, not laptop. same connection to the web.
even weirder, opened a new terminal and it worked.
[16:26]
up_the_ironsdj_goku: you probably hit the ssh syn rate limit. more than 10 per minute, and you're locked out until the rate goes down
thwarts dictionary attacks
[16:44]
.... (idle for 16mn)
RandalSchwartzthe real WTF is "you still run ssh on 22"? :)
I guess you like very full security logs
I moved neil's ssh to 2222, and mine is on 443 so I can tunnel to it from behind a HTTP firewall
[17:01]
.......... (idle for 49mn)
awyeahup_the_irons - that rate limit - you do that on your end? [17:51]
up_the_ironsawyeah: yeah [17:51]
awyeahCool. That's why I only see so many at a time in my log. [17:52]
RandalSchwartzit's typically a function of either ssh directly [17:52]
awyeahAlthough I do have fail2ban set up with a lower rate limit [17:52]
RandalSchwartzoh wait, is ARP doing that too? [17:52]
awyeah3 per hour ;)
er
3 per 10 minutes, and you're pf block'd for an hour
[17:52]
RandalSchwartzcould lead to DOS
I generally don't do that
[17:53]
cedwardscedwards should learn how to rate limit with pf. [17:53]
awyeahI have two exceptions :)
Also, I have out-of-band access to the system thanks to ARP
Which reminds me, I also need to get my ssh key over to them.
[17:53]
RandalSchwartzhaving an argument on my twitter feed about what FLOSS means.
as if doing the show "FLOSS Weekly" doesn't already make me an authority. :)
[17:55]
awyeahup_the_irons - do you block a single IP on that DoS or do you block it for everyone?
randal: That reminds me, I need to resubscribe to the podcast.
You guys do interesting topics from time to time.
[17:55]
up_the_ironsawyeah: single IP, the source IP of the DoS [17:56]
awyeahgot it
So you actually give a hoot about security, that's nice.
[17:56]
up_the_ironswell, it's in my best interest, right? ;) [17:57]
RandalSchwartzunless spoofed :) [17:57]
awyeahTrue, although you'd be surprised at the horror stories I hear.
For example, I could be using GoDaddy as my hosting provider.
[17:57]
RandalSchwartzand you'd be evil
twit.hover.com :)
*the* way to register
[17:58]
.... (idle for 17mn)
awyeahheh [18:15]
.... (idle for 19mn)
dj_gokuRandalSchwartz: I like 443 too :D [18:34]
...... (idle for 25mn)
***dj_goku_ has joined #arpnetworks
dj_goku has quit IRC (Read error: Connection reset by peer)
dj_goku_ is now known as dj_goku
[18:59]
dj_goku has quit IRC (Quit: dj_goku) [19:06]
........................ (idle for 1h57mn)
ziyourenxiang has joined #arpnetworks
ziyourenxiang_ has joined #arpnetworks
ziyourenxiang has quit IRC (Ping timeout: 248 seconds)
ziyourenxiang_ is now known as ziyourenxiang
[21:03]
............. (idle for 1h4mn)
ziyourenxiang has quit IRC (Quit: ziyourenxiang) [22:13]
.... (idle for 18mn)
heavysixer has quit IRC (Ping timeout: 245 seconds)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[22:31]
........ (idle for 37mn)
yekoms has quit IRC (Read error: Connection reset by peer)
smokey has joined #arpnetworks
[23:09]
smokey_ has joined #arpnetworks
smokey has quit IRC (Ping timeout: 240 seconds)
[23:16]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)