***: first2know has joined #arpnetworks
wak has quit IRC (Quit: Leaving)
avj has quit IRC (Ping timeout: 268 seconds)
brachiation has quit IRC (Read error: Connection reset by peer)
brachiation has joined #arpnetworks hazardous: mnathani: well for one thing you wouldn't be using document.write ideally?
define 'including content fro another site into my page'
you would need to be allowed to access the resource via CORS
if you wanted it to be done via js mike-burns: I typically use copy and paste to include content from other sites on mine. ***: mamtina has joined #arpnetworks
mamtina has left "Leaving"
LT has joined #arpnetworks hazardous: you either have to do server side scraping or just copy and apste if it's a third party site you have no control over ***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
mikeputnam has quit IRC (*.net *.split)
jbergstroem has quit IRC (*.net *.split)
mikeputnam has joined #arpnetworks
jbergstroem has joined #arpnetworks
avj has joined #arpnetworks
anisfarhana has joined #arpnetworks anisfarhana: ~# uptime
08:25:17 up 257 days, 1:38, 1 user, load average: 0.00, 0.00, 0.00 -: anisfarhana loves arpnetworks! :* sdkmvx: good job, but you're computer isn't doing anything according to your load average :P anisfarhana: Indeed.
Just running few light services. sdkmvx: your*
I can't believe I did that...
that's about all mine does anisfarhana: I am wondering what kind of restrictions for arpnetworks. hazardous: not really any restrictions
as long asi t's like sane and legal or whatever
08:26:31 up 203 days, 15:39, 2 users, load average: 1.84, 1.67, 1.66
lol m0unds: 09:36:08 up 18:46, 2 users, load average: 0.00, 0.01, 0.05
i think my highest loaded box is my kvm server at home
load average: 0.08, 0.19, 0.32
hahaha hazardous: eth0 eth1 bond0
KB/s in KB/s out KB/s in KB/s out KB/s in KB/s out
215.23 1266.99 0.00 0.00 215.23 1266.99
this is entirely text traffic :( staticsafe: :o
i still want to know what kind of service you run RandalSchwartz: he ships ... text. :) hazardous: well, technically just bytes
unless gzipped text counts as text
thats weird
i just tried to grab some f/oss thing from sourceforge
it gave me a malware installer anisfarhana: Not much restrictions..probably i can test and try the exploits on it?
:D
Scanning another host.
He he he ***: heavysixer has quit IRC (Quit: heavysixer) sdkmvx: hazardous, a "malware" installer or a real malware installer? not that's there's a difference but I read that sourceforge is trying to make money by replacing popular windows app downloads with their own installers that bundle toolbars hazardous: a "shitware" installer, then brycec: Was that f/oss software Synergy?
The first project I encountered with a shitware installer ^ hazardous: but yeah you probably should know my feelings about tthings like this
i treat it as malware because that's exactly what it is
sure, i am one of the few that actually reads what i'm clicking
but many people don't, and that's taking advantage
opt out instead of opt in ***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer brycec: I imagine those feelings are shared by all consumers... I mean, who REALLY wants the Ask.com toolbar bundled with Java???
"Oh great, a toolbar for a website I've never heard of!" (Okay, I have heard of it... But it's so irrelevant and obsolete, it's hilarious) sdkmvx: brycec, "consumers" don't even know. they can't tell the difference between the toolbar and the browser chrome ***: LT has quit IRC (Quit: Leaving) brycec: I'm not sure about that... I mean those toolbars are a lot like a colonoscopy. Are you suggesting that "consumers" can't tell the difference between anal probing and a sunny day in the park? sdkmvx: oh they know it got worse; just not why
just that computers get slower over time brycec: Good thing Internet Explorer is playing police and proactively suggesting that you disable toolbars and addins every time you launch IE (complete with some basic profiling) hazardous: <brycec> I imagine those feelings are shared by all consumers... I mean, who REALLY wants the Ask.com toolbar bundled with Java???
have you noticed their word use too
people might not know what ask or java are
but it says
WE RECOMMEND ASK TOOLBAR
WE STRONGLY RECOMMEND YOU INSTALL GOOGLE CHROME WITH TOOLBAR X brycec: "Oh, well if it's recommended" hazardous: another thing avj: SF recently started offering projects the ability to add the crapware for some kind of incentive hazardous: that pisses me off is tickboxes avj: such a shame hazardous: like one that's 'install shitware' one that's 'i agree' and one that's 'change my homepage to shitware.com'
and if you untick i agree
it greys out all 3
but keep two of the three ticked brycec: I moved off SF long, long ago and I have zero regrets. (To Google Code... which I then moved off from and on to Github because GC is, well, kinda shitty)
Wow, fun
"trap the user" hazardous: brycec: it actually won't install it w/o the i agree
but it still ticks me off to the point
where i tick i agree
then untick all 3 in propero rder
i think my best memory was this one application that had a separate toolbar window
but it later turns out that
to install the application, you had to REQUIRE a toolbar anyways, in the REAL app's EULA
and it installed a different one
if you agreed, it would install both brycec: These projects can't be making more than hundreths of a cent on each install :/
It's really not worth pissing off users, is it? hazardous: US installs are like 0.10 or something?
loads in .br or .in or whatever are like 0.01 or less brycec: wow, $.10 really? That can add up on a popular project... 50 downloads and I've got lunch. hazardous: installs in VM's don't count
to prevent "fraud" brycec: lol nice, and smart. Sadly they still do install in a VM. hazardous: no, i mean
the toolbar will install brycec: yeah hazardous: but ytou won't get credited for it
which is just lmfao brycec: (Yeah I understood)
Nice that my installs don't count... but they wouldn't anyways because I un-check that shit. (All my Windows are in VMs) ***: first2know has quit IRC (Ping timeout: 240 seconds)
first2know has joined #arpnetworks
first2know has quit IRC (Ping timeout: 245 seconds)
HighJinx has quit IRC (Ping timeout: 276 seconds) hazardous: hey anyone use bsd here
my webserver is randomly spitting out kqueue_add: fdpoll is full !
oh
dammit
i keep runing out of descriptors or something brycec: Hmm does anyone in #arpnetworks/@bsdvps use BSD? :P
And yes that's what that message means
and there's a sysctl to up the limit (but as usual, figure out why you're hitting a normally-sane limit) hazardous: brycec: well around 14000 simultaneous webserver hits per second might do it
if that's what i'm guessing brycec: In theory those hits would end up in RAM hazardous: increased from 11k to 50k, going to see how that pans out i guess
none of it is static content
every single pageload is generated brycec: fastcgi? hazardous: fastcgi brycec: Hmmm hazardous: cherokee / nginx + fastcgi + redis + riak brycec: Ideally fastcgi has loaded the source file and just re-runs/evaluates for each request
But that's "ideally"
I have never real-world tested t his hazardous: yeah but the source file itself
does network access itself
against multiple keyval stores
both localhost and across the network
that may possibly be why? brycec: Hm, could be, actually.
I would hate to see netstat :p hazardous: $ netstat -an | wc -l
22027
other machine
$ netstat -an | wc -l
11840
maybe i should acutally learn bsd instead of treating it like a linux ***: heavysixer has quit IRC (Read error: No route to host)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
phlux has quit IRC (Ping timeout: 256 seconds)
phlux has joined #arpnetworks
first2know has joined #arpnetworks
heavysixer has quit IRC (Ping timeout: 240 seconds)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Client Quit)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Quit: heavysixer) jbergstroem: 11
sry brycec: 12
notsry ***: sdkmvx is now known as mkb
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Read error: No route to host)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
HighJinx has joined #arpnetworks
heavysixer has quit IRC (Quit: heavysixer)
d^_^b has quit IRC (Ping timeout: 246 seconds)
d^_^b has joined #arpnetworks
milki has quit IRC (Read error: Connection reset by peer)
milki has joined #arpnetworks
HighJinx has quit IRC (Ping timeout: 246 seconds)
HighJinx has joined #arpnetworks mnathani: hazardous: mike-burns : I am attempting to capture both IPv4 and IPv6 addresses of clients that visit my website with a dual stack configuration and display both IP addresses brycec: Should be pretty simple mnathani: you would think, but I have been struggling with it since yesterday gizmoguy: what's your approach so far mnathani: I got the v6 address using server environment variable
for the v4 address, I setup a v4 only domain that displays the v4 address brycec: <img src="//ipv4only.site.com/?uniquetoken"><img src="//ipv6only.site.com/?uniquetoken"> where ivp4only only has an A record (forcing the client to access using ipv4), and ipv6only has only an AAAA record (forcing the client to access using ipv6) gizmoguy: what brycec said is the right way to do it brycec: (the ?uniquetoken is so you can pair the visitor, it's generated dynamically when loading www.site.com) gizmoguy: but it sounds like you're trying that route brycec: thanks gizmoguy mnathani: I would like the ip to show up within the source code not like coming from a different resource brycec: mnathani: in the source for www.site.com?? mnathani: This site does it really well and fast : http://test-ipv6.com/ gizmoguy: oh, you want to show it on the page?
ajax call to ipv4only.site.com ipv6only.site.com brycec: I don't think that's even possible... Since the server, on page load, only knows the connection it's serving. gizmoguy: where those websites just print the IP that hit them brycec: gizmoguy++ mnathani: user goes to the v6 enabled site and both ip addresses get displayed brycec: (Using <img> bypasses CSRF/XSS headaches, and you could just generate an image with the IP with GD)
mnathani: test-ipv6 does it via ajax calls
(so many ajax calls...) gizmoguy: hehe yeah brycec: "124 requests" mnathani: If an image can come through, then what prevents an external javascript getting loaded gizmoguy: you can't load javascript in an image tag? mnathani: I am open to javascript methods brycec: you can point at javascript, but it wouldn't be evaluated mnathani: Something like : <script type="text/javascript" src="http://ipv4.dns.mnathani.com/"></script> brycec: And when src'ing javascript, there are safeguards in place to prevent cross-site scripting attacks
@wiki XSS
oh right, BryceBot isn't in this channel :p
http://en.wikipedia.org/wiki/Cross-site_scripting gizmoguy: iframe? :P brycec: Basically, src'ing javascript from domains other than the one being visited is a major IV/security issue. You can configure exceptions, but it's a PITA
gizmoguy++
clever, and hideous :)
There is JSONP though gizmoguy: that's mostly how my programming style is described :) brycec: (In fact, JSONP is how test-ipv6 handles the subdomain accesses -: brycec wanders off to get some supper
gizmoguy fights snmpd with a stick
brycec hands gizmoguy a bigger stick, with spikes on the end gizmoguy: i got it working in the end
hrm, why is it 5.30pm on a friday and I don't have a beer in my hand yet :( brycec: I have one box where snmpd just starts eating CPU like there's no tomorrow :(
gizmoguy: because you're waiting for the rest of the world to catch up[22:33] <gizmoguy> lol gizmoguy: people should stop asking me to do work ;P
a user's desktop stopped working at 4.45pm brycec: gizmoguy: Play, have fun, whatever you do just don't work.
on a friday? sounds like Monday's problem gizmoguy: fixed that by 4.58pm
but then I had someone else come ask how to build a cloud infrastructure
that took at least 30 mins to solve
I think I freaked him out a little, he was wanting to do the minimal amount of work required brycec: kinda like askign "How do I Internet?" gizmoguy: haha yeah
the original question was "how do I install a VM in my new openstack I just built" -: brycec facedesks gizmoguy: my answer turned into, install/build a provisioning system, learn puppet, write puppet, click lots of buttons, done
btw theforeman is the best provisioning system I've ever used
i've recently replaced my job with it
( I didn't tell my boss yet ) brycec: lol