#arpnetworks 2013-09-19,Thu

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
***first2know has quit IRC (Remote host closed the connection) [00:59]
.............. (idle for 1h6mn)
first2know has joined #arpnetworks [02:05]
.................. (idle for 1h29mn)
wak has quit IRC (Quit: Leaving) [03:34]
avj has quit IRC (Ping timeout: 268 seconds) [03:45]
........ (idle for 35mn)
brachiation has quit IRC (Read error: Connection reset by peer) [04:20]
brachiation has joined #arpnetworks [04:25]
...... (idle for 28mn)
hazardousmnathani: well for one thing you wouldn't be using document.write ideally?
define 'including content fro another site into my page'
you would need to be allowed to access the resource via CORS
if you wanted it to be done via js
[04:53]
mike-burnsI typically use copy and paste to include content from other sites on mine. [04:56]
***mamtina has joined #arpnetworks
mamtina has left "Leaving"
LT has joined #arpnetworks
[05:10]
hazardousyou either have to do server side scraping or just copy and apste if it's a third party site you have no control over [05:23]
....... (idle for 31mn)
***heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[05:54]
.... (idle for 15mn)
heavysixer has quit IRC (Quit: heavysixer) [06:09]
..... (idle for 21mn)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[06:30]
.......... (idle for 48mn)
mikeputnam has quit IRC (*.net *.split)
jbergstroem has quit IRC (*.net *.split)
[07:18]
mikeputnam has joined #arpnetworks
jbergstroem has joined #arpnetworks
[07:29]
.......... (idle for 49mn)
avj has joined #arpnetworks
anisfarhana has joined #arpnetworks
[08:20]
anisfarhana~# uptime
08:25:17 up 257 days, 1:38, 1 user, load average: 0.00, 0.00, 0.00
anisfarhana loves arpnetworks! :*
[08:24]
sdkmvxgood job, but you're computer isn't doing anything according to your load average :P [08:25]
anisfarhanaIndeed.
Just running few light services.
[08:25]
sdkmvxyour*
I can't believe I did that...
that's about all mine does
[08:25]
anisfarhanaI am wondering what kind of restrictions for arpnetworks. [08:27]
hazardousnot really any restrictions
as long asi t's like sane and legal or whatever
08:26:31 up 203 days, 15:39, 2 users, load average: 1.84, 1.67, 1.66
lol
[08:29]
m0unds09:36:08 up 18:46, 2 users, load average: 0.00, 0.01, 0.05
i think my highest loaded box is my kvm server at home
load average: 0.08, 0.19, 0.32
hahaha
[08:36]
hazardouseth0 eth1 bond0
KB/s in KB/s out KB/s in KB/s out KB/s in KB/s out
215.23 1266.99 0.00 0.00 215.23 1266.99
this is entirely text traffic :(
[08:37]
staticsafe:o
i still want to know what kind of service you run
[08:45]
RandalSchwartzhe ships ... text. :) [08:49]
.... (idle for 15mn)
hazardouswell, technically just bytes
unless gzipped text counts as text
thats weird
i just tried to grab some f/oss thing from sourceforge
it gave me a malware installer
[09:04]
anisfarhanaNot much restrictions..probably i can test and try the exploits on it?
:D
Scanning another host.
He he he
[09:08]
***heavysixer has quit IRC (Quit: heavysixer) [09:09]
sdkmvxhazardous, a "malware" installer or a real malware installer? not that's there's a difference but I read that sourceforge is trying to make money by replacing popular windows app downloads with their own installers that bundle toolbars [09:09]
hazardousa "shitware" installer, then [09:11]
brycecWas that f/oss software Synergy?
The first project I encountered with a shitware installer ^
[09:12]
hazardousbut yeah you probably should know my feelings about tthings like this
i treat it as malware because that's exactly what it is
sure, i am one of the few that actually reads what i'm clicking
but many people don't, and that's taking advantage
opt out instead of opt in
[09:13]
***heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[09:15]
brycecI imagine those feelings are shared by all consumers... I mean, who REALLY wants the Ask.com toolbar bundled with Java???
"Oh great, a toolbar for a website I've never heard of!" (Okay, I have heard of it... But it's so irrelevant and obsolete, it's hilarious)
[09:20]
sdkmvxbrycec, "consumers" don't even know. they can't tell the difference between the toolbar and the browser chrome [09:21]
***LT has quit IRC (Quit: Leaving) [09:22]
brycecI'm not sure about that... I mean those toolbars are a lot like a colonoscopy. Are you suggesting that "consumers" can't tell the difference between anal probing and a sunny day in the park? [09:23]
sdkmvxoh they know it got worse; just not why
just that computers get slower over time
[09:23]
brycecGood thing Internet Explorer is playing police and proactively suggesting that you disable toolbars and addins every time you launch IE (complete with some basic profiling) [09:25]
hazardous<brycec> I imagine those feelings are shared by all consumers... I mean, who REALLY wants the Ask.com toolbar bundled with Java???
have you noticed their word use too
people might not know what ask or java are
but it says
WE RECOMMEND ASK TOOLBAR
WE STRONGLY RECOMMEND YOU INSTALL GOOGLE CHROME WITH TOOLBAR X
[09:29]
brycec"Oh, well if it's recommended" [09:29]
hazardousanother thing [09:29]
avjSF recently started offering projects the ability to add the crapware for some kind of incentive [09:29]
hazardousthat pisses me off is tickboxes [09:30]
avjsuch a shame [09:30]
hazardouslike one that's 'install shitware' one that's 'i agree' and one that's 'change my homepage to shitware.com'
and if you untick i agree
it greys out all 3
but keep two of the three ticked
[09:30]
brycecI moved off SF long, long ago and I have zero regrets. (To Google Code... which I then moved off from and on to Github because GC is, well, kinda shitty)
Wow, fun
"trap the user"
[09:31]
hazardousbrycec: it actually won't install it w/o the i agree
but it still ticks me off to the point
where i tick i agree
then untick all 3 in propero rder
i think my best memory was this one application that had a separate toolbar window
but it later turns out that
to install the application, you had to REQUIRE a toolbar anyways, in the REAL app's EULA
and it installed a different one
if you agreed, it would install both
[09:31]
brycecThese projects can't be making more than hundreths of a cent on each install :/
It's really not worth pissing off users, is it?
[09:33]
hazardousUS installs are like 0.10 or something?
loads in .br or .in or whatever are like 0.01 or less
[09:33]
brycecwow, $.10 really? That can add up on a popular project... 50 downloads and I've got lunch. [09:34]
hazardousinstalls in VM's don't count
to prevent "fraud"
[09:36]
bryceclol nice, and smart. Sadly they still do install in a VM. [09:36]
hazardousno, i mean
the toolbar will install
[09:36]
brycecyeah [09:36]
hazardousbut ytou won't get credited for it
which is just lmfao
[09:36]
brycec(Yeah I understood)
Nice that my installs don't count... but they wouldn't anyways because I un-check that shit. (All my Windows are in VMs)
[09:37]
***first2know has quit IRC (Ping timeout: 240 seconds)
first2know has joined #arpnetworks
[09:46]
first2know has quit IRC (Ping timeout: 245 seconds) [09:52]
HighJinx has quit IRC (Ping timeout: 276 seconds) [10:03]
.... (idle for 18mn)
hazardoushey anyone use bsd here
my webserver is randomly spitting out kqueue_add: fdpoll is full !
[10:21]
oh
dammit
i keep runing out of descriptors or something
[10:30]
..... (idle for 20mn)
brycecHmm does anyone in #arpnetworks/@bsdvps use BSD? :P
And yes that's what that message means
and there's a sysctl to up the limit (but as usual, figure out why you're hitting a normally-sane limit)
[10:50]
hazardousbrycec: well around 14000 simultaneous webserver hits per second might do it
if that's what i'm guessing
[10:52]
brycecIn theory those hits would end up in RAM [10:53]
hazardousincreased from 11k to 50k, going to see how that pans out i guess
none of it is static content
every single pageload is generated
[10:53]
brycecfastcgi? [10:53]
hazardousfastcgi [10:53]
brycecHmmm [10:53]
hazardouscherokee / nginx + fastcgi + redis + riak [10:53]
brycecIdeally fastcgi has loaded the source file and just re-runs/evaluates for each request
But that's "ideally"
I have never real-world tested t his
[10:54]
hazardousyeah but the source file itself
does network access itself
against multiple keyval stores
both localhost and across the network
that may possibly be why?
[10:54]
brycecHm, could be, actually.
I would hate to see netstat :p
[10:55]
hazardous$ netstat -an | wc -l
22027
other machine
$ netstat -an | wc -l
11840
maybe i should acutally learn bsd instead of treating it like a linux
[10:55]
***heavysixer has quit IRC (Read error: No route to host)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[11:04]
..... (idle for 20mn)
phlux has quit IRC (Ping timeout: 256 seconds)
phlux has joined #arpnetworks
[11:25]
....... (idle for 33mn)
first2know has joined #arpnetworks [11:58]
.... (idle for 16mn)
heavysixer has quit IRC (Ping timeout: 240 seconds) [12:14]
............................ (idle for 2h16mn)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Client Quit)
[14:30]
...................... (idle for 1h48mn)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[16:22]
.... (idle for 19mn)
heavysixer has quit IRC (Quit: heavysixer)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[16:41]
.... (idle for 16mn)
heavysixer has quit IRC (Quit: heavysixer) [17:00]
.... (idle for 19mn)
jbergstroem11
sry
[17:19]
brycec12
notsry
[17:20]
....... (idle for 31mn)
***sdkmvx is now known as mkb [17:51]
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Read error: No route to host)
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
[17:58]
...... (idle for 26mn)
HighJinx has joined #arpnetworks [18:30]
heavysixer has quit IRC (Quit: heavysixer) [18:36]
....... (idle for 32mn)
d^_^b has quit IRC (Ping timeout: 246 seconds)
d^_^b has joined #arpnetworks
milki has quit IRC (Read error: Connection reset by peer)
milki has joined #arpnetworks
[19:08]
...................... (idle for 1h48mn)
HighJinx has quit IRC (Ping timeout: 246 seconds)
HighJinx has joined #arpnetworks
[20:58]
mnathanihazardous: mike-burns : I am attempting to capture both IPv4 and IPv6 addresses of clients that visit my website with a dual stack configuration and display both IP addresses [21:01]
brycecShould be pretty simple [21:02]
mnathaniyou would think, but I have been struggling with it since yesterday [21:03]
gizmoguywhat's your approach so far [21:04]
mnathaniI got the v6 address using server environment variable
for the v4 address, I setup a v4 only domain that displays the v4 address
[21:04]
brycec<img src="//ipv4only.site.com/?uniquetoken"><img src="//ipv6only.site.com/?uniquetoken"> where ivp4only only has an A record (forcing the client to access using ipv4), and ipv6only has only an AAAA record (forcing the client to access using ipv6) [21:04]
gizmoguywhat brycec said is the right way to do it [21:05]
brycec(the ?uniquetoken is so you can pair the visitor, it's generated dynamically when loading www.site.com) [21:05]
gizmoguybut it sounds like you're trying that route [21:05]
brycecthanks gizmoguy [21:05]
mnathaniI would like the ip to show up within the source code not like coming from a different resource [21:05]
brycecmnathani: in the source for www.site.com?? [21:06]
mnathaniThis site does it really well and fast : http://test-ipv6.com/ [21:06]
gizmoguyoh, you want to show it on the page?
ajax call to ipv4only.site.com ipv6only.site.com
[21:06]
brycecI don't think that's even possible... Since the server, on page load, only knows the connection it's serving. [21:06]
gizmoguywhere those websites just print the IP that hit them [21:06]
brycecgizmoguy++ [21:06]
mnathaniuser goes to the v6 enabled site and both ip addresses get displayed [21:07]
brycec(Using <img> bypasses CSRF/XSS headaches, and you could just generate an image with the IP with GD)
mnathani: test-ipv6 does it via ajax calls
(so many ajax calls...)
[21:07]
gizmoguyhehe yeah [21:07]
brycec"124 requests" [21:07]
mnathaniIf an image can come through, then what prevents an external javascript getting loaded [21:07]
gizmoguyyou can't load javascript in an image tag? [21:08]
mnathaniI am open to javascript methods [21:08]
brycecyou can point at javascript, but it wouldn't be evaluated [21:08]
mnathaniSomething like : <script type="text/javascript" src="http://ipv4.dns.mnathani.com/"></script> [21:08]
brycecAnd when src'ing javascript, there are safeguards in place to prevent cross-site scripting attacks
@wiki XSS
oh right, BryceBot isn't in this channel :p
http://en.wikipedia.org/wiki/Cross-site_scripting
[21:08]
gizmoguyiframe? :P [21:09]
brycecBasically, src'ing javascript from domains other than the one being visited is a major IV/security issue. You can configure exceptions, but it's a PITA
gizmoguy++
clever, and hideous :)
There is JSONP though
[21:10]
gizmoguythat's mostly how my programming style is described :) [21:10]
brycec(In fact, JSONP is how test-ipv6 handles the subdomain accesses
brycec wanders off to get some supper
[21:11]
gizmoguygizmoguy fights snmpd with a stick [21:13]
.............. (idle for 1h7mn)
brycecbrycec hands gizmoguy a bigger stick, with spikes on the end [22:20]
gizmoguyi got it working in the end
hrm, why is it 5.30pm on a friday and I don't have a beer in my hand yet :(
[22:32]
brycecI have one box where snmpd just starts eating CPU like there's no tomorrow :(
gizmoguy: because you're waiting for the rest of the world to catch up[22:33] <gizmoguy> lol
[22:32]
gizmoguypeople should stop asking me to do work ;P
a user's desktop stopped working at 4.45pm
[22:33]
brycecgizmoguy: Play, have fun, whatever you do just don't work.
on a friday? sounds like Monday's problem
[22:33]
gizmoguyfixed that by 4.58pm
but then I had someone else come ask how to build a cloud infrastructure
that took at least 30 mins to solve
I think I freaked him out a little, he was wanting to do the minimal amount of work required
[22:33]
bryceckinda like askign "How do I Internet?" [22:34]
gizmoguyhaha yeah
the original question was "how do I install a VM in my new openstack I just built"
[22:34]
brycecbrycec facedesks [22:35]
gizmoguymy answer turned into, install/build a provisioning system, learn puppet, write puppet, click lots of buttons, done
btw theforeman is the best provisioning system I've ever used
i've recently replaced my job with it
( I didn't tell my boss yet )
[22:35]
bryceclol [22:36]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)