***: ChanServ sets mode: +o toddf pyvpx: up_the_irons: hola :) ***: toddf has quit IRC (Remote host closed the connection)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
toddf has quit IRC (Remote host closed the connection)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
cw1972 has quit IRC (Ping timeout: 248 seconds)
milki has quit IRC (Read error: Connection reset by peer)
tooth has quit IRC (Ping timeout: 264 seconds)
DaCa_ has quit IRC (Ping timeout: 264 seconds)
dj_goku_ has quit IRC (Ping timeout: 264 seconds)
kevr has quit IRC (*.net *.split)
toddf has quit IRC (*.net *.split)
dne has quit IRC (*.net *.split)
meingtsla has quit IRC (*.net *.split)
pjs has quit IRC (*.net *.split)
mercutio has quit IRC (*.net *.split)
acf_ has quit IRC (*.net *.split)
jpalmer has quit IRC (*.net *.split)
toeshred has quit IRC (*.net *.split)
ant has quit IRC (*.net *.split)
plett has quit IRC (*.net *.split)
novae has quit IRC (*.net *.split)
dangel_ has quit IRC (*.net *.split)
dj_goku__ has quit IRC (*.net *.split)
z310 has quit IRC (*.net *.split)
mnathani has quit IRC (*.net *.split)
jcv has quit IRC (*.net *.split)
gluffis_ has quit IRC (*.net *.split)
brycec has quit IRC (*.net *.split)
anisfarhana has quit IRC (*.net *.split)
gizmoguy has quit IRC (*.net *.split)
hive-mind has quit IRC (*.net *.split)
SpeedBus has quit IRC (*.net *.split)
tabthorpe has quit IRC (*.net *.split)
medum has quit IRC (*.net *.split)
raptelan has quit IRC (*.net *.split)
CaZe has quit IRC (*.net *.split)
qbit has quit IRC (*.net *.split)
BryceBot has quit IRC (*.net *.split)
tellnes has quit IRC (*.net *.split)
m0unds has quit IRC (*.net *.split)
KILLALLHUMANS01 has quit IRC (*.net *.split)
up_the_irons has quit IRC (*.net *.split)
pyvpx has quit IRC (*.net *.split)
eryc has quit IRC (*.net *.split)
joepie91 has quit IRC (*.net *.split)
carvite has quit IRC (*.net *.split)
KDE_Perry has quit IRC (*.net *.split)
koan has quit IRC (*.net *.split)
mhoran has quit IRC (*.net *.split)
SpaceDump has quit IRC (*.net *.split)
hazardous has quit IRC (*.net *.split)
reardencode has quit IRC (*.net *.split)
staticsafe has quit IRC (*.net *.split)
Hien has quit IRC (*.net *.split)
mike-burns has quit IRC (*.net *.split)
twobithacker has quit IRC (*.net *.split)
jbergstroem has quit IRC (*.net *.split)
[FBI] starts logging #arpnetworks at Wed Jul 09 07:10:30 2014
[FBI] has joined #arpnetworks
mnathani has joined #arpnetworks
Hien has quit IRC (Quit: leaving)
Hien has joined #arpnetworks Hien: up_the_irons: ping :) ***: toddf has quit IRC (Remote host closed the connection)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
toddf has quit IRC (Remote host closed the connection)
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf -: brycec pongs
pyvpx dings Hien: pokes brycec -: brycec flies into a rage, "I am NOT the Pillsbury Doughboy"
Hien xD brycec: Hien: Do you have a question specifically for up_the_irons? Or is it maybe something the knowledgeable people and bots of #arpnetworks could help with? Hien: brycec: Thank you. But I email'd up_the_irons -: Hien pokes BryceBot brycec: Ah
I wouldn't do that if I were you Hien: Why ? 0_o
Just about new order, no urgent question or something xD brycec: I meant the poking of BryceBot. BryceBot is mean. Hien: Oh. -: Hien hugs BryceBot mnathani: @weather yyz BryceBot: Toronto-Pearson International, Ontario: Mostly Cloudy ☁ 68°F (20°C), Humidity: 56%, Wind: From the West at 15 MPH Gusting to 22 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=43.67722321,-79.63055420 or re-request this with: @weather -v yyz staticsafe: nice day today mnathani: yesterday was a lot of rain followed by sunshine dangel_: @weather CAZ096 BryceBot: Error, No cities match your search query up_the_irons: @weather 90012 BryceBot: Los Angeles, CA: Partly Cloudy ☁ 76°F (24°C), Humidity: 71%, Wind: From the WNW at 1.0 MPH Gusting to 10.0 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=34.059711,-118.256401 or re-request this with: @weather -v 90012 up_the_irons: @weather 91344 BryceBot: Granada Hills, CA: Clear 82°F (27°C), Humidity: 51%, Wind: From the SSE at 2.9 MPH Gusting to 4.9 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=34.287365,-118.484680 or re-request this with: @weather -v 91344 up_the_irons: 6°F cooler at the office brycec: up_the_irons: closer to the water too dangel_: brycec: Feature request... noaa stations. :) ***: dangel_ is now known as dav brycec: dav: Take it up with wunderground.com dav: brycec: Copy that. brycec: @weather San Joaquin Valley, CA BryceBot: Multiple locations matched your query: San Diego International-Lindbergh, CA (zmw:92140.5.99999), San, ML (zmw:00000.1.61277), brycec: Apparently wunderground hates the Sierra Nevada Mountains -: dav chuckles. brycec: @weather Hanford, CA BryceBot: Hanford, CA: Clear 82°F (28°C), Humidity: 50%, Wind: From the West at 2.7 MPH Gusting to 3.7 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=36.355957,-119.656898 or re-request this with: @weather -v Hanford, CA brycec: Close enough
(Actually wunderground redirects to Lakeshore, CA for the lat/lon of CAZ096
@weather 37.29833,-119.10333 BryceBot: Lakeshore, CA: Clear 77°F (25°C), Humidity: 17%, Wind: From the East at 5 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=37.62405777,-118.83875275 or re-request this with: @weather -v 37.29833,-119.10333 dav: Oh! Coordinates work. Sweet. brycec: I love that http://forecast.weather.gov/MapClick.php?zoneid=CAZ096 says it's -18C there dav: Busted sensor I guess? brycec: (coordinates need to be comma-separated, no spaces)
(again, that's just how wunderground works) ***: twobithacker has quit IRC (Quit: ZNC - http://znc.in)
twobithacker has joined #arpnetworks
tooth_ is now known as tooth jpalmer: wow, I haven't seen that in forever. someone joined a channel and instantly start begging for ops.
"Can I have ops, plz?"
up_the_irons: I can haz ops?!?! I need it to hang out in this channel! it's sooper important!!!11!11oneeleven brycec: up_the_irons: CAN I OPS HAZ???????
Not that #arpnetworks needs more ops really
But I'm sure I would make a good op :p -: staticsafe bans brycec from the internets brycec: bawwwww :( jpalmer: haha not just a k or g-line, an internet-line! -: brycec instantly begins losing weight, now that he's not sitting 50% of the work day mnathani: up_the_irons: hey, if everyone else gets ops, I would like ops too jpalmer: +o for all. now we just need an eggdrop bot network! brycec: #arpnetworks could do something like #devious does, +V users that are smart, well established, good community members etc (and +o for admins)
It's used as a means of saying "these people know what they're talking about, they aren't just random people spouting bad advice" jpalmer: I don't know that it'd be necessary here. I really was just making fun of the fact that I hadn't seen that behavior in several years.. brycec: Heh yeah #arpnetworks seems to work just fine. Since it's pretty quiet in here, there's very little need for the "endorsement" of +V mnathani: halfops would work for me : % meingtsla: if only they existed on freenode brycec: ^ acf_: anybody else notice SIP brute forcing getting particularly bad? m0unds: is that like ops for hobbits? acf_: it just crashed asterisk m0unds: no idea, i don't run any sip boxes connected to the internet without firewall rules or nat in front of them acf_: probably wise
http://unixcube.org/who/acf/tmp/sipgraph.png
^ mostly SIP traffic
notice the outbound is significantly above the inbound in that last part
maybe a SIP amplification attack of some sort? ***: acf_ has quit IRC (Ping timeout: 240 seconds)
acf_ has joined #arpnetworks acf_: up_the_irons: are you around?
m0unds: do you happen to have ARP metal? up_the_irons: acf_: don't ask to ask, just ASK ;) acf_: can you sign a new ipmi vpn cert for me please? :/
I forgot the passphrase up_the_irons: yeah, send the csr to support@ acf_: thanks m0unds: acf_: nope acf_: up_the_irons: okay, I've sent it brycec: I've seen nasty SIP brute forcing too, at the firewall :P acf_: how do you firewall your sip? brycec: Sorry that it's chewing up so much of your bandwidth acf_
acf_: One of two approaches. 1) Only open ports for specific hosts, 2) Fail2Ban acf_: hm. I guess it's option 2 for me m0unds: fail2booooooooooo brycec: acf_: why not #1? acf_: SIP clients on dynamic addresses
unless there is some other way to restrict based on host? brycec: *how* dynamic? I have clients whose IPs only change once a blue moon. Others I have the client update a dyndns host and pf refreshes from that hourly. acf_: Comcast dynamic IP
also cellular network
that's what I'm most worried about brycec: Comcast - once a month at most
Cellular... blech
acf_: you could run SIP on a non-standard port too acf_: I was thinking about that m0unds: vpn :D brycec: VPN is a perfect solution, if you have perfect users. acf_: VPN would be great, except for mobile devices brycec: [mobile devices do VPN...] acf_: have you had any experience with VPN on mobile devices?
I haven't... brycec: Yes acf_: but it seems like it could be bad brycec: OpenVPN, l2tp, and ipsec m0unds: it's fine
i've used l2tp and ipsec brycec: oh and pptp m0unds: ugh
yuck acf_: I'll have to try that brycec: m0unds: PPTP still easiest for $users to setup and configure acf_: and comments on device support? brycec: For a simple voice VPN, I wasn't too worried acf_: Android, Symbian, iOS, etc... brycec: I can say for certain that Android and iOS do PPTP and L2TP+IPsec natively.
Android has good OpenVPN client support
(last I checked, iOS had to be jailbroken for opencpn) acf_: apparently Symbian supports PPTP also
I might try that brycec: PPTP isn't the most secure, but it's simplest (username+password) and "good enough" for a simple voice vpn
Plus with VPN, you don't have to deal with NAT issues acf_: have you any experience with voip handoff between wifi and 3g?
ie, you go in range of wifi, phone connects, drops call brycec: If it's in a VPN, you're just waiting for the VPN tunnel to reesatablish
but if that's quick, the call stays up and nobody notices. m0unds: i typically just dump sip calls to my phone# directly
if i don't answer my ext acf_: how about outbound calls? the cid gets all messed up... m0unds: i just block my outbound cid
and dial from my phone acf_: ah m0unds: if the call recipient went through the trouble to block anonymous calls, they can wait til i get to the office
haha brycec: m0unds++ on all points
In theory you can setup a DISA, call the PBX and then route back out
Or just *67 acf_: I've been looking for a way to do that cleanly for a long time
ie, click on a contact, it dials the PBX, etc... brycec: There are craploads of click2call
Many of them work well, even acf_: not for Symbian users :/ m0unds: a buddy of mine did that to allow him to dial in to his PBX to have outbound calls routed via his toll-free
whoa, symbian? brycec: acf_: if the Symbian user is just a cellphone, then what does it matter?
ie you click the link on your computer, the PBX calls your phone (the Symbian or whatever) and when you pickup and confirm, then the PBX bridges that to an outbound call to $wherever
A phone call is a phone call, regardless of the receiving device. acf_: ah yes
I was hoping for some tighter integration
so that you can initiate the call using the built in ui and it just works brycec: acf_: i seem to recall that Blackberry (because that's what I used at the time) had a means to program a prefix so you could dial through the office phone system
To do just that
No idea if Android etc can do that nowadays acf_: yeah. any idea what that's called? my google searches have yeilded nothing... brycec: In theory though, you can just prefix the destination with 1800mypbx{pauses}$disaextension{pause}
prefix dialing i think acf_: ok cool brycec: or "dial via office"
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cumc/7_1/english/BlackBerry/installation_user_guide/install_user_guide/calls.pdf
obviously that's the blackberry specific stuff :p[ acf_: yeah brycec: but you could google for $platform dial via office
looks like Android uses a Cisco app for it
Symbian seems to be left with click2call/"reverse callback" acf_: that's what I was afraid of
I wonder if GSM/UMTS has any out-of-band signalling capabilities at call setup
you could change the software stack to dial a fixed number, and signal the actual number to dial brycec: Besides the messaging layer that SMS is built atop? acf_: I guess that could work brycec: I don't know if it supports that function specifically though
Maybe that's what this "fixed dialing numbers" stuff is about
on second though, FDN wouldn't solve the problem acf_: I'm kind of surprised that the telecoms don't have services that allow easy integration into PBXes brycec: It's not the telecoms prerogative acf_: it seems like it would be a useful service for companies that use cell phones brycec: it's Android/WinMo/Symbian
And companies that use cellphones also use Cisco (with their own Android app), or Blackberries (builtin) staticsafe: who uses Symbian anymore acf_: Europe brycec: (Lync might even have an 'app' hook to do it) staticsafe: really now brycec: Europe is a myth acf_: well, yeah
people are moving away from it m0unds: 4.4% global market share as of 2012 according to wookiepedia acf_: that's not too bad
4 out of every 100 cell phones are Symbian
up_the_irons: still around? brycec: acf_: BTW the SIP brute forcing should be somewhat limited already http://support.arpnetworks.com/kb/main/is-there-a-firewall-filter-rate-limit-or-similar-device-applied-to-my-traffic
Unless ^ doesn't apply to Metal customers acf_: I think I had that removed a while ago
so I could run OpenVPN instances on non-standard ports brycec: btw acf_ I can't resolve your unixcube.org acf_: I know
:/
bad things happened m0unds: uh oh staticsafe: o_o brycec: so I can't even see that graph you linked :p acf_: I'm waiting for up_the_irons to sign me a VPN cert so I can get a console brycec: that's weird... ns[0123].unixcube.org should have entries in the DNS root to be proper "nameservers" acf_: they don't?
hm brycec: don't seem to
I'm only cursorily investigating acf_: brycec: you wouldn't happen to have arp metal would you? staticsafe: brycec: you mean glue? brycec: sorry acf_ acf_: aww m0unds: they should just call them horse records brycec: acf_: scratch that, the records are there, but dig was being stupid acf_: ah, that's good brycec: staticsafe: I meant A records for the nameserver entries acf_: is there a way to do a broadcast ipv6 ping? staticsafe: ping6 ff02::1%$interfacename
(not broadcast as that is not really a thing in IPv6)
that is the All nodes on the local network segment address
multicast all the things! acf_: hm
so my ARP metal box lost network m0unds: there's a moron who used to work here who couldn't grasp the word "multicast"
he always used to refer to it as "multitask"
drove me nuts staticsafe: o_o acf_: that's great
sending multitask packets m0unds: that's what happens when you bolt people with no networking experience (VCR + DVR + analog video) into an updated position where it's important to know it acf_: I have a VPS on the same logical network
shouldn't I be able to ssh into it via its IPv6 link local address? staticsafe: "what do you mean by converged network?!"
"voice, video and internets on the same network?!" brycec: Yes, acf_ acf_: or is there some case where the interface could lose its link local address staticsafe: no brycec: If it's down or unconfigured... staticsafe: well that acf_: so here's what happened:
IPv4 things broke
I ran /etc/init.d/networking restart in Debian
^ bad idea
IPv6 things broke brycec: acf_: and you don't have IPMI console up yet? acf_: no
I used to
if I had an IPMI console, I could just reconfigure the interfaces m0unds: staticsafe: he thought that i assigned ip addresses for devices purely based on the port on the switch that they're connected to brycec: acf_: I assume console.cust.arpnetworks.com doesn't tie in to any physical serial port or whatnot? m0unds: like..with analog video, there's an electrical signal chain you have to follow or you won't get video on the far end. he htought that's how an ip network functions, haha staticsafe: heh brycec: When you put it that way, it's not illogical, just wrong. m0unds: right acf_: brycec: unfortunately it doesn't appear so m0unds: but he'd argue it as truth
and would actively refuse or reject explanation to the contrary :)
also, i think i'm giving him too much credit w/the signal thing. he didn't really understand how that worked either, just that if he put a camera on a cable, and plugged the cable in, it would show up
this is why he's no longer here..that and he was offered an enormous $250 sign on bonus to work for a company that repairs automatic card shufflers brycec: Wow a whole $250? m0unds: yup
gave up ~$3800/yr in benefits, 10hrs/period of PTO and 4 day set schedule for $250 brycec: m0unds: is he doing the repairs? or he's doing IT for them? m0unds: repairs
so it's better for him brycec: Sounds like it m0unds: i do X because Y is broken
also, i rarely see him which is great for my mental health
hahaha
http://i.imgur.com/KAD0QvN.png this graph is depressing
although, the one day where there was no real spike was the 4th of july acf_: yeah
that's Comcast right? m0unds: yep acf_: I think he was willing to try and reroute some Verizon routes
don't think it's happened yet though
up_the_irons that is m0unds: http://i.imgur.com/nQdjKIp.png acf_: what's that? m0unds: cut over to a different box running the same services acf_: ah m0unds: i was kind of hoping that whatever party is causing congestion would lay off at some point acf_: nope m0unds: i haven't been able to figure out what common svcs traverse ntt via comcast acf_: not too many from the looks of it m0unds: netflix doesn't, hulu doesn't, amazon vod doesn't, xbox live/video doesn't, psn doesn't acf_: bigger providers likely have monitoring systems in place for all of the major ISPs
and reroute traffic accordingly m0unds: well, the ones i mentioned have peering arrangements w/comcast acf_: that's why Amazon has such great connectivity I think
not Amazon
(I think)
oh maybe they do
they don't with Verizon though m0unds: the ELB addresses i've seen w/VOD do for sure
and just checking an east coast AZ EC2 instance, it's comcast -> amazon directly acf_: yeah I see that here too
Amazon appears to have direct peering with HE too
it was a bit congested last time I checked my smokeping
I was surprised m0unds: does it seem like they use ntt to reach vz? acf_: I can't check atm m0unds: ah acf_: but a while ago it seems they used NTT for the forward path (from me)
I can't remember the reverse path, but I think it was via Telia or something m0unds: NTT is their #2 v4 peer according to bgp.he.net (amzn) acf_: what AS are you looking at? m0unds: 16509 acf_: I see
Telia is #4
Level3 is #8 m0unds: yea, -z flag on mtr is handy
mtr -z4 somev4host.domain.tld acf_: ah, didn't think to try that brycec: m0unds: what does the -z flag do? And what version of mtr?
mtr 0.82 (Debian Wheezy) only has -hvrwctglspniu46 m0unds: oh
-z does ASN lookups acf_: but it doesn't work with the GTK GUI m0unds: i'm on .85 acf_: same here m0unds: doesn't bother me, i just use mtr in a temrinal
...
temrinal? really? acf_: for some reason it defaults to GTK for me unless I specify --curses m0unds: http://pastebin.com/K35UgeWz
brycec: ^
curses
CURSES acf_: NCURSES
actually
anyone know about what time up_the irons gets back? brycec: Ah m0unds has a newer mtr
I was hoping someone would port that from traceroute
Nice to see that it has been acf_: yeah
I think I looked for that option in the man page a while ago and didn't see it
so I had to revert to traceroute if I needed AS lookups brycec: damn not in wheezy-backports
m0unds: Out of curiosity, what OS is that on? Or did you compile from source? acf_: I use Debian jessie
it's stable enough for me :D m0unds: brycec: netbsd 6.1.4
same v on freebsd 10
so installed via pkgin or from ports respectively
.85 on 14.04 LTS too (just looked) brycec: Cool
thank you m0unds: sho 'nuff acf_: so basically everything has mtr 0.85 except debian stable brycec: Which is typical
I'm surprised at the lack of a backport for it though m0unds: haha
what version of nginx is debian stable on? acf_: Source Package: nginx (1.2.1-2.2+wheezy2) m0unds: oh, that's not too bad
better than i figured
haha acf_: for jessie: Package: nginx (1.6.0-1) brycec: ^ and wheezy-backports m0unds: nginx version: nginx/1.5.12 netbsd, and 1.6.0 for freebsd brycec: When is jessie going to be released as stable, anyone know? -: brycec asked Google and simply got https://www.debian.org/releases/testing/ acf_: I guess they don't define a date
I think at some point they freeze everything, so that only bugs can be patched (no package version upgrades) m0unds: dates are for suckers maaaaaaaaaan acf_: and when everything passes QA, they release it
if I set my distribution to "testing" in /etc/apt/sources.list
every time they do a release, sid goes into testing
and I end up upgrading to it :/ brycec: Freeze is Nov 5 https://release.debian.org/jessie/freeze_policy.html
lol m0unds: so..soon? haha brycec: m0unds: they're aiming for January -: m0unds doesn't know much about debian brycec: or maybe Feb?
I'm not too clear on their release policy either
But I do know that it won't be this year m0unds: i don't think i've ever actually used debian debian
wait, i have
i have raspbian on my raspi, hahaha ***: milki_ has quit IRC (Read error: Connection reset by peer)
milki has joined #arpnetworks m0unds: nice, heavy isolated thunderstorm up_the_irons: raspbian rocks
so easy, so small ***: joepie91 has quit IRC (Ping timeout: 252 seconds)
tooth has quit IRC (Ping timeout: 245 seconds) m0unds: yeah, works pretty well ***: tooth has joined #arpnetworks
hazardous has quit IRC (Ping timeout: 240 seconds)
joepie91 has joined #arpnetworks
DaCa has quit IRC (Ping timeout: 240 seconds)
hazardous has joined #arpnetworks
DaCa has joined #arpnetworks m0unds: no shuttles running to get to the parking lot (.33 mi from the building) and it's pouring outside
so i'm wearing a plastic bag
it's stylish and practical up_the_irons: as you're typing in an irc channel
;) ***: acf__ has joined #arpnetworks mercutio: meta-p /window scroll_previous_highlight
erk brycec: m0unds: Why no shuttles? Seems odd. hazardous: HELLO
has freenode been acting up lately
i'm getting messages in other channels in bursts every few seconds and a ton of latency m0unds: concert tonight. EMPLOYEES BE DAMNED. staticsafe: hazardous: i have not noticed anything brycec: Ah, sucks m0unds
hazardous: I'm never surprised to hear Freenode having problems m0unds: it was alright, head and shoes got soaked, rest of me was fine
stupid ringo starr ***: hive-mind has quit IRC (Ping timeout: 272 seconds)
NiTeMaRe has joined #arpnetworks
hive-mind has joined #arpnetworks mercutio: hazardous: it may be teh server you're connected to.
there hasn't been lots of splits