***: ChanServ sets mode: +o toddf
pyvpx: up_the_irons: hola :)
***: toddf has quit IRC (Remote host closed the connection)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
toddf has quit IRC (Remote host closed the connection)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
cw1972 has quit IRC (Ping timeout: 248 seconds)
milki has quit IRC (Read error: Connection reset by peer)
tooth has quit IRC (Ping timeout: 264 seconds)
DaCa_ has quit IRC (Ping timeout: 264 seconds)
dj_goku_ has quit IRC (Ping timeout: 264 seconds)
kevr has quit IRC (*.net *.split)
toddf has quit IRC (*.net *.split)
dne has quit IRC (*.net *.split)
meingtsla has quit IRC (*.net *.split)
pjs has quit IRC (*.net *.split)
mercutio has quit IRC (*.net *.split)
acf_ has quit IRC (*.net *.split)
jpalmer has quit IRC (*.net *.split)
toeshred has quit IRC (*.net *.split)
ant has quit IRC (*.net *.split)
plett has quit IRC (*.net *.split)
novae has quit IRC (*.net *.split)
dangel_ has quit IRC (*.net *.split)
dj_goku__ has quit IRC (*.net *.split)
z310 has quit IRC (*.net *.split)
mnathani has quit IRC (*.net *.split)
jcv has quit IRC (*.net *.split)
gluffis_ has quit IRC (*.net *.split)
brycec has quit IRC (*.net *.split)
anisfarhana has quit IRC (*.net *.split)
gizmoguy has quit IRC (*.net *.split)
hive-mind has quit IRC (*.net *.split)
SpeedBus has quit IRC (*.net *.split)
tabthorpe has quit IRC (*.net *.split)
medum has quit IRC (*.net *.split)
raptelan has quit IRC (*.net *.split)
CaZe has quit IRC (*.net *.split)
qbit has quit IRC (*.net *.split)
BryceBot has quit IRC (*.net *.split)
tellnes has quit IRC (*.net *.split)
m0unds has quit IRC (*.net *.split)
KILLALLHUMANS01 has quit IRC (*.net *.split)
up_the_irons has quit IRC (*.net *.split)
pyvpx has quit IRC (*.net *.split)
eryc has quit IRC (*.net *.split)
joepie91 has quit IRC (*.net *.split)
carvite has quit IRC (*.net *.split)
KDE_Perry has quit IRC (*.net *.split)
koan has quit IRC (*.net *.split)
mhoran has quit IRC (*.net *.split)
SpaceDump has quit IRC (*.net *.split)
hazardous has quit IRC (*.net *.split)
reardencode has quit IRC (*.net *.split)
staticsafe has quit IRC (*.net *.split)
Hien has quit IRC (*.net *.split)
mike-burns has quit IRC (*.net *.split)
twobithacker has quit IRC (*.net *.split)
jbergstroem has quit IRC (*.net *.split)
[FBI] starts logging #arpnetworks at Wed Jul 09 07:10:30 2014
[FBI] has joined #arpnetworks
mnathani has joined #arpnetworks
Hien has quit IRC (Quit: leaving)
Hien has joined #arpnetworks
Hien: up_the_irons: ping :)
***: toddf has quit IRC (Remote host closed the connection)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
toddf has quit IRC (Remote host closed the connection)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
-: brycec pongs
pyvpx dings
Hien: pokes brycec
-: brycec flies into a rage, "I am NOT the Pillsbury Doughboy"
Hien xD
brycec: Hien: Do you have a question specifically for up_the_irons? Or is it maybe something the knowledgeable people and bots of #arpnetworks could help with?
Hien: brycec: Thank you. But I email'd up_the_irons
-: Hien pokes BryceBot
brycec: Ah
I wouldn't do that if I were you
Hien: Why ? 0_o
Just about new order, no urgent question or something xD
brycec: I meant the poking of BryceBot. BryceBot is mean.
Hien: Oh.
-: Hien hugs BryceBot
mnathani: @weather yyz
BryceBot: Toronto-Pearson International, Ontario: Mostly Cloudy ☁ 68°F (20°C), Humidity: 56%, Wind: From the West at 15 MPH Gusting to 22 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=43.67722321,-79.63055420 or re-request this with: @weather -v yyz
staticsafe: nice day today
mnathani: yesterday was a lot of rain followed by sunshine
dangel_: @weather CAZ096
BryceBot: Error, No cities match your search query
up_the_irons: @weather 90012
BryceBot: Los Angeles, CA: Partly Cloudy ☁ 76°F (24°C), Humidity: 71%, Wind: From the WNW at 1.0 MPH Gusting to 10.0 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=34.059711,-118.256401 or re-request this with: @weather -v 90012
up_the_irons: @weather 91344
BryceBot: Granada Hills, CA: Clear 82°F (27°C), Humidity: 51%, Wind: From the SSE at 2.9 MPH Gusting to 4.9 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=34.287365,-118.484680 or re-request this with: @weather -v 91344
up_the_irons: 6°F cooler at the office
brycec: up_the_irons: closer to the water too
dangel_: brycec: Feature request... noaa stations. :)
***: dangel_ is now known as dav
brycec: dav: Take it up with wunderground.com
dav: brycec: Copy that.
brycec: @weather San Joaquin Valley, CA
BryceBot: Multiple locations matched your query: San Diego International-Lindbergh, CA (zmw:92140.5.99999), San, ML (zmw:00000.1.61277),
brycec: Apparently wunderground hates the Sierra Nevada Mountains
-: dav chuckles.
brycec: @weather Hanford, CA
BryceBot: Hanford, CA: Clear 82°F (28°C), Humidity: 50%, Wind: From the West at 2.7 MPH Gusting to 3.7 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=36.355957,-119.656898 or re-request this with: @weather -v Hanford, CA
brycec: Close enough
(Actually wunderground redirects to Lakeshore, CA for the lat/lon of CAZ096
@weather 37.29833,-119.10333
BryceBot: Lakeshore, CA: Clear 77°F (25°C), Humidity: 17%, Wind: From the East at 5 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=37.62405777,-118.83875275 or re-request this with: @weather -v 37.29833,-119.10333
dav: Oh! Coordinates work. Sweet.
brycec: I love that http://forecast.weather.gov/MapClick.php?zoneid=CAZ096 says it's -18C there
dav: Busted sensor I guess?
brycec: (coordinates need to be comma-separated, no spaces)
(again, that's just how wunderground works)
***: twobithacker has quit IRC (Quit: ZNC - http://znc.in)
twobithacker has joined #arpnetworks
tooth_ is now known as tooth
jpalmer: wow, I haven't seen that in forever. someone joined a channel and instantly start begging for ops.
"Can I have ops, plz?"
up_the_irons: I can haz ops?!?! I need it to hang out in this channel! it's sooper important!!!11!11oneeleven
brycec: up_the_irons: CAN I OPS HAZ???????
Not that #arpnetworks needs more ops really
But I'm sure I would make a good op :p
-: staticsafe bans brycec from the internets
brycec: bawwwww :(
jpalmer: haha not just a k or g-line, an internet-line!
-: brycec instantly begins losing weight, now that he's not sitting 50% of the work day
mnathani: up_the_irons: hey, if everyone else gets ops, I would like ops too
jpalmer: +o for all. now we just need an eggdrop bot network!
brycec: #arpnetworks could do something like #devious does, +V users that are smart, well established, good community members etc (and +o for admins)
It's used as a means of saying "these people know what they're talking about, they aren't just random people spouting bad advice"
jpalmer: I don't know that it'd be necessary here. I really was just making fun of the fact that I hadn't seen that behavior in several years..
brycec: Heh yeah #arpnetworks seems to work just fine. Since it's pretty quiet in here, there's very little need for the "endorsement" of +V
mnathani: halfops would work for me : %
meingtsla: if only they existed on freenode
brycec: ^
acf_: anybody else notice SIP brute forcing getting particularly bad?
m0unds: is that like ops for hobbits?
acf_: it just crashed asterisk
m0unds: no idea, i don't run any sip boxes connected to the internet without firewall rules or nat in front of them
acf_: probably wise
http://unixcube.org/who/acf/tmp/sipgraph.png
^ mostly SIP traffic
notice the outbound is significantly above the inbound in that last part
maybe a SIP amplification attack of some sort?
***: acf_ has quit IRC (Ping timeout: 240 seconds)
acf_ has joined #arpnetworks
acf_: up_the_irons: are you around?
m0unds: do you happen to have ARP metal?
up_the_irons: acf_: don't ask to ask, just ASK ;)
acf_: can you sign a new ipmi vpn cert for me please? :/
I forgot the passphrase
up_the_irons: yeah, send the csr to support@
acf_: thanks
m0unds: acf_: nope
acf_: up_the_irons: okay, I've sent it
brycec: I've seen nasty SIP brute forcing too, at the firewall :P
acf_: how do you firewall your sip?
brycec: Sorry that it's chewing up so much of your bandwidth acf_
acf_: One of two approaches. 1) Only open ports for specific hosts, 2) Fail2Ban
acf_: hm. I guess it's option 2 for me
m0unds: fail2booooooooooo
brycec: acf_: why not #1?
acf_: SIP clients on dynamic addresses
unless there is some other way to restrict based on host?
brycec: *how* dynamic? I have clients whose IPs only change once a blue moon. Others I have the client update a dyndns host and pf refreshes from that hourly.
acf_: Comcast dynamic IP
also cellular network
that's what I'm most worried about
brycec: Comcast - once a month at most
Cellular... blech
acf_: you could run SIP on a non-standard port too
acf_: I was thinking about that
m0unds: vpn :D
brycec: VPN is a perfect solution, if you have perfect users.
acf_: VPN would be great, except for mobile devices
brycec: [mobile devices do VPN...]
acf_: have you had any experience with VPN on mobile devices?
I haven't...
brycec: Yes
acf_: but it seems like it could be bad
brycec: OpenVPN, l2tp, and ipsec
m0unds: it's fine
i've used l2tp and ipsec
brycec: oh and pptp
m0unds: ugh
yuck
acf_: I'll have to try that
brycec: m0unds: PPTP still easiest for $users to setup and configure
acf_: and comments on device support?
brycec: For a simple voice VPN, I wasn't too worried
acf_: Android, Symbian, iOS, etc...
brycec: I can say for certain that Android and iOS do PPTP and L2TP+IPsec natively.
Android has good OpenVPN client support
(last I checked, iOS had to be jailbroken for opencpn)
acf_: apparently Symbian supports PPTP also
I might try that
brycec: PPTP isn't the most secure, but it's simplest (username+password) and "good enough" for a simple voice vpn
Plus with VPN, you don't have to deal with NAT issues
acf_: have you any experience with voip handoff between wifi and 3g?
ie, you go in range of wifi, phone connects, drops call
brycec: If it's in a VPN, you're just waiting for the VPN tunnel to reesatablish
but if that's quick, the call stays up and nobody notices.
m0unds: i typically just dump sip calls to my phone# directly
if i don't answer my ext
acf_: how about outbound calls? the cid gets all messed up...
m0unds: i just block my outbound cid
and dial from my phone
acf_: ah
m0unds: if the call recipient went through the trouble to block anonymous calls, they can wait til i get to the office
haha
brycec: m0unds++ on all points
In theory you can setup a DISA, call the PBX and then route back out
Or just *67
acf_: I've been looking for a way to do that cleanly for a long time
ie, click on a contact, it dials the PBX, etc...
brycec: There are craploads of click2call
Many of them work well, even
acf_: not for Symbian users :/
m0unds: a buddy of mine did that to allow him to dial in to his PBX to have outbound calls routed via his toll-free
whoa, symbian?
brycec: acf_: if the Symbian user is just a cellphone, then what does it matter?
ie you click the link on your computer, the PBX calls your phone (the Symbian or whatever) and when you pickup and confirm, then the PBX bridges that to an outbound call to $wherever
A phone call is a phone call, regardless of the receiving device.
acf_: ah yes
I was hoping for some tighter integration
so that you can initiate the call using the built in ui and it just works
brycec: acf_: i seem to recall that Blackberry (because that's what I used at the time) had a means to program a prefix so you could dial through the office phone system
To do just that
No idea if Android etc can do that nowadays
acf_: yeah. any idea what that's called? my google searches have yeilded nothing...
brycec: In theory though, you can just prefix the destination with 1800mypbx{pauses}$disaextension{pause}
prefix dialing i think
acf_: ok cool
brycec: or "dial via office"
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cumc/7_1/english/BlackBerry/installation_user_guide/install_user_guide/calls.pdf
obviously that's the blackberry specific stuff :p[
acf_: yeah
brycec: but you could google for $platform dial via office
looks like Android uses a Cisco app for it
Symbian seems to be left with click2call/"reverse callback"
acf_: that's what I was afraid of
I wonder if GSM/UMTS has any out-of-band signalling capabilities at call setup
you could change the software stack to dial a fixed number, and signal the actual number to dial
brycec: Besides the messaging layer that SMS is built atop?
acf_: I guess that could work
brycec: I don't know if it supports that function specifically though
Maybe that's what this "fixed dialing numbers" stuff is about
on second though, FDN wouldn't solve the problem
acf_: I'm kind of surprised that the telecoms don't have services that allow easy integration into PBXes
brycec: It's not the telecoms prerogative
acf_: it seems like it would be a useful service for companies that use cell phones
brycec: it's Android/WinMo/Symbian
And companies that use cellphones also use Cisco (with their own Android app), or Blackberries (builtin)
staticsafe: who uses Symbian anymore
acf_: Europe
brycec: (Lync might even have an 'app' hook to do it)
staticsafe: really now
brycec: Europe is a myth
acf_: well, yeah
people are moving away from it
m0unds: 4.4% global market share as of 2012 according to wookiepedia
acf_: that's not too bad
4 out of every 100 cell phones are Symbian
up_the_irons: still around?
brycec: acf_: BTW the SIP brute forcing should be somewhat limited already http://support.arpnetworks.com/kb/main/is-there-a-firewall-filter-rate-limit-or-similar-device-applied-to-my-traffic
Unless ^ doesn't apply to Metal customers
acf_: I think I had that removed a while ago
so I could run OpenVPN instances on non-standard ports
brycec: btw acf_ I can't resolve your unixcube.org
acf_: I know
:/
bad things happened
m0unds: uh oh
staticsafe: o_o
brycec: so I can't even see that graph you linked :p
acf_: I'm waiting for up_the_irons to sign me a VPN cert so I can get a console
brycec: that's weird... ns[0123].unixcube.org should have entries in the DNS root to be proper "nameservers"
acf_: they don't?
hm
brycec: don't seem to
I'm only cursorily investigating
acf_: brycec: you wouldn't happen to have arp metal would you?
staticsafe: brycec: you mean glue?
brycec: sorry acf_
acf_: aww
m0unds: they should just call them horse records
brycec: acf_: scratch that, the records are there, but dig was being stupid
acf_: ah, that's good
brycec: staticsafe: I meant A records for the nameserver entries
acf_: is there a way to do a broadcast ipv6 ping?
staticsafe: ping6 ff02::1%$interfacename
(not broadcast as that is not really a thing in IPv6)
that is the All nodes on the local network segment address
multicast all the things!
acf_: hm
so my ARP metal box lost network
m0unds: there's a moron who used to work here who couldn't grasp the word "multicast"
he always used to refer to it as "multitask"
drove me nuts
staticsafe: o_o
acf_: that's great
sending multitask packets
m0unds: that's what happens when you bolt people with no networking experience (VCR + DVR + analog video) into an updated position where it's important to know it
acf_: I have a VPS on the same logical network
shouldn't I be able to ssh into it via its IPv6 link local address?
staticsafe: "what do you mean by converged network?!"
"voice, video and internets on the same network?!"
brycec: Yes, acf_
acf_: or is there some case where the interface could lose its link local address
staticsafe: no
brycec: If it's down or unconfigured...
staticsafe: well that
acf_: so here's what happened:
IPv4 things broke
I ran /etc/init.d/networking restart in Debian
^ bad idea
IPv6 things broke
brycec: acf_: and you don't have IPMI console up yet?
acf_: no
I used to
if I had an IPMI console, I could just reconfigure the interfaces
m0unds: staticsafe: he thought that i assigned ip addresses for devices purely based on the port on the switch that they're connected to
brycec: acf_: I assume console.cust.arpnetworks.com doesn't tie in to any physical serial port or whatnot?
m0unds: like..with analog video, there's an electrical signal chain you have to follow or you won't get video on the far end. he htought that's how an ip network functions, haha
staticsafe: heh
brycec: When you put it that way, it's not illogical, just wrong.
m0unds: right
acf_: brycec: unfortunately it doesn't appear so
m0unds: but he'd argue it as truth
and would actively refuse or reject explanation to the contrary :)
also, i think i'm giving him too much credit w/the signal thing. he didn't really understand how that worked either, just that if he put a camera on a cable, and plugged the cable in, it would show up
this is why he's no longer here..that and he was offered an enormous $250 sign on bonus to work for a company that repairs automatic card shufflers
brycec: Wow a whole $250?
m0unds: yup
gave up ~$3800/yr in benefits, 10hrs/period of PTO and 4 day set schedule for $250
brycec: m0unds: is he doing the repairs? or he's doing IT for them?
m0unds: repairs
so it's better for him
brycec: Sounds like it
m0unds: i do X because Y is broken
also, i rarely see him which is great for my mental health
hahaha
http://i.imgur.com/KAD0QvN.png this graph is depressing
although, the one day where there was no real spike was the 4th of july
acf_: yeah
that's Comcast right?
m0unds: yep
acf_: I think he was willing to try and reroute some Verizon routes
don't think it's happened yet though
up_the_irons that is
m0unds: http://i.imgur.com/nQdjKIp.png
acf_: what's that?
m0unds: cut over to a different box running the same services
acf_: ah
m0unds: i was kind of hoping that whatever party is causing congestion would lay off at some point
acf_: nope
m0unds: i haven't been able to figure out what common svcs traverse ntt via comcast
acf_: not too many from the looks of it
m0unds: netflix doesn't, hulu doesn't, amazon vod doesn't, xbox live/video doesn't, psn doesn't
acf_: bigger providers likely have monitoring systems in place for all of the major ISPs
and reroute traffic accordingly
m0unds: well, the ones i mentioned have peering arrangements w/comcast
acf_: that's why Amazon has such great connectivity I think
not Amazon
(I think)
oh maybe they do
they don't with Verizon though
m0unds: the ELB addresses i've seen w/VOD do for sure
and just checking an east coast AZ EC2 instance, it's comcast -> amazon directly
acf_: yeah I see that here too
Amazon appears to have direct peering with HE too
it was a bit congested last time I checked my smokeping
I was surprised
m0unds: does it seem like they use ntt to reach vz?
acf_: I can't check atm
m0unds: ah
acf_: but a while ago it seems they used NTT for the forward path (from me)
I can't remember the reverse path, but I think it was via Telia or something
m0unds: NTT is their #2 v4 peer according to bgp.he.net (amzn)
acf_: what AS are you looking at?
m0unds: 16509
acf_: I see
Telia is #4
Level3 is #8
m0unds: yea, -z flag on mtr is handy
mtr -z4 somev4host.domain.tld
acf_: ah, didn't think to try that
brycec: m0unds: what does the -z flag do? And what version of mtr?
mtr 0.82 (Debian Wheezy) only has -hvrwctglspniu46
m0unds: oh
-z does ASN lookups
acf_: but it doesn't work with the GTK GUI
m0unds: i'm on .85
acf_: same here
m0unds: doesn't bother me, i just use mtr in a temrinal
...
temrinal? really?
acf_: for some reason it defaults to GTK for me unless I specify --curses
m0unds: http://pastebin.com/K35UgeWz
brycec: ^
curses
CURSES
acf_: NCURSES
actually
anyone know about what time up_the irons gets back?
brycec: Ah m0unds has a newer mtr
I was hoping someone would port that from traceroute
Nice to see that it has been
acf_: yeah
I think I looked for that option in the man page a while ago and didn't see it
so I had to revert to traceroute if I needed AS lookups
brycec: damn not in wheezy-backports
m0unds: Out of curiosity, what OS is that on? Or did you compile from source?
acf_: I use Debian jessie
it's stable enough for me :D
m0unds: brycec: netbsd 6.1.4
same v on freebsd 10
so installed via pkgin or from ports respectively
.85 on 14.04 LTS too (just looked)
brycec: Cool
thank you
m0unds: sho 'nuff
acf_: so basically everything has mtr 0.85 except debian stable
brycec: Which is typical
I'm surprised at the lack of a backport for it though
m0unds: haha
what version of nginx is debian stable on?
acf_: Source Package: nginx (1.2.1-2.2+wheezy2)
m0unds: oh, that's not too bad
better than i figured
haha
acf_: for jessie: Package: nginx (1.6.0-1)
brycec: ^ and wheezy-backports
m0unds: nginx version: nginx/1.5.12 netbsd, and 1.6.0 for freebsd
brycec: When is jessie going to be released as stable, anyone know?
-: brycec asked Google and simply got https://www.debian.org/releases/testing/
acf_: I guess they don't define a date
I think at some point they freeze everything, so that only bugs can be patched (no package version upgrades)
m0unds: dates are for suckers maaaaaaaaaan
acf_: and when everything passes QA, they release it
if I set my distribution to "testing" in /etc/apt/sources.list
every time they do a release, sid goes into testing
and I end up upgrading to it :/
brycec: Freeze is Nov 5 https://release.debian.org/jessie/freeze_policy.html
lol
m0unds: so..soon? haha
brycec: m0unds: they're aiming for January
-: m0unds doesn't know much about debian
brycec: or maybe Feb?
I'm not too clear on their release policy either
But I do know that it won't be this year
m0unds: i don't think i've ever actually used debian debian
wait, i have
i have raspbian on my raspi, hahaha
***: milki_ has quit IRC (Read error: Connection reset by peer)
milki has joined #arpnetworks
m0unds: nice, heavy isolated thunderstorm
up_the_irons: raspbian rocks
so easy, so small
***: joepie91 has quit IRC (Ping timeout: 252 seconds)
tooth has quit IRC (Ping timeout: 245 seconds)
m0unds: yeah, works pretty well
***: tooth has joined #arpnetworks
hazardous has quit IRC (Ping timeout: 240 seconds)
joepie91 has joined #arpnetworks
DaCa has quit IRC (Ping timeout: 240 seconds)
hazardous has joined #arpnetworks
DaCa has joined #arpnetworks
m0unds: no shuttles running to get to the parking lot (.33 mi from the building) and it's pouring outside
so i'm wearing a plastic bag
it's stylish and practical
up_the_irons: as you're typing in an irc channel
;)
***: acf__ has joined #arpnetworks
mercutio: meta-p /window scroll_previous_highlight
erk
brycec: m0unds: Why no shuttles? Seems odd.
hazardous: HELLO
has freenode been acting up lately
i'm getting messages in other channels in bursts every few seconds and a ton of latency
m0unds: concert tonight. EMPLOYEES BE DAMNED.
staticsafe: hazardous: i have not noticed anything
brycec: Ah, sucks m0unds
hazardous: I'm never surprised to hear Freenode having problems
m0unds: it was alright, head and shoes got soaked, rest of me was fine
stupid ringo starr
***: hive-mind has quit IRC (Ping timeout: 272 seconds)
NiTeMaRe has joined #arpnetworks
hive-mind has joined #arpnetworks
mercutio: hazardous: it may be teh server you're connected to.
there hasn't been lots of splits