#arpnetworks 2014-03-26,Wed

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)
WhoWhatWhen
***raptelan has joined #arpnetworks [05:50]
........... (idle for 51mn)
hive-mind has quit IRC (Remote host closed the connection)
hive-mind has joined #arpnetworks 		[06:41]
............. (idle for 1h3mn)
phluxm0unds: sorry for being a dick the other day [07:45]
................... (idle for 1h31mn)
toddfanybody have unscheduled reboots or the like on kvr26 5 days ago? [09:16]
........ (idle for 39mn)
***jamiem_ is now known as jm|laptop [09:55]
......... (idle for 43mn)
m0undsphlux: no worries dude; didn't think you were being a dick
toddf: nope, pretty sure i'm on 26 and i have almost 60 days up 		[10:38]
toddfm0unds: vnc access info or portal would tell you which one you're on. so something about this specific system spontaneously rebooted 5 days ago, just ralized this morning of course [10:39]
m0undstoddf: i know
was in the process of logging in, but had to bring my vpn up first
oh, sorry - 27
not 26 		[10:39]
toddflogging in? vpn? your kvm has a vpn before you can signon to it? [10:40]
m0unds...
i need internet access to get to the panel, right?
so..vpn
:) 		[10:40]
toddfportal.arpnetworks.com is std internet, you are perhaps somewhere you can't just do personal stuff I guess ;-) [10:40]
m0undsexactly
our IS folks are nosy nosy nosy 		[10:40]
plettm0unds: But IRC is fine? [10:41]
m0undsthey spend more time watching what people do than blocking stuff people shouldn't be using
irc is via ssh, which they don't care about
they literally only examine 443 and 80 tcp
it's terribad
they use one of these appliances: https://www.stbernard.com/products/web_security/default.asp 		[10:41]
toddfarpnetworks should permit alternate portal access at https://portal.arpnetworks.com:1337 [10:42]
m0undshahah
yeah 		[10:42]
toddf(note to up_the_irons: that was a joke, I don't see value, really) [10:42]
brycecthat stbernard link's SSL cert doesn't match the domain... lol [10:45]
m0undsyeah
it's horrible anyway 		[10:45]
brycecm0unds: ssl mitm? [10:45]
m0undsso many ways to bypass its content inspection
i hope so
you can do something as simple as binding something in your hosts file and it'll skip right over 		[10:45]
bryceclol otherwise, that would mean lots of people blindly clicking through the "invalid ssl cert" warning
heh 		[10:46]
m0undsyeah
just really crappy all around
they like "magic boxes" that do stuff you could do without spending a ton of cash 		[10:46]
brycec(Or they install a matching root CA in every system)
heh 		[10:47]
m0undsthe network admin doesn't understand ntp, so time is different on different domains because none of the DCs have a single authoritative time source [10:48]
brycecbut... but...
brycec starts scheming on how to exploit this and win big 		[10:48]
m0undsso timeclocks are 2 mins ahead, our domain is 2 mins behind, slots time is 90 seconds ahead
every time another department reviews video and sees a time difference bw slots/player tracking and our video, the network admin will blame us for it 		[10:48]
brycechahaha oh god I didnt' even think about that. [10:50]
m0undsour time is synced w/a gps clock source [10:51]
ant"iPrism" lol [10:51]
m0undsyeah
badprism
hahaha 		[10:51]
brycecm0unds: And other stratum 1/2 hosts too, I hope
GPS is less reliable than NTP alone
(but don't worry, there's a magic box for NTP too) 		[10:51]
m0undsregulations prohibit any external network comms w/this system
so i can't have any external source unfortunately 		[10:52]
brycecExcept for GPS. GPS is external :P [10:52]
m0undsexternal network comms though, not time slice comms :P [10:53]
brycec(And spoofable...)
It seems so alien to me in this day and age to have a network taht is completely isolated from the Internet. 		[10:53]
m0undshaha
it's pretty common with industrial control systems and in surveillance networks that aren't IT-operated
getting less common i guess with control stuff, which is kinda bad since tons of those are really poorly architected security-wise
http://www.spectracomcorp.com/ProductsServices/TimingSynchronization/NetworkTimeServers/9483NetClockTimeServer/tabid/1439/Default.aspx this is similar to what we have, newer model though 		[10:54]
CaZeJust get a lump of cesium. [10:57]
brycecm0unds: Yeah I understand there are some terrific reasons for air-gap'd networks. Still strange to me though when I encounter them. (Or when I have to design them - I take pool.ntp.org for granted)
Ooh pretty 		[10:58]
m0undsin our case, i don't really understand why we need it separate except from IT's network [10:58]
brycecBecause your IT isn't worth shit, apparently :P [10:59]
m0undswe've got an ASA 5505 between us and them for getting point of sale data - micros just streams transaction log data to us
but that's the only connectivity allowed via regs
yeah, i kinda despise them. casino ops IT staff make about 30% more than i do, and they suck at everything they do :) 		[10:59]
antout of curiosity: is there something like DCF77 in nothern america? [11:01]
brycechttp://en.wikipedia.org/wiki/DCF77
Yes 		[11:01]
BryceBotDCF77 :: DCF77 is a German longwave time signal and standard-frequency radio station. It started service as a standard-frequency station on 1 January 1959. In June 1973 date and time information was added. Its primary and backup transmitter are located at 50°0′56″N 9°00′39″E in Mainflingen, about 25 km south-east of Frankfurt am Main, Germany. DCF77 is controlled by the Physikalisch-Technische Bundesanstalt (PTB), Germany's national... [11:01]
brycecWhatever the heck NIST blasts out
(among others)
"NIST's Boulder laboratories are best known for NIST‑F1, which houses an atomic clock. NIST‑F1 serves as the source of the nation's official time. From its measurement of the natural resonance frequency of caesium—which is used to define the second—NIST broadcasts time signals via longwave radio station WWVB near Fort Collins, Colorado, and shortwave radio stations WWV and WWVH, located near Fort Collins and Kekaha, Hawaii, ...
... respectively.[10]"
Perhaps more info at time.gov
Tada http://www.nist.gov/pml/div688/grp40/wwvb.cfm 		[11:01]
antoh, nice [11:04]
m0undsmy watch syncs with wwvb
m0unds is from boulder
just as an aside, haha 		[11:04]
bryceclol m0unds [11:05]
m0undsthe nist building at broadway and baseline is kinda funny looking
tons of radio antennas 		[11:05]
brycecMy watch syncs with pool.ntp.org :P (via my phone) [11:05]
m0undshaha [11:06]
up_the_ironstoddf: kvr26:
$ uptime
10:58:56 up 653 days, 8:44, 3 users, load average: 2.03, 2.09, 2.15
$
kvr18 had an unexpected reboot
maybe you meant that 		[11:06]
brycecm0unds: On a related note, my car syncs with GPS. It also assumes all of Idaho is Mountain time, and annoyingly changes the timezone automatically if I leave "GPS Sync" enabled. [11:07]
m0undshaha, whaaaaat? FANCY CAR [11:08]
brycecIt is kinda fancy, and not "super expensive" (MSRP is somewhere around $25k) [11:08]
sjacksoaw, that'd be sad. manually changing the time zone on long road trips is part of the fun. [11:08]
brycecNow if only it didn't assume all of Idaho was one timezone. [11:08]
toddfup_the_irons: nope, this host is clearly kvr26. so either openbsd rebooted straight away, or the kvm process itself died and immediately came back. neither sound very plasuble. yet I have system logs that show nothing leading up to a dmesg spew in /var/log/messages saying / was not unmounted cleanly. *scratches head*
er 		[11:11]
up_the_ironstoddf: using virtio for NIC? [11:11]
brycecClearly toddf should be leaving something connected to console.arpnetworks.com for logging :P [11:11]
up_the_ironsi've seen that happen to newer linux VMs with virtio on <= kvr26
brycec: lol 		[11:12]
toddfkvr18 .. there ya go, I crosseyed my notes on which vms are on which kvr systems
sorry for the noise 		[11:12]
up_the_ironshaha
np 		[11:12]
toddfI do have another host on kvr26 with a very similar name [11:12]
up_the_irons1120 days of uptime on kvr18 :)
yeah 		[11:12]
m0undsugh. i thought my ssd in my workstation took a dump, but it appears as though it's not the ssd. ah-boo. [11:16]
brycecYou're upset the SSD is apparently okay? [11:16]
m0undsyeah, because other stuff is more expensive, lol
machine randomly hard crashed and the ssd disappeared. swapped it to another port, still wouldn't show up.
but it's working alright, connected via my little ext sata>usb thing 		[11:17]
................................... (idle for 2h53mn)
mercutiom0unds: ocz? :)
ocz, and other sandforce used to do weird stuff like that 		[14:12]
m0undshaha, nope. samsung 840pro
256GB size 		[14:15]
mercutioweird
i wonder if it's the motherboard
i've seen onboard ethernet randomly die 		[14:20]
m0undsother disks on the thing work fine
this won't work regardless of which sata3 port i use
tried a sata cable from another working disk, but taht didn't make any difference either
i'll try it in another system when i get home tonight, just didn't have time to do that before i left for work 		[14:22]
......................... (idle for 2h0mn)
mercutiodo you have any sata2 ports?
although things like linux tell you if it's training down
not detecting at all seems like some kind of firmware bug? 		[16:25]
m0undsnot on that board, nope
it does seem like it might be firmware-related
was pricing stuff out, and i'm hopeful it's just the ssd and not a faulty mainboard or anything. ASUS' RMA process blows and I don't wanna spend more money on the AMD stuff 		[16:26]
***grepidemic has quit IRC (Ping timeout: 268 seconds)
grepidemic has joined #arpnetworks 		[16:36]
.......... (idle for 46mn)
mercutiomainboards cost about the same as ssd's :)
i haven't rma'ed with asus
i imagine if there were huge intel issues we'd hav heard about it
and i imagine it's not one of the original i5 boards with sata3 ports that die, as you'd then have sata 2 ports too 		[17:24]
m0undsthey sure do, but i also said i don't want to spend any more money on amd stuff [17:25]
mercutiooh you're using amd board
i haven't touched anything amd in yeras
i remember via chipsets suck?
i dunno who makes chipsets for amd now 		[17:25]
m0undsamd does
and has for years
since probably 2005 		[17:26]
mercutiooh
i had amd k6-2 500
or something
k6-3 450?
i can't remember
but that would have been before 2005 		[17:26]
m0undsyea, i had one of those back in like 1997 or 1998 [17:27]
mercutioand back then amd weren't making chipsets
oh hangon
i had athlon 64
bah i dunno
but ok amd maek chipsets, intel makes chipsets 		[17:27]
m0undsthat was around when they started making their own chipsets, after all the nvidia screw-ups
nforce garbage 		[17:27]
mercutiovia and nvidia and so forth probably don't make chipsets at all anymore
haha
the nvidia and via were both crap
but intel had some lousy chipsets back then 		[17:27]
m0undsyea [17:28]
mercutiowith cahce limitations etc [17:28]
m0undsbut newer intel and amd chipsets were both pretty good
amd beat intel to market with native usb3 and sata3 and stuff 		[17:28]
mercutiothey both do uefi now
cool 		[17:28]
m0undswithout needing add-on controllers (jmicro, marvel, etc) [17:29]
mercutiousb3 is handy [17:29]
m0undsyep [17:29]
mercutioi have a usb3 hard-drive
2.5" single cable, fast speeds 		[17:29]
m0undsyea, my little sata > usb dongle is usb3
i bought it to image my disk when i got an ssd for my macbook 		[17:29]
mercutioyeah i was wondering about ssd imaging
is it easy to do it on macs and windows etc? 		[17:30]
m0undsi forgot the name of the utility i used on the mac, but it was fast
haven't done it on windows yet
well, i do it at work
we use ghost for system images for recorders and such
m0unds forgot about that 		[17:30]
mercutioon linux i just use dd [17:30]
m0undsbut we use enterprise grade intel disks and we haven't had any fail yet, so it's just when we provision a new box that we do it [17:31]
mercutioi'd still want to do it every now and then
even the disk doesn't fail the user could fail 		[17:31]
m0undswell, these machines run 24/7 because they're recording video and don't have much, if any user interaction
they just run video chunkers and telemetry applications and chug away 		[17:32]
......... (idle for 42mn)
***xales has quit IRC (*.net *.split)
jcv has quit IRC (*.net *.split)
mike-burns has quit IRC (*.net *.split)
NiTeMaRe has quit IRC (*.net *.split)
twobithacker has quit IRC (*.net *.split)
staticsafe-znc has quit IRC (*.net *.split) 		[18:14]
mercutiooh right
and so you can prob go back to scracth fine 		[18:14]
m0undsyep, app servers build the configs and stuff - so we just drop the image on it, name the device and when the recording application starts back up, the app servers configure it and it's good to go [18:16]
staticsafehttps://lists.dns-oarc.net/pipermail/dns-operations/2014-March/011417.html [18:20]
m0undshttp://www.titanfall.com/news/we-hate-cheaters-just-as-much-as-you-do
i like "the wimbledon of aimbot contests" 		[18:27]
brycecm0unds: Carbon Copy Cloner?
17:28:46 < m0unds> i forgot the name of the utility i used on the mac, but it was fast
Also, Clonezilla ftw 		[18:37]
m0undsbrycec: that's the one
carbon copy cloner 		[18:37]
sjacksoI think the carbon copy cloner guy made a lot of sales to those of us who installed aftermarket ssds in mac laptops :) [18:50]
m0undsyeah, for sure [18:50]
***xales has joined #arpnetworks
jcv has joined #arpnetworks
mike-burns has joined #arpnetworks
twobithacker has joined #arpnetworks
staticsafe-znc has joined #arpnetworks
hobana.freenode.net sets mode: +o mike-burns 		[18:50]
m0undsalso got trim enabler, because osx doesn't enable trim for non-oem disks [18:51]
sjacksoI actually emailed him to say kudos for his non-crippled shareware (well, adware) policy
dunno if it's still that way now
(about the sales policy, not the trim thing) 		[18:51]
***NiTeMaRe has joined #arpnetworks [18:52]
........... (idle for 54mn)
hazardousm0unds: that sounds like it's going to be hilarious
i would totally watch a fight entirely with aimbots 		[19:46]
m0undsyeah [19:53]
.... (idle for 18mn)
CaZeIt's more fun to mess with them if you have admin commands.
You could do things like fling them across the board. 		[20:11]
m0undsi was always a fan of cexec commands in half-life mods
admin_cexec bind mouse1 "kill"
person clicks their fire button and they commit suicide
admin_cexec player bind mouse1 "kill" , rather 		[20:13]
CaZeOr invert their axes, so that trying to turn left makes them turn right and vice versa. [20:14]
m0undsadmin_execall "speak sub team report to locker room for but inspection and whiskey i scream" was a server macro on our counter-strike server back in the day [20:14]
............ (idle for 56mn)
***Hien_ has quit IRC (Ping timeout: 246 seconds)
treshoem2 has quit IRC (Ping timeout: 246 seconds)
treshoem2 has joined #arpnetworks
Hien has joined #arpnetworks 		[21:10]
↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)