| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
| Who | What | When |
|---|---|---|
| *** | LT has quit IRC (Ping timeout: 260 seconds) | [00:07] |
| LT has joined #arpnetworks
Ehtyar has quit IRC (Quit: IRC is just multiplayer notepad) | [00:19] | |
| ............... (idle for 1h12mn) | ||
| up_the_irons | jdoe: my other order was from a comcast IPv6 block
hmm.. i should put somewhere that emailing support@arpnetworks.com is just as good as the web interface... | [01:35] |
| dzup | does vps offer vhmcs or similar? | [01:40] |
| up_the_irons | dzup: vhmcs? is that a control panel of some sort? | [01:43] |
| ....... (idle for 31mn) | ||
| dzup | yes for reseller hosting
up_the_irons, . | [02:14] |
| up_the_irons | dzup: we don't include any control panels, but you can certainly install one yourself | [02:16] |
| dzup | thanks | [02:27] |
| up_the_irons | np | [02:41] |
| ......... (idle for 40mn) | ||
| up_the_irons drops a pin | [03:21] | |
| LT | LT waits for someone to stand on it | [03:27] |
| ......... (idle for 40mn) | ||
| up_the_irons | up_the_irons grabs some nachos | [04:07] |
| ........................... (idle for 2h10mn) | ||
| qbit | CaZe: just ordered a rancilio silvia
also - whadduphoes! | [06:17] |
| ix34 | qbit: good machine. served our office faithfully for over 2 years, 6+ brews per day | [06:18] |
| qbit | ix34: nice! it's worked pretty well for my mom as well | [06:18] |
| up_the_irons | bitchen | [06:24] |
| *** | eryc is now known as er|c | [06:36] |
| up_the_irons | i could kill Upstart right now... | [06:42] |
| qbit | what's upstart? | [06:43] |
| up_the_irons | qbit: event-based init system initially designed for Ubuntu but now is in CentOS 6.x, Fedora (i think), etc...
meant to replace SysV init system give me runit any day | [06:44] |
| qbit | oh crazy
qbit huggs openbsd | [06:45] |
| .............. (idle for 1h8mn) | ||
| up_the_irons | up_the_irons huggs qbit | [07:53] |
| qbit | wew! | [07:53] |
| mike-burns | That's sweet. | [07:54] |
| up_the_irons | lol | [07:54] |
| *** | heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer | [08:03] |
| sako has joined #arpnetworks | [08:17] | |
| sako has quit IRC (Ping timeout: 246 seconds) | [08:31] | |
| ....... (idle for 30mn) | ||
| ix34 | out of curiosity, anyone running openSUSE here? | [09:01] |
| *** | heavysixer has quit IRC (Quit: heavysixer) | [09:02] |
| CaZe | qbit: Nice. | [09:04] |
| up_the_irons | ix34: opensuse is very rare, IME
like, i can't remember the last time someone requested that ISO to be loaded | [09:04] |
| CaZe | qbit: Are you roasting your own beans yet? | [09:05] |
| ix34 | ok thanks for the note | [09:05] |
| qbit | CaZe: picking up the first batch of green this weekend
so not quite :) | [09:06] |
| ix34 | up_the_irons: i want to order a new VPS | [09:06] |
| up_the_irons | ix34: i want to give you one | [09:06] |
| qbit | not sure what i am gonna do for a roaster tho :P | [09:06] |
| ix34 | do i order via the portal? | [09:06] |
| qbit | might just do a cast iron pan | [09:06] |
| CaZe | I'm using a brownie oven. | [09:07] |
| up_the_irons | ix34: order via regular order form on website, use same email as on current account if you want them linked. if so, then also specify an ip address in "additional comments" that you want assigned to it. you need to already have available IPs, or purchase a /29 ($5) | [09:07] |
| ix34 | up_the_irons: thanks | [09:08] |
| up_the_irons | ix34: np | [09:09] |
| CaZe | http://www.amazon.com/gp/aw/d/B0051QB35E
You have to remove the thermostat though. And then I connect it to a dimmer switch to control the power. I think a quality cast iron pan costs more than that oven. | [09:09] |
| *** | gcw|mbpro has joined #arpnetworks | [09:13] |
| ix34 | up_the_irons: it is done. meh about running linux, but needed a dev image | [09:17] |
| qbit | CaZe: nice
i have some pans i can use tho .. so they cost less :D temp control will be harder tho | [09:17] |
| up_the_irons | ix34: tnx! | [09:18] |
| *** | LT has quit IRC (Quit: Leaving) | [09:27] |
| CaZe | qbit: Yeah, I don't know how a thermometer would work on an open pan.
qbit: Maybe an IR thermometer. | [09:27] |
| qbit | i always wanted to get one of those :D
http://taskwarrior.org/projects/show/taskwarrior <---- <3 | [09:28] |
| CaZe | http://www.harborfreight.com/infrared-thermometer-93984.html
That might be adequate. 482 is just high enough to read the end of the roast. http://www.harborfreight.com/non-contact-laser-thermometer-96451.html That one goes all the way up to 968. | [09:29] |
| qbit | with laser targeting
awwyeah | [09:33] |
| CaZe | The other one has laser too. | [09:34] |
| qbit | oh | [09:47] |
| up_the_irons | it should go up to 11
</troll> up_the_irons wanders off | [09:50] |
| qbit | qbit waves byebye to up_the_irons | [09:56] |
| ix34 | nsd is the best.
free PSA from me to you. | [10:04] |
| *** | HighJinx has quit IRC (Quit: Computer has gone to sleep.) | [10:06] |
| .... (idle for 16mn) | ||
| CaZe | Anyone know if it's linked to the build in OpenBSD's snapshots yet? | [10:22] |
| *** | HighJinx has joined #arpnetworks | [10:22] |
| ix34 | think it's been in and default since 4.9
maybe in 4.9, default in 5.0 | [10:22] |
| CaZe | I know it's been in the tree for awhile, but it hadn't been linked to the build.
I'm still waiting for unbound anyway. | [10:24] |
| mikeputnam | happy to see nginx made it onto the base in time for November 1st
s/onto/into/ | [10:26] |
| ix34 | agreed, interested to play with that | [10:27] |
| mikeputnam | http://www.openbsd.org/52.html
among other fun stuff. pthreads! | [10:27] |
| *** | mtve has quit IRC (Ping timeout: 244 seconds)
Webhostbudd has joined #arpnetworks gcw|mbpro has quit IRC (Remote host closed the connection) | [10:28] |
| ......................... (idle for 2h3mn) | ||
| qbit | CaZe, ix34 http://www.youtube.com/watch?v=e7pOfJTQ5Dg&feature=player_embedded | [12:35] |
| *** | `ariel has quit IRC (Quit: No Ping reply in 180 seconds.)
ariel has joined #arpnetworks ariel is now known as Guest31077 | [12:36] |
| ix34 | qbit: that is awesome | [12:46] |
| *** | heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer | [12:51] |
| dzup has quit IRC (Remote host closed the connection) | [13:02] | |
| qbit | man.. the mroe i read about the silvia - the more i like it : http://gizmodo.com/5581416/tickling-miss-silvia-mark-frauenfelder-hacks-coffees-god+shot | [13:10] |
| *** | arenlor has joined #arpnetworks | [13:16] |
| arenlor | up_the_irons: You around? | [13:18] |
| andol | up_the_irons: You could offer a more favorable price on orders coming from an IPv6 address? :-) | [13:23] |
| milki | oooo | [13:26] |
| ...... (idle for 25mn) | ||
| *** | ix34 has quit IRC (Remote host closed the connection)
ix33 has joined #arpnetworks | [13:51] |
| ........... (idle for 51mn) | ||
| CaZe has quit IRC (Read error: Connection reset by peer)
CaZe` has joined #arpnetworks CaZe` is now known as CaZe | [14:45] | |
| .......... (idle for 46mn) | ||
| arenlor | up_the_irons: If you get a chance to, you may wish to add your own comment: https://plus.google.com/+KikiSanford/posts/VNgKzCjWR2K | [15:31] |
| up_the_irons | ix33: nsd is pretty rad, yeah
andol: lol, not a bad idea ;) up_the_irons checks out arenlor's link | [15:45] |
| *** | jbum has joined #arpnetworks
jbum has quit IRC (Client Quit) forgotten has joined #arpnetworks | [15:46] |
| forgotten | hey has arp every been hit with a mango botnet ddos attack? | [15:50] |
| qbit | whoa
hi forgotten o/ | [15:52] |
| forgotten | hey qbit :) | [15:53] |
| up_the_irons | forgotten: there's a ddos attack named "mango" ? ;) | [15:56] |
| forgotten | up_the_irons: i think the botnet is called mango and ddos is just ddos
but yeah :) | [15:56] |
| up_the_irons | lol | [15:56] |
| forgotten | hehe | [15:57] |
| up_the_irons | not sure what attacks we've been hit with in the past. usually udp-based garbage. | [15:57] |
| qbit | ima make a botnet called "mangular" | [15:57] |
| up_the_irons | lol | [15:57] |
| forgotten | up_the_irons: how did you guys fair against those attacks? the udp garbage.
the Mango bots would do something similar, prolly just diff port ranges. qbit: mangulus ! o | [15:58] |
| qbit | o/ | [15:59] |
| up_the_irons | forgotten: meh, usually takes out a host. doesn't usually spread beyond that. i'm installing two upgrades / changes within the next month or so that should eliminate the host-wide collateral damage.
forgotten: qbit : mangular, mangulus +1 +1 | [15:59] |
| forgotten | i have discovered something disturbing, about these botnets.
specifically originating from malaysia just thought i'd give u guys a heads up :) | [16:01] |
| CaZe | Disturbing, indeed. | [16:03] |
| forgotten | not gonig to waste my time explaining if no one cares :). | [16:04] |
| CaZe | You already did, the part about originating from Malaysia? | [16:04] |
| forgotten | ya but they are targeting vps providers
as bandwidth testers basically | [16:05] |
| CaZe | http://www.ubnt.com/edgemax#edge-router-lite
CaZe wants | [16:05] |
| forgotten | if its only 100 bucks why dont u get one? | [16:06] |
| qbit | 500x packets / dollar! | [16:06] |
| CaZe | They're not selling them yet. | [16:07] |
| forgotten | resellers? | [16:07] |
| CaZe | It was just announced today. | [16:07] |
| qbit | but can it run openbsd? | [16:07] |
| forgotten | ^
careful how u answer this question | [16:08] |
| CaZe | Probably not out of the box.
I don't think anyone knows yet what SoC it uses. MIght have to wait until someone gets ahold of one to know how much work it would take to port OpenBSD. | [16:08] |
| forgotten | that would be smexy
:D | [16:09] |
| up_the_irons | forgotten: how do they target as bandwidth testers?
we don't get many orders from there anyway... ;) | [16:17] |
| forgotten | to see which providers they can take down, and which they can't overcome their bandwidth.
lol and thats good | [16:18] |
| jdoe | up_the_irons: how are you preventing host-wide collateral damage? Unless you have some sort of quick active-response, null-routing thing :P | [16:19] |
| forgotten | that would be very very amazing
:D | [16:19] |
| up_the_irons | jdoe: two things: 1) finally get GigE on all host ports, 2) eliminate Linux connection tracking and pass through traffic as more of a "dumb" host. I have #2 working for the most part on a test host.
most attacks don't saturate an entire GigE but they will saturate conntrack, no matter how high i set the values | [16:21] |
| jdoe | that improves things, no doubt, but saturation is saturation
ahh | [16:22] |
| up_the_irons | at least, it seems that way... | [16:22] |
| jdoe | eesh. If you can't manage a gig in 2012, maybe you should hang up your ./spurs | [16:23] |
| forgotten | lol | [16:23] |
| up_the_irons | hah yeah | [16:23] |
| jdoe | "br0 ch3ck 0u7 my l33t 28.8 b0tn3t" | [16:23] |
| up_the_irons | LOL
hahahaha | [16:23] |
| forgotten | RISC is good
that is a good idea tho with connection tracking do u just build ur iptables rules without --state options for that? | [16:24] |
| up_the_irons | how many redis users in here?
anyone use redistogo? | [16:27] |
| mhoran | Used redis quite a bit, no redistogo though. | [16:27] |
| up_the_irons | mhoran: self hosted? | [16:27] |
| mhoran | I hope this freebsd-security flamewar ends soon.
up_the_irons: Yeah. | [16:27] |
| up_the_irons | forgotten: yeah, --state goes away (although you can keep them in there, but those rules simply don't do anything anymore) and you add a NOTRACK target within PREROUTING chain
forgotten: mercutio gave me that tip, and for years people told me conntrack couldn't be disabled!! mhoran: cool | [16:28] |
| forgotten | up_the_irons: nice :D
up_the_irons: do you use syncookies ? | [16:29] |
| up_the_irons | forgotten: so, also, b/c of no more --state, you need to build additional rules to all hosts you connect to. ala, back in the "stateless" firewall days. | [16:30] |
| forgotten | up_the_irons: yep yep i drew that much :D | [16:31] |
| up_the_irons | but that isn't too hard, the hosts should be as "dumb" as possible, with the VMs getting all the majority of network traffic
forgotten: not sure about syncookies. w/e the default is i guess. | [16:31] |
| forgotten | up_the_irons: it's a /etc/sysctl.conf option | [16:33] |
| jdoe | mhoran: the random shit? I unsubbed over that.
kraigu did too. | [16:33] |
| kraigu | yep.
did it stop yet? | [16:33] |
| up_the_irons | forgotten: yeah i know, just never moved it from the defaults | [16:33] |
| kraigu | oh
I guess not | [16:33] |
| jdoe | haha. | [16:33] |
| mhoran | jdoe: Yeah. | [16:33] |
| kraigu | (I didn't read backscroll) | [16:33] |
| mhoran | Ridiculous. | [16:33] |
| kraigu | holy bikeshed. :( | [16:34] |
| mhoran | Yeah.
I don't want to unsub because that's where I get my security announcements from. | [16:34] |
| kraigu | it used to be where I got mine from :( | [16:34] |
| forgotten | it would help against syn attacks if it's enabled | [16:35] |
| up_the_irons | forgotten: syn attacks are not all that popular. just dumb udp or icmp ones
forgotten: anything over tcp is problematic b/c of the transmission control. but you can fling udp as fast as your pipe will let you. | [16:38] |
| kraigu | kind of like bikeshedders on a security mailing list? | [16:39] |
| jdoe | I think we should paint /dev/random white. | [16:40] |
| mercutio | up_the_irons: i think syn attacks use raw packets. | [16:40] |
| kraigu | jdoe: racist! | [16:40] |
| mhoran | Orange is the best color for a bikeshed. | [16:40] |
| mercutio | on a lot of newer systems tcp/ip is pretty low in resource utilisation due to offloading | [16:40] |
| up_the_irons | mercutio: i think syn with raw IP packets can just be dropped, no? isn't SYN only useful with TCP?
this is edging on my threshold of knowledge of IP / TCP / UDP packet structure... | [16:41] |
| jdoe | I'm not sure I understand the question. He's saying that it's not like they're connect()ing or anything, you open a raw socket, construct your own syn packets, and spam. | [16:42] |
| mercutio | up_the_irons: raw ip packets can have a TCP header..
raw packets just means that the OS sends through whatever you tell it to there's a userspace implementation of tcp/ip around somewhere you can't do things like that without raw packets. windows used to not support raw packets. then it did. | [16:42] |
| up_the_irons | mercutio: ah ok | [16:42] |
| jdoe | udp is more popular because raw sockets are a bitch on windows. | [16:42] |
| mercutio | jdoe: oh? | [16:43] |
| kraigu | kraigu snickers | [16:43] |
| mercutio | i knew windows supported it, didn't know it was difficult to implement | [16:43] |
| kraigu | doesn't steve gibson still rave about it?
OMG THOSE IDJITS-style | [16:43] |
| qbit | <3 redis | [16:43] |
| jdoe | mercutio: windows neutered raw socket support, and it requires admin privs. | [16:43] |
| mercutio | jdoe: sweet | [16:44] |
| up_the_irons | qbit: you use redis too? | [16:44] |
| kraigu | jdoe: http://www.theregister.co.uk/2001/06/12/security_geek_developing_winxp_raw/ ;) | [16:44] |
| jdoe | hence why every lindsay_lohan_xxx.exe does udp flooding ;) | [16:44] |
| arenlor | mercutio: Windows was fixed, doesn't support raw anymore. | [16:44] |
| jdoe | Gibson is a nutcase. | [16:44] |
| kraigu | yeeeahh | [16:45] |
| mercutio | arenlor: i like :) | [16:45] |
| arenlor | jdoe: Apparentally it's emma_watson.exe now. | [16:45] |
| mercutio | i don't want linux to lose raw packets. | [16:45] |
| kraigu | jdoe: like windows users don't run as admin anyway | [16:45] |
| arenlor | I like to write in every week and tell gibson where he screwed up.
Like how their sponsor uses Java, but they keep bashing it. | [16:46] |
| jdoe | http://msdn.microsoft.com/en-us/library/windows/desktop/ms740548%28v=vs.85%29.aspx#Limitations_on_Raw_Sockets | [16:46] |
| mercutio | heh i've seen people trying to use windwos as a non admin! | [16:46] |
| arenlor | mercutio: Cute, how are your parents? | [16:47] |
| kraigu | jdoe: oh pish tosh, quoting "documentation" | [16:47] |
| mercutio | my father uses linux
my mother uses a mac | [16:47] |
| arenlor | mercutio: Damn, can we trade? | [16:47] |
| mercutio | haha
up_the_irons: ip / tcp / udp packet structure... essentials is just that tcp is on top of ip, udp is on top of ip, ip says source/destination and routes to the destination udp and tcp contain ports etc but ip just has protocol and a checksum oh icmp is over ip too | [16:48] |
| up_the_irons | well, mostly everything is over ip ;)
lots of sonet (sdh) rings use ATM, so that wouldn't be over IP, but that's layer-2 stuff anyway, i think... i think... | [16:56] |
| mercutio | people often run ip over sonet don't they?
anyway sonet/atm are legacy, way more expensive than ethernet and lower bandwidth it's not that tcp/ip is amazing, but it's mass market and tcp has done pretty well to last so well i like it that finally people are starting to look into things like udp-lite removing checksums from sent data etc but what really is neded on the net is larger mtu's and that doesn't seem to be making any progress | [16:58] |
| up_the_irons | sonet/atm is legacy, yes, but that's WAN for ya. if you want a ring, you have to go sonet | [17:01] |
| mercutio | frame relay went to shdsl, sonet/atm went to dark fibre
dark fibre is on some ways the ultimate way to go wikipedia had an outage a while back through two dark fibre pairs being cut at once but that's just a problem with having pairs near each other | [17:01] |
| up_the_irons | sure, dark fiber is the way to go if you can afford it | [17:04] |
| mercutio | fibre can be used for protected services though as long as they don't route the same way
well if you can afford sonet you can afford dark fibre | [17:04] |
| *** | Ehtyar has joined #arpnetworks | [17:06] |
| mercutio | of course dark fibre gets more expensive the further distance you have on it | [17:07] |
| .... (idle for 16mn) | ||
| forgotten | up_the_irons: word :) | [17:23] |
| *** | dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host) dj_goku has joined #arpnetworks | [17:32] |
| ....... (idle for 32mn) | ||
| dzup has joined #arpnetworks | [18:04] | |
| ......... (idle for 40mn) | ||
| jdoe | ... oh god you don't even want to know what I just saw your ads on. | [18:44] |
| qbit | lol | [18:45] |
| up_the_irons | jdoe: lol, wut??? :) | [18:50] |
| *** | HighJinx has quit IRC (Quit: Computer has gone to sleep.) | [18:51] |
| jdoe | fournier gangrene on /r/wtf
apparently arpnetwork is the best hosting if your balls are rotting off. arpnetworks, even | [18:55] |
| up_the_irons | jdoe: LOL | [19:00] |
| qbit | hahaha
"when my balls are rotting off... i choose arpnetworks!" | [19:01] |
| .... (idle for 16mn) | ||
| up_the_irons | hahahahaha | [19:17] |
| *** | forgotten has quit IRC (Quit: leaving) | [19:19] |
| ...... (idle for 25mn) | ||
| up_the_irons | i do a search for ipv6 problems on lucid and i run across a blog post, i look at the config and am like "hey, those IPs look familiar", then I read the first sentence and it says, "I recently setup a VPS with Arp Networks"
w00t i googled and found myself up_the_irons does a happy dance | [19:44] |
| mercutio | heh
ipv6 and problems go together i think | [19:45] |
| arenlor | I've never had any problems with IPv6 on linux. | [19:49] |
| mercutio | using autodiscovery? | [19:50] |
| arenlor | mercutio: No, I do it all by hand.
It's only on windows that I have ever had any issue. | [19:50] |
| mercutio | i was surprised that ipv6 works on my windows
considering i don't have ipv6 but ping -6 works apparently there's a relay built into windows or it uses it by default at least | [19:51] |
| arenlor | mercutio: Yeah, Teredo hasn't ever worked for me. | [19:51] |
| mercutio | well the relay sends google much furhter away than ipv4 | [19:52] |
| arenlor | It's likely because you bounce through microsoft for Teredo. | [19:52] |
| mercutio | nah it's somewhere close
it's like 20 msec first hop | [19:52] |
| arenlor | Mind, I can't even get HE's IPv6 working. | [19:53] |
| mercutio | but google is like 8x the ping
i've done he tunnel before i've got a sixxs tunnel too but on windows i didn't do anything | [19:53] |
| arenlor | Works great in Linux, just never got it to work at all in Windows. | [19:53] |
| mercutio | oh?
i used to have he.net tunnel with windows i just had ym adsl modem forward it along to windows err my adsl modem terminate the tunnel i had it going with a standalone router too | [19:53] |
| arenlor | It's alright, I'm dyslexic, I have to unscramble everything as is. | [19:54] |
| mercutio | but i was annoyed that talking between my two ipv6 endpoints gave huge pings
so i setup a third tunnel between my two end points and forwarded the traffic in the end i figured he.net tunnel was just too far away | [19:54] |
| arenlor | It could be | [19:55] |
| mercutio | closest is fremont which is about 150 msec ping i think
sixxs is about 20 msec ping but i found that browsing through ipv6 was slowr give it a few years and it'll get better. i like the idea of host to host communication but while end users dont' have ipv6 that won't dom uch good | [20:00] |
| .................... (idle for 1h38mn) | ||
| *** | HighJinx has joined #arpnetworks | [21:39] |
| ..... (idle for 22mn) | ||
| HighJinx | up_the_irons when digi is outta coresite can i have one of them as my own box to rent? hahaha | [22:01] |
| ..... (idle for 23mn) | ||
| Webhostbudd | lol | [22:24] |
| .... (idle for 16mn) | ||
| toddf | when not doing native v6, I generally would do a tunnel between the v4 gateways of remote sites. especially when the upstream isp of all my sites was the same one (COX) | [22:40] |
| ....... (idle for 31mn) | ||
| up_the_irons | HighJinx: i imagine they would take the equipment with them ;) | [23:11] |
| HighJinx | iunno they just might forget ;) | [23:11] |
| up_the_irons | lol
wouldn't surprise me | [23:12] |
| .... (idle for 15mn) | ||
| Webhostbudd | so how are the dedi's working garry?
things still rolling out smoothly? | [23:27] |
| *** | amdprophet has quit IRC (Remote host closed the connection) | [23:28] |
| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |