I've been in a similar situation with our upstream at work
not fun, to say the least
mornin'
hi
mattx86: yeah, same situation.
heh, my arpnetworks vps is one of the most stable servers I've ever ran
[phlux@bryant ~]$ uptime
 9:58AM  up 188 days,  8:14, 1 user, load averages: 0.00, 0.02, 0.00
been up since the day I bought it
So much for security patches. :)
there aren't any remote holes in that period, are there?
just some local escalations
has anyone here installed freebsd using the DVD and sysinstall, as opposed to a ZFS install which I've done a lot of?
I'm actually trying to install it into virtualbox
but it seems to error, and I have no idea what I did wrong
RandalSchwartz: my experience with sysinstall is, if you ever need to "go back" or redo something, you're better off restarting.
Ahh!  I was missing the step of "committing" on the final menu
so of course it said "there are errors"
it never wrote to the disk :)
I like that it err'ed on the side of "doing nothing"
but that still seemed a bit silly
Hmm.  that still installed a non-bootable system. :(
brb.
Hooray, reverse DNS is up and running.
RandalSchwartz - know what it was? Twisted4life was returning garbage.
Switched my secondaries all over to he.net - and voila.
and - up_the_irons - thanks for putting up with my crap ;)
cool
woot. Now I'm a sage.
no more tests for today.
I'm a sage, but I deliberately stopped at 1024 points.
The only reason to continue is to show that you know how to write a script that submits it daily :)
man I love puppet
Really?  The question "What is a registry?" is on the sage technical test?
Also
There are really less than 3,000 IPv6 nameservers in existence?
where's that from?
The HE stats widget
how do you figure?
that's glue.  I have many domains that have no need for glue
me too, i'm very careful not to drop them
;)
and yet are v6 enabled
for example, geekcruises.com is served by insightcruises.com, and has no need for glue to get to it
anyone having issues connecting to port 22 on there VPS?
weird. works on my phone, not laptop. same connection to the web.
even weirder, opened a new terminal and it worked.
dj_goku: you probably hit the ssh syn rate limit.  more than 10 per minute, and you're locked out until the rate goes down
thwarts dictionary attacks
the real WTF is "you still run ssh on 22"? :)
I guess you like very full security logs
I moved neil's ssh to 2222, and mine is on 443 so I can tunnel to it from behind a HTTP firewall
up_the_irons - that rate limit - you do that on your end?
awyeah: yeah
Cool. That's why I only see so many at a time in my log.
it's typically a function of either ssh directly
Although I do have fail2ban set up with a lower rate limit
oh wait, is ARP doing that too?
3 per hour ;)
er
3 per 10 minutes, and you're pf block'd for an hour
could lead to DOS
I generally don't do that
I have two exceptions :)
Also, I have out-of-band access to the system thanks to ARP
Which reminds me, I also need to get my ssh key over to them.
having an argument on my twitter feed about what FLOSS means.
as if doing the show "FLOSS Weekly" doesn't already make me an authority. :)
up_the_irons - do you block a single IP on that DoS or do you block it for everyone?
randal: That reminds me, I need to resubscribe to the podcast.
You guys do interesting topics from time to time.
awyeah: single IP, the source IP of the DoS
got it
So you actually give a hoot about security, that's nice.
well, it's in my best interest, right? ;)
unless spoofed :)
True, although you'd be surprised at the horror stories I hear.
For example, I could be using GoDaddy as my hosting provider.
and you'd be evil
twit.hover.com :)
*the* way to register
heh
RandalSchwartz: I like 443 too :D