***: hive-mind has quit IRC (Remote host closed the connection)
hive-mind has joined #arpnetworks phlux: m0unds: sorry for being a dick the other day toddf: anybody have unscheduled reboots or the like on kvr26 5 days ago? ***: jamiem_ is now known as jm|laptop m0unds: phlux: no worries dude; didn't think you were being a dick
toddf: nope, pretty sure i'm on 26 and i have almost 60 days up toddf: m0unds: vnc access info or portal would tell you which one you're on. so something about this specific system spontaneously rebooted 5 days ago, just ralized this morning of course m0unds: toddf: i know
was in the process of logging in, but had to bring my vpn up first
oh, sorry - 27
not 26 toddf: logging in? vpn? your kvm has a vpn before you can signon to it? m0unds: ...
i need internet access to get to the panel, right?
so..vpn
:) toddf: portal.arpnetworks.com is std internet, you are perhaps somewhere you can't just do personal stuff I guess ;-) m0unds: exactly
our IS folks are nosy nosy nosy plett: m0unds: But IRC is fine? m0unds: they spend more time watching what people do than blocking stuff people shouldn't be using
irc is via ssh, which they don't care about
they literally only examine 443 and 80 tcp
it's terribad
they use one of these appliances: https://www.stbernard.com/products/web_security/default.asp toddf: arpnetworks should permit alternate portal access at https://portal.arpnetworks.com:1337 m0unds: hahah
yeah toddf: (note to up_the_irons: that was a joke, I don't see value, really) brycec: that stbernard link's SSL cert doesn't match the domain... lol m0unds: yeah
it's horrible anyway brycec: m0unds: ssl mitm? m0unds: so many ways to bypass its content inspection
i hope so
you can do something as simple as binding something in your hosts file and it'll skip right over brycec: lol otherwise, that would mean lots of people blindly clicking through the "invalid ssl cert" warning
heh m0unds: yeah
just really crappy all around
they like "magic boxes" that do stuff you could do without spending a ton of cash brycec: (Or they install a matching root CA in every system)
heh m0unds: the network admin doesn't understand ntp, so time is different on different domains because none of the DCs have a single authoritative time source brycec: but... but... -: brycec starts scheming on how to exploit this and win big m0unds: so timeclocks are 2 mins ahead, our domain is 2 mins behind, slots time is 90 seconds ahead
every time another department reviews video and sees a time difference bw slots/player tracking and our video, the network admin will blame us for it brycec: hahaha oh god I didnt' even think about that. m0unds: our time is synced w/a gps clock source ant: "iPrism" lol m0unds: yeah
badprism
hahaha brycec: m0unds: And other stratum 1/2 hosts too, I hope
GPS is less reliable than NTP alone
(but don't worry, there's a magic box for NTP too) m0unds: regulations prohibit any external network comms w/this system
so i can't have any external source unfortunately brycec: Except for GPS. GPS is external :P m0unds: external network comms though, not time slice comms :P brycec: (And spoofable...)
It seems so alien to me in this day and age to have a network taht is completely isolated from the Internet. m0unds: haha
it's pretty common with industrial control systems and in surveillance networks that aren't IT-operated
getting less common i guess with control stuff, which is kinda bad since tons of those are really poorly architected security-wise
http://www.spectracomcorp.com/ProductsServices/TimingSynchronization/NetworkTimeServers/9483NetClockTimeServer/tabid/1439/Default.aspx this is similar to what we have, newer model though CaZe: Just get a lump of cesium. brycec: m0unds: Yeah I understand there are some terrific reasons for air-gap'd networks. Still strange to me though when I encounter them. (Or when I have to design them - I take pool.ntp.org for granted)
Ooh pretty m0unds: in our case, i don't really understand why we need it separate except from IT's network brycec: Because your IT isn't worth shit, apparently :P m0unds: we've got an ASA 5505 between us and them for getting point of sale data - micros just streams transaction log data to us
but that's the only connectivity allowed via regs
yeah, i kinda despise them. casino ops IT staff make about 30% more than i do, and they suck at everything they do :) ant: out of curiosity: is there something like DCF77 in nothern america? brycec: http://en.wikipedia.org/wiki/DCF77
Yes BryceBot: DCF77 :: DCF77 is a German longwave time signal and standard-frequency radio station. It started service as a standard-frequency station on 1 January 1959. In June 1973 date and time information was added. Its primary and backup transmitter are located at 50°0′56″N 9°00′39″E in Mainflingen, about 25 km south-east of Frankfurt am Main, Germany. DCF77 is controlled by the Physikalisch-Technische Bundesanstalt (PTB), Germany's national... brycec: Whatever the heck NIST blasts out
(among others)
"NIST's Boulder laboratories are best known for NIST‑F1, which houses an atomic clock. NIST‑F1 serves as the source of the nation's official time. From its measurement of the natural resonance frequency of caesium—which is used to define the second—NIST broadcasts time signals via longwave radio station WWVB near Fort Collins, Colorado, and shortwave radio stations WWV and WWVH, located near Fort Collins and Kekaha, Hawaii, ...
... respectively.[10]"
Perhaps more info at time.gov
Tada http://www.nist.gov/pml/div688/grp40/wwvb.cfm ant: oh, nice m0unds: my watch syncs with wwvb -: m0unds is from boulder m0unds: just as an aside, haha brycec: lol m0unds m0unds: the nist building at broadway and baseline is kinda funny looking
tons of radio antennas brycec: My watch syncs with pool.ntp.org :P (via my phone) m0unds: haha up_the_irons: toddf: kvr26:
$ uptime
10:58:56 up 653 days, 8:44, 3 users, load average: 2.03, 2.09, 2.15
$
kvr18 had an unexpected reboot
maybe you meant that brycec: m0unds: On a related note, my car syncs with GPS. It also assumes all of Idaho is Mountain time, and annoyingly changes the timezone automatically if I leave "GPS Sync" enabled. m0unds: haha, whaaaaat? FANCY CAR brycec: It is kinda fancy, and not "super expensive" (MSRP is somewhere around $25k) sjackso: aw, that'd be sad. manually changing the time zone on long road trips is part of the fun. brycec: Now if only it didn't assume all of Idaho was one timezone. toddf: up_the_irons: nope, this host is clearly kvr26. so either openbsd rebooted straight away, or the kvm process itself died and immediately came back. neither sound very plasuble. yet I have system logs that show nothing leading up to a dmesg spew in /var/log/messages saying / was not unmounted cleanly. *scratches head*
er up_the_irons: toddf: using virtio for NIC? brycec: Clearly toddf should be leaving something connected to console.arpnetworks.com for logging :P up_the_irons: i've seen that happen to newer linux VMs with virtio on <= kvr26
brycec: lol toddf: kvr18 .. there ya go, I crosseyed my notes on which vms are on which kvr systems
sorry for the noise up_the_irons: haha
np toddf: I do have another host on kvr26 with a very similar name up_the_irons: 1120 days of uptime on kvr18 :)
yeah m0unds: ugh. i thought my ssd in my workstation took a dump, but it appears as though it's not the ssd. ah-boo. brycec: You're upset the SSD is apparently okay? m0unds: yeah, because other stuff is more expensive, lol
machine randomly hard crashed and the ssd disappeared. swapped it to another port, still wouldn't show up.
but it's working alright, connected via my little ext sata>usb thing mercutio: m0unds: ocz? :)
ocz, and other sandforce used to do weird stuff like that m0unds: haha, nope. samsung 840pro
256GB size mercutio: weird
i wonder if it's the motherboard
i've seen onboard ethernet randomly die m0unds: other disks on the thing work fine
this won't work regardless of which sata3 port i use
tried a sata cable from another working disk, but taht didn't make any difference either
i'll try it in another system when i get home tonight, just didn't have time to do that before i left for work mercutio: do you have any sata2 ports?
although things like linux tell you if it's training down
not detecting at all seems like some kind of firmware bug? m0unds: not on that board, nope
it does seem like it might be firmware-related
was pricing stuff out, and i'm hopeful it's just the ssd and not a faulty mainboard or anything. ASUS' RMA process blows and I don't wanna spend more money on the AMD stuff ***: grepidemic has quit IRC (Ping timeout: 268 seconds)
grepidemic has joined #arpnetworks mercutio: mainboards cost about the same as ssd's :)
i haven't rma'ed with asus
i imagine if there were huge intel issues we'd hav heard about it
and i imagine it's not one of the original i5 boards with sata3 ports that die, as you'd then have sata 2 ports too m0unds: they sure do, but i also said i don't want to spend any more money on amd stuff mercutio: oh you're using amd board
i haven't touched anything amd in yeras
i remember via chipsets suck?
i dunno who makes chipsets for amd now m0unds: amd does
and has for years
since probably 2005 mercutio: oh
i had amd k6-2 500
or something
k6-3 450?
i can't remember
but that would have been before 2005 m0unds: yea, i had one of those back in like 1997 or 1998 mercutio: and back then amd weren't making chipsets
oh hangon
i had athlon 64
bah i dunno
but ok amd maek chipsets, intel makes chipsets m0unds: that was around when they started making their own chipsets, after all the nvidia screw-ups
nforce garbage mercutio: via and nvidia and so forth probably don't make chipsets at all anymore
haha
the nvidia and via were both crap
but intel had some lousy chipsets back then m0unds: yea mercutio: with cahce limitations etc m0unds: but newer intel and amd chipsets were both pretty good
amd beat intel to market with native usb3 and sata3 and stuff mercutio: they both do uefi now
cool m0unds: without needing add-on controllers (jmicro, marvel, etc) mercutio: usb3 is handy m0unds: yep mercutio: i have a usb3 hard-drive
2.5" single cable, fast speeds m0unds: yea, my little sata > usb dongle is usb3
i bought it to image my disk when i got an ssd for my macbook mercutio: yeah i was wondering about ssd imaging
is it easy to do it on macs and windows etc? m0unds: i forgot the name of the utility i used on the mac, but it was fast
haven't done it on windows yet
well, i do it at work
we use ghost for system images for recorders and such -: m0unds forgot about that mercutio: on linux i just use dd m0unds: but we use enterprise grade intel disks and we haven't had any fail yet, so it's just when we provision a new box that we do it mercutio: i'd still want to do it every now and then
even the disk doesn't fail the user could fail m0unds: well, these machines run 24/7 because they're recording video and don't have much, if any user interaction
they just run video chunkers and telemetry applications and chug away ***: xales has quit IRC (*.net *.split)
jcv has quit IRC (*.net *.split)
mike-burns has quit IRC (*.net *.split)
NiTeMaRe has quit IRC (*.net *.split)
twobithacker has quit IRC (*.net *.split)
staticsafe-znc has quit IRC (*.net *.split) mercutio: oh right
and so you can prob go back to scracth fine m0unds: yep, app servers build the configs and stuff - so we just drop the image on it, name the device and when the recording application starts back up, the app servers configure it and it's good to go staticsafe: https://lists.dns-oarc.net/pipermail/dns-operations/2014-March/011417.html m0unds: http://www.titanfall.com/news/we-hate-cheaters-just-as-much-as-you-do
i like "the wimbledon of aimbot contests" brycec: m0unds: Carbon Copy Cloner?
17:28:46 < m0unds> i forgot the name of the utility i used on the mac, but it was fast
Also, Clonezilla ftw m0unds: brycec: that's the one
carbon copy cloner sjackso: I think the carbon copy cloner guy made a lot of sales to those of us who installed aftermarket ssds in mac laptops :) m0unds: yeah, for sure ***: xales has joined #arpnetworks
jcv has joined #arpnetworks
mike-burns has joined #arpnetworks
twobithacker has joined #arpnetworks
staticsafe-znc has joined #arpnetworks
hobana.freenode.net sets mode: +o mike-burns m0unds: also got trim enabler, because osx doesn't enable trim for non-oem disks sjackso: I actually emailed him to say kudos for his non-crippled shareware (well, adware) policy
dunno if it's still that way now
(about the sales policy, not the trim thing) ***: NiTeMaRe has joined #arpnetworks hazardous: m0unds: that sounds like it's going to be hilarious
i would totally watch a fight entirely with aimbots m0unds: yeah CaZe: It's more fun to mess with them if you have admin commands.
You could do things like fling them across the board. m0unds: i was always a fan of cexec commands in half-life mods
admin_cexec bind mouse1 "kill"
person clicks their fire button and they commit suicide
admin_cexec player bind mouse1 "kill" , rather CaZe: Or invert their axes, so that trying to turn left makes them turn right and vice versa. m0unds: admin_execall "speak sub team report to locker room for but inspection and whiskey i scream" was a server macro on our counter-strike server back in the day ***: Hien_ has quit IRC (Ping timeout: 246 seconds)
treshoem2 has quit IRC (Ping timeout: 246 seconds)
treshoem2 has joined #arpnetworks
Hien has joined #arpnetworks