[00:33] *** dxtr has quit IRC (Quit: Lost terminal)
[01:15] <ideas1> thanks hubpub
[01:57] <ideas1> does everything install from source in freebsd?
[01:57] <ideas1> apache is taking forever
[02:01] <jlgaddis> you can install from packages
[02:01] <jlgaddis> e.g. "pkg_add -r apache22"
[02:01] <jlgaddis> but as a general rule, yes
[02:02] <ideas1> thanks
[02:03] <ideas1> is adding packages via pkg_add frowned upon?
[02:04] <jlgaddis> no, but you just get it however it was compiled, which could be without certain options that you may need
[02:04] <jlgaddis> from source is always the best option, imo
[02:05] <ideas1> sounds like im going to be spending a ton of time reading lol
[02:05] <jlgaddis> bookmark:  freebsd.org/doc/handbook/  =)
[02:06] <jlgaddis> 90% of what you need/want to know is there
[02:06] <ideas1> thank you
[02:14] *** robotarmy has quit IRC (Ping timeout: 265 seconds)
[02:22] <jlgaddis> also, #freebsd  =)
[04:50] *** nesta has quit IRC (Quit: poit!)
[05:16] *** nesta has joined #arpnetworks
[05:18] *** ziyourenxiang has joined #arpnetworks
[06:16] *** ziyourenxiang has quit IRC (Quit: ziyourenxiang)
[07:07] *** fink has joined #arpnetworks
[07:20] *** fink has quit IRC (Ping timeout: 265 seconds)
[07:25] *** fink has joined #arpnetworks
[08:59] *** heavysixer has joined #arpnetworks
[08:59] *** ChanServ sets mode: +o heavysixer
[09:05] *** heavysixer has quit IRC (Ping timeout: 276 seconds)
[09:05] *** phlux has joined #arpnetworks
[09:05] <phlux> Anyone else having rDNS problems?
[09:06] *** heavysixer has joined #arpnetworks
[09:06] *** ChanServ sets mode: +o heavysixer
[09:08] *** heavysixer has quit IRC (Client Quit)
[09:11] *** robotarmy has joined #arpnetworks
[09:34] <jpalmer> phlux: what kind of problems?
[09:35] <jpalmer> phlux: judging from the IP you joined with,  it appears as though ARP is delegating your ip6-arpa to ns1 and ns2.dragonzkeep.com
[09:36] <jpalmer> upon further troubleshooting,  I see:  dig: couldn't get address for 'ns1.dragonzkeep.com': not found
[09:36] <jpalmer> it looks like your 2 NS's are having issues.
[09:38] <jpalmer> and upon further troubleshooting:   dragonzkeep.com is expired.  Expiration date: 14 Nov 2010 09:11:39
[09:38] <phlux> I have my DNS delegated to my own NS servers
[09:39] <jpalmer> you can either pay for the domain renewal,  move the delegation to 2 NS's that work, or let ARP handle PTR
[09:39] <phlux> However, as far as I know, arp is still in charge of the rDNS
[09:39] <phlux> I don't even know what dragonzkeep.com is :P
[09:39] <phlux> but my ipv6 isn't what's in question
[09:39] <phlux> It my mail server
[09:40] <phlux> the IP is 206.125.169.130
[09:40] <jpalmer> ok,  then I'm troubleshooting a problem you don't have.  which IP specifically are you concerned with?
[09:40] <jpalmer> ok
[09:40] <jpalmer> dragonzkeep.com are the NS's responsible for the rDNS for the IPv6 address you just joined with, btw.
[09:40] <phlux> weird
[09:41] <jpalmer> $ dig -x 206.125.169.130 +short
[09:41] <jpalmer> mail.ewnix.net.
[09:41] <jpalmer> seems to be working.  what issues are you seeing?
[09:42] <phlux> Well, I keep getting e-mails kicked back because the rDNS/DNS is supposedly set up incorrectly
[09:42] <jpalmer> (just a headsup,  I ave to leave soon to get fitted for a tux.)
[09:43] <phlux> For instance, craigslist shoots the following:
[09:43] <phlux>  <unknown[206.125.169.134]>: Client host rejected:
[09:43] <phlux>     rDNS/DNS_validation_failed._Please_setup_matching_DNS_and_rDNS_records:_http://www.craigslist.org/about/help/rdns_failure
[09:43] <phlux>     xabd-4 (in reply to RCPT TO command)
[09:43] <phlux> If I do a DNS Report from a website, I get rDNS failures for mail.ewnix.net
[09:45] <jpalmer> the A and PTR records seem to match.   is it just craigslist kicking an error?  or others too?  (it's possible the craigslist mailserver is having some DNS flakiness)
[09:45] <phlux> Others...for example, my Dad has an AOL e-mail address (STILL...) and he can't receive e-mails from my domain.
[09:45] <phlux> My stuff gets kicked into spam for gmail/yahoo because of it
[09:45] <jpalmer> ok,  which website are you doing the DNS report from,  let me see what it says
[09:45] <phlux> It's really becoming a nuisance
[09:46] <phlux> I've tried several, actually. dnscolos.com, thednsreport.com, intodns.com
[09:52] <jpalmer> according to thednsreport.com,  ns3 and ns4.ewnix.net are reporting lame delegations.  (IE your NS doesn't know about that domain)  but when queried directly, it does.
[09:53] <jpalmer> phlux: I have to run, and get fitted for my wedding.  I'll be back in a couple hours if you haven't figured this out.    the guys in #bind may be able to help in the meantime.
[09:54] <phlux> aye, thanks.
[09:54] <jpalmer> np.  if it helps,  the problem appears to be on the ewnix.net side,  not on the arp side.  but when I get back,  I can look into it further.
[10:02] *** fink has quit IRC (Ping timeout: 255 seconds)
[10:22] *** fink has joined #arpnetworks
[10:48] <ideas1> when i bring up the console i get a [no, customer is attached] any idea?
[10:48] <ideas1> i think i may have "firewalled" my self out
[10:49] <ideas1> it happend after i had locked my self out of by using pf from allow traffic from sms0 to em0
[10:57] *** fink has quit IRC (Read error: Connection reset by peer)
[10:57] *** fink has joined #arpnetworks
[12:58] *** koan_ has joined #arpnetworks
[13:02] *** koan has quit IRC (Ping timeout: 264 seconds)
[13:02] *** coobra has quit IRC (Ping timeout: 264 seconds)
[13:02] *** coobra has joined #arpnetworks
[13:02] *** coobra has quit IRC (Changing host)
[13:02] *** coobra has joined #arpnetworks
[13:06] *** fink has quit IRC (Quit: fink)
[13:13] *** merky has quit IRC (Read error: Operation timed out)
[13:16] *** merky has joined #arpnetworks
[13:21] *** dxtr has joined #arpnetworks
[13:34] *** jlgaddis_ has joined #arpnetworks
[13:36] *** jlgaddis has quit IRC (Ping timeout: 264 seconds)
[13:56] <jpalmer> phlux: ping
[13:59] <phlux> hey, jpalmer
[14:03] <jpalmer> did you get your DNS issue figured out?
[14:03] *** jlgaddis_ is now known as jlgaddis
[14:07] <phlux> Unfortunately, I haven't been able to look farther into it yet.
[14:13] <jpalmer> ok, well.. let me know.
[16:03] *** schmir has joined #arpnetworks
[16:06] *** schmir has quit IRC (Remote host closed the connection)
[18:26] *** heavysixer has joined #arpnetworks
[18:26] *** ChanServ sets mode: +o heavysixer
[19:05] *** mattx86 has joined #arpnetworks
[20:40] *** htols has joined #arpnetworks
[20:40] <htols> is anyone who handles abuse available?
[20:58] <RandalSchwartz> I often handle abuse, but not for arp
[20:58] <RandalSchwartz> is there something odd going on?
[21:00] * jlgaddis beats RandalSchwartz with the python book
[21:01] <RandalSchwartz> as long as you indent it properly. :)
[21:05] <htols> it's related to abuse going on from arpnetworks network block
[21:06] <RandalSchwartz> clarify
[21:06] <RandalSchwartz> what kind of absue?
[21:06] <RandalSchwartz> abuse
[21:06] <htols> are you an employee of arpnetworks?
[21:06] <RandalSchwartz> and the proper channel to report that is email to support@arpnetworks.com
[21:06] <htols> not abuse@arpnetworks.com?
[21:06] <RandalSchwartz> maybe that too
[21:06] <RandalSchwartz> probably goes to the same place
[21:07] <RandalSchwartz> what kind of abuse?
[21:07] <htols> that's where I sent it
[21:07] <htols> I can't say here
[21:07] <RandalSchwartz> why not?
[21:07] <RandalSchwartz> IRC?
[21:07] <RandalSchwartz> spam?
[21:07] <RandalSchwartz> wtf
[21:07] <mike-burns> Email support@ and up_the_irons will take care of it ASAP.
[21:07] <htols> if you're not an employee it doesn't concern you
[21:08] <RandalSchwartz> yes, it does indeed concern me
[21:08] <htols> mike-burns: thanks
[21:08] <RandalSchwartz> I promote ARP to others
[21:08] <RandalSchwartz> if ARP is a haven of bad guys, *I* need to know
[21:08] <htols> I hope it's not
[21:08] <RandalSchwartz> then explain
[21:08] <RandalSchwartz> so I know the scope
[21:09] <htols> if the ARP handles it there's no need to make it public
[21:09] <RandalSchwartz> uh, this isn't public
[21:09] <RandalSchwartz> this is locals
[21:09] <htols> bad apples do get onto networks. it's companies that don't remove them that become havens
[21:09] <RandalSchwartz> friends
[21:09] <RandalSchwartz> the very people who are most interested
[21:09] <RandalSchwartz> the people that are helping *others* here
[21:12] * RandalSchwartz hates dealing with 19-year-olds
[21:12] <RandalSchwartz> eventually, they'll mellow out, but at 19, they're very "I have the world figured out"
[21:13] <mike-burns> He's probably not 19 and just didn't want to argue with you about whether the subject at hand was abuse.
[21:13] <RandalSchwartz> I wasn't gonna argue whether it was
[21:13] <RandalSchwartz> just wanted to know the realm
[21:14] <RandalSchwartz> lots of IRC kiddies recently
[21:14] <RandalSchwartz> wondered if it was that
[21:14] <RandalSchwartz> and he's almost certainly 19
[21:14] <RandalSchwartz> "htols is sloth @ college"
[21:14] <RandalSchwartz> that's a 19-year-old handle trick
[21:14] <mike-burns> Could be 21.
[21:14] <RandalSchwartz> nope
[21:14] <RandalSchwartz> 21 they get a cooler nick :)
[21:14] <mike-burns> Heh.
[21:14] <htols> actually it's post graduate security research going on from this server
[21:15] <htols> but not mine, just have a shell here
[21:15] <RandalSchwartz> which doesn't yet disclose your age. :)
[21:15] <RandalSchwartz> you could still be 19
[21:15] <RandalSchwartz> nice play
[21:16] <mike-burns> I'm going to assume that htols is a very mature 19 year old and RandalSchwartz is a very immature 49 year old.
[21:16] <RandalSchwartz> I've never claimed maturity, so that's irrelevant
[21:16] <RandalSchwartz> I'm just callin' em like I see 'em
[21:17] <RandalSchwartz> and lack of denial from "htols" confirms my claims
[21:17] <RandalSchwartz> an excitable 19-year-old
[21:17] * jlgaddis yawns
[21:17] <RandalSchwartz> probably blowing a bunch of stuff out of proportion
[21:18] <RandalSchwartz> some random IRC script kiddies who have been parking on ARP for a few weeks now
[21:18] <RandalSchwartz> messing up my IP traffic
[21:18] <mike-burns> Yeah I gotta go do something interesting.
[21:18] <jlgaddis> ditto
[21:18] <htols> sorry but I'm dealing with multiple ISPs right now. No time to argue about my age with you right now
[21:19] <jlgaddis> htols: student or staff?
[21:19] <jpalmer> htols: up_the_irons is the one who will handle your ticket,  but from the logs you posted,  it appears to be some kind of ftp transfer or similar.   are you *sure* this wasn't legit traffic?
[21:19] <htols> neither, just have a shell here
[21:19] <RandalSchwartz> just ftp!?
[21:19] * RandalSchwartz sighs
[21:19] * RandalSchwartz grumbles "excitable 19-year-old"
[21:19] <htols> jpalmer: right, 100mb/s of FTP
[21:20] <jpalmer> RandalSchwartz: I don't know the full story,   so I'd recommend not jumping to conclusions ;)
[21:20] <htols> UDP FTP no less
[21:20] <RandalSchwartz> ftp isn't over udp
[21:20] * RandalSchwartz consults the RFC
[21:20] <htols> wow, you're the smart one
[21:20] <jpalmer> hence "or similar"   it was all destined to a single port.
[21:20] <htols> it wasn't
[21:20] <jpalmer> most DoS's,   or DDoS's Ive seen, randomize.
[21:20] <htols> random port, dest and size
[21:20] <RandalSchwartz> there was that crappy "pseudo-ftp" thingy for a while, over udp
[21:21] <htols> source port was the same
[21:21] <RandalSchwartz> but I knew it was only for bad guys
[21:21] <RandalSchwartz> fsp, that was it
[21:21] <RandalSchwartz> "to make ftp work better"
[21:21] <RandalSchwartz> yeah right
[21:21] <htols> jpalmer, are you staff for ARP?
[21:22] <RandalSchwartz> jpalmer is an insider, yes.
[21:22] <RandalSchwartz> since you seem to want authority, instead of common sense.
[21:22] <jpalmer> htols: I see it now,  I was reading the logs backwards.  the destination port is randomized.
[21:24] <jpalmer> htols: I don't have the authority or the access to dig into this matter,  that'll be up to Garry.   I just wanted to verify that this was some misunderstood legit traffic.
[21:25] <RandalSchwartz> s/was/wasn't/
[21:26] <jpalmer> heh.   amazing how 3 characters can change an entire meaning, eh?
[21:26] <jlgaddis> heh, one character is the difference between "Let's eat grandma" and "Let's eat, grandma"
[21:27] <jlgaddis> "I helped my uncle, Jack, off a horse" vs ... well, you know.
[21:28] <jlgaddis> ahhh, patch cluster is finally done installing.
[21:29] <jpalmer> ok, calling it a night.  later guys
[21:29] *** htols has quit IRC (Quit: leaving)
[21:29] <RandalSchwartz> my girl, bill
[21:30] <RandalSchwartz> still betting on 19
[21:30] <RandalSchwartz> seemed brash enough
[21:32] <phlux> Someome was hitting someone else at 100mb/s from an arp vps?
[21:32] <phlux> Wow
[21:32] <RandalSchwartz> I've done that to my oversee.net desktop
[21:32] <RandalSchwartz> but I'm only 4 hops 1.2ms from apr
[21:32] <RandalSchwartz> arp
[21:32] *** heavysixer has quit IRC (Quit: heavysixer)
[21:32] <phlux> I've never thought to see what I could push on myself
[21:33] <RandalSchwartz> I grabbed about 50GB of download in 30 minutes once :)
[21:34] <phlux> I'm 12 hops away :(
[21:34] <RandalSchwartz> oversee has dark fiber to one wilshire
[21:35] <RandalSchwartz> which of course is one hop from wilshire annex
[21:35] <RandalSchwartz> so my route is local lan -> fiber -> wilshire hop -> arp
[21:36] <RandalSchwartz> all at a gigabit :)
[21:36] *** heavysixer has joined #arpnetworks
[21:36] *** ChanServ sets mode: +o heavysixer
[21:36] <phlux> nice
[21:37] <RandalSchwartz> and the dark fiber is to a cage that has gigabit to the internet backbones
[21:37] <RandalSchwartz> so I have gigabit service to my desk :)
[21:37] <RandalSchwartz> right to the "net"
[21:38] <RandalSchwartz> oversee.net's ASN is quite high on most routing tables, apparently
[21:38] <jlgaddis> what the hell does that mean?
[21:39] <RandalSchwartz> dunno - it just gets a lot of preferred routing
[21:39] <RandalSchwartz> not a lot of hops to anywhere
[21:40] <RandalSchwartz> oversee parks 2.5 million domain names
[21:40] <jlgaddis> 17 from here
[21:40] <RandalSchwartz> many of which are owned directly, but many from customers
[21:41] <jlgaddis> "it just gets a lot of preferred routing" ... dunno what that means either
[21:44] <RandalSchwartz> would "closer to the center of the net" make any more sense?
[21:44] <jlgaddis> it would
[21:45] <RandalSchwartz> ok - that's what I was meaning :)
[21:45] <RandalSchwartz> instead of being three hops out somewhere, it's peering with a lot of main backbones
[21:46] <jlgaddis> except that they're only at CIIX
[21:47] <jlgaddis> peering w/ uunet, ntt, level3, he, packetexchange, and xeex there, it seems
[21:48] *** heavysixer_ has joined #arpnetworks
[21:48] *** ChanServ sets mode: +o heavysixer_
[21:49] *** heavysixer has quit IRC (Read error: Connection reset by peer)
[21:49] *** heavysixer_ is now known as heavysixer
[22:47] *** heavysixer has quit IRC (Quit: heavysixer)