↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
Who | What | When |
---|---|---|
mercutio | it doesn't bind to anything by deafult
oph use openntpd | [02:01] |
.............................................................. (idle for 5h7mn) | ||
phlux | m0unds: loving weechat here
http://www.phluxbox.com/img/vohgi4.png | [07:08] |
m0unds | using tmux too?
or is that your window mgr or whatever? | [07:12] |
phlux | m0unds: tmux
m0unds: I actually have a session over there using tmux -2 -S/var/tmp/tmux-rightmain.sock, I then split that window (^-b-") and run two more tmux instances | [07:13] |
mike-burns | That looks like a Gentoo box. | [07:14] |
phlux | mike-burns: it is :P | [07:14] |
mike-burns | Bam! | [07:14] |
phlux | m0unds: by doing that, and using different bindings specified in an alternative config file (~/.tmux2.conf) I can have two completely separate terminals over there | [07:15] |
m0unds | ah, ok | [07:15] |
phlux | (even though they're in one container)
mike-burns: You must've seen my eix-sync doing its thing over there | [07:15] |
m0unds | right | [07:16] |
*** | heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer heavysixer has quit IRC (Remote host closed the connection) | [07:16] |
mike-burns | phlux: that was the only thing that did _not_ tip me off!
The colors, and the icons in the top right, were the indicator to me. Gentoo users have better eyesight. | [07:17] |
phlux | lol | [07:18] |
mike-burns | The fontsize and leading, relatedly. | [07:18] |
phlux | mike-burns: Are you a Gentoo user as well? | [07:18] |
mike-burns | Nope. I can't see shit.
Debian on laptop, FreeBSD on server. GNOME3 on the laptop, too. | [07:19] |
phlux | Aye
I used to change WMs/DEs as often as I'd change socks but ever since I discovered i3, I've stuck with it aside from some testing for other people I've been playing this game that I found in portage last night called zsdx It's a Zelda clone, but damn is it good so far. | [07:24] |
mike-burns | Wow that looks really good.
I remember when tuxracer was the state of the art. That or XEvil. | [07:26] |
m0unds | haha, tuxracer | [07:27] |
RandalSchwartz | I've raced Linus at a local indoor kart track
his nick there: "Tux" so he's literally the "Tux Racer" he kicked my ass too | [07:27] |
m0unds | is he also a penguin? | [07:27] |
mike-burns | Ha. | [07:28] |
RandalSchwartz | my arms are too short to reach the steering wheel if I lean all the way back, so I have to lean forward and I don't have as solid of a grip | [07:28] |
phlux | lol | [07:28] |
................................... (idle for 2h51mn) | ||
Yamazaki-kun | I think I'm going to have to check out this weechat thing. | [10:19] |
and damn, 1.93.49.226 is persistent. | [10:25] | |
ant | ssh brute force from china?
yesterday some botnet (mostly from china) was bruteforcing some servers of mine so hard that the ssh server would accept connections anymore | [10:26] |
m0unds | haha
change your ssh port Yamazaki-kun: it looks pretty nice. default theme is like default irssi too i installed it but haven't had a chance to mess with it yet | [10:37] |
ant | that's so inconvenient, so i only do that on machines i don't login often | [10:38] |
m0unds | more inconvenient having auth logs full of shit, imo
ssh -p xxxx -l user hostname not so hard | [10:39] |
ant | i'm thinking about generating firewall rules from the list of networks apnic delegated to china | [10:39] |
jcv | and you can always set per host ports in your ~/.ssh/config
that way you don't even have to remember the -p | [10:39] |
m0unds | yep | [10:40] |
ant | but i have to do that on every machine i want to use... | [10:40] |
m0unds | i just use the same high 64xxx range port on my hosts
and like magic, the only login activity i see is mine | [10:40] |
ant | and tell all others who want to login there to... | [10:40] |
m0unds | i guess whatever works for you
it's just been my first course of action for the last like 12-13 years, changing the port haha | [10:41] |
mike-burns | My .ssh/config is in my dotfiles that I carry around with me. | [10:52] |
Yamazaki-kun | At first I thought it was irssi and then I realized that you can't actually do that | [10:53] |
jcv | yeah, that is right after my .emacs and .bashrc for dot files I really need | [10:53] |
Yamazaki-kun | ssh from cn just tried root account
not much force there | [10:53] |
mike-burns | Similarly for me: .vimrc and .zshrc.
I wonder what the other 113 dot files I have are for ... | [10:54] |
m0unds | .launchcoderc | [10:56] |
mike-burns | I deleted that one; I never used it!
I do have a .rcrc, for managing my .*rc files. | [10:56] |
m0unds | do you have a .rcrcrc file for managing your .rcrc files? | [10:57] |
mike-burns | At this point I probably should!
https://github.com/thoughtbot/rcm - I use this (disclaimer: I wrote it). | [10:57] |
Yamazaki-kun | hm, so even though you have to have forwarding turned on to use jail networking, the TTL doesn't get decremented.
my jails have the same TTL as the main OS instance I don't think I was expecting that. | [10:57] |
mike-burns | http://thoughtbot.github.io/rcm/ - better docs. | [10:58] |
*** | tooth_ is now known as tooth | [11:02] |
brycec | What do you have against pf rate-limit/fail2ban/etc? (m0unds, ant)
Noting wrong with changing the port either. But fail2ban, or a pf rule goes a long way | [11:06] |
ant | i had rate limiting once, but then botnets began to use different ips for each try, so i disabled it
also i don't really care about the auth.log entries so until yesterday it didn't bother me at all | [11:07] |
brycec | pass in on egress proto tcp to any port ssh flags S/SA keep state (max-src-conn 30, max-src-conn-rate 2/4, overload <ssh_brute_hosts> flush global) label "ssh_brute_match"
bam. It's pretty strict, and I'm okay with that. (And no I don't bother expire entries from ssh_brute_hosts) | [11:08] |
Yamazaki-kun | I just see it as a cosmetic solution. I guess it does clean up the logs, though
best way to stop Rumpelstiltkin attacks is to disable password-based authentication. | [11:11] |
*** | solj has joined #arpnetworks | [11:13] |
Yamazaki-kun | Oh, and a really nice regression for FreeBSD 10: make sure you devfs_load_rulesets="YES" in /etc/rc.conf if you like your jails' devfs to be suitably barren
rc.d/jail should fail-secure if it can't find the devfs ruleset you're telling it to load. sadly, it doesn't. No point in jailing anything if it can still get to kmem. | [11:13] |
brycec | I see it as more than just cosmetic. Saves resources (cpu, memory, disk space) and bandwidth. | [11:14] |
Yamazaki-kun | I guess it depends how hard they're hitting you.
okay, and I just checked auth.log. Still annoying even though it's the one Chinese dude. Yamazaki-kun runs off to work. | [11:15] |
brycec | That pf line is from a shell host I co-admin. We're a bit of a target ;) | [11:18] |
solj | i'm having trouble connecting to udp:1194 on my machine from outside arpnetworks. is there anyone here who might be able to help? | [11:24] |
brycec | You can always help yourself :p | [11:24] |
solj | solj grins | [11:24] |
brycec | I can vouch that UDP/1194 works perfectly fine, I have a relatively large openvpn net | [11:24] |
solj | solj sighs. let me try restarting it out of band then | [11:25] |
brycec | What about in-band access, no ssh?
(As in: If you can't ssh, and you can't connect to openvpn, then yeah maybe you have bigger issues :p) | [11:25] |
solj | no, i can ssh to the public ip, but i have to edit hosts, etc | [11:26] |
brycec | And for the record, "help yourself" means tcpdump | [11:28] |
*** | xiphias_ has joined #arpnetworks
xiphias has quit IRC (Read error: Connection reset by peer) | [11:28] |
brycec | But OpenVPN fails? Anything useful in the logs? | [11:42] |
solj | brycec: yeah, but now it's working again
TLS Error: Unroutable control packet received from [AF_INET]REDACTED:1194 (si=3 op=P_ACK_V1) was what was happening brycec: the interesting part was that it was working for other nodes at arp | [11:48] |
...... (idle for 26mn) | ||
m0unds | brycec: i prefer a log that isn't full of stuff, so i change the port and rate limit :) | [12:19] |
brycec | good m0unds | [12:19] |
.................................. (idle for 2h49mn) | ||
*** | NiTeMaRe has quit IRC (Ping timeout: 265 seconds)
NiTeMaRe has joined #arpnetworks xiphias_ has quit IRC (Ping timeout: 265 seconds) xiphias has joined #arpnetworks xiphias has quit IRC (Changing host) xiphias has joined #arpnetworks | [15:08] |
.................. (idle for 1h25mn) | ||
up_the_irons | "There have been no allocations made from this
block as of yet, however, once we do begin issuing from this block, the minimum allocation size for this /10 will be a /28 and the maximum allocation size will be a /24. " wut? ARIN is going to start issuing /28s?? | [16:38] |
staticsafe | yep
it has begun | [16:39] |
m0unds | http://thylaa.tumblr.com/post/69207958886/more | [16:40] |
brycec | lol | [16:42] |
m0unds | man, i'm all out of stuff to do | [16:46] |
..... (idle for 23mn) | ||
http://arstechnica.com/tech-policy/2014/01/att-plan-to-shut-off-public-switched-telephone-network-moves-ahead-at-fcc/ | [17:09] | |
BryceBot | Ars Technica: "AT&T plan to shut off Public Switched Telephone Network moves ahead at FCC" | [17:09] |
.................. (idle for 1h27mn) | ||
mercutio | up_the_irons: scary :)
i actually like it in a way apnic are giving people /22s for people without existing allocations or who haven't made their final allocation a lot of peopel can suffice on a /26 that said i woudlnt' want to have smaller than a /24 i bet there's people filtering on /24 with no default and so unless someone is going to advertise the greater /10 and provide backup routing it sounds dangerous apparently there are some 512k bgp prefix limits lying around currently global routing table is about 465k (k being 1024 with both) so even 10% more routes could run into issues on some platforms soon | [18:36] |
m0unds | yea, there's a lot of old stuff barely hanging on | [18:48] |
*** | rgouveia has quit IRC (Ping timeout: 265 seconds)
rgouveia has joined #arpnetworks | [18:56] |
....... (idle for 33mn) | ||
r0ni has joined #arpnetworks | [19:30] | |
....... (idle for 32mn) | ||
m0unds has quit IRC (Quit: let's try weechat)
m0unds has joined #arpnetworks | [20:02] | |
m0unds has quit IRC (Quit: whoops)
m0unds has joined #arpnetworks | [20:10] | |
..... (idle for 21mn) | ||
m0unds | huh, weechat is pretty nice | [20:32] |
.......... (idle for 47mn) | ||
*** | r0ni has quit IRC (Quit: Textual IRC Client: www.textualapp.com) | [21:19] |
.............. (idle for 1h5mn) | ||
phlux | yeah
it is | [22:24] |
↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |