mnathani: 122.226.223.69 - - [17/Aug/2014:10:24:42 -0400] "GET http://www.k2proxy.com//hello.html HTTP/1.1" 404 2055
kevr: up_the_irons: are you around?
mnathani: kevr: probably best to just ask a question if you have one and he would respond when he is around
or you could always email support@
***: pyvpx_ is now known as pyvpx
brycec: mnathani: It's extremely common. Nothing to worry about if you're not an open proxy, just 2KB wasted.
Make note that many IRC networks, FreeNode included, also do a quick sweep for open proxies (to determine whether the connection is likely a spammer) and you'll see those in your logs for various services too, but they're better identified.
***: pseudorandom has joined #arpnetworks
mus1cbox: every time that k2 site hits me i'm gonna hit them 10x
brycec: I don't think it's k2proxy.com's fault...
At least, no guaranteed
I often see other urls requested, like google and msft
And I'm pretty sure they're not the ones crawling ;P
BryceBot: That's what she said!!
staticsafe: BryceBot: u wot m8
***: mus1cbox is now known as mus1cb0x
-: mnathani slaps BryceBot
mnathani slaps BryceBot around with a large trout
***: mick_laptop has joined #arpnetworks
mick_laptop: is there a way to pass init=/bin/sh to the bootloader? I lost my password for my instance
I'm logged in, just don't have root or sudo
BryceBot: That's what she said!!
ant: mick_laptop: you can connect to the vnc console and edit the boot command line in the bootloader when the system is booting
mick_laptop: thanks
I'll try that tonight
***: fink has joined #arpnetworks
RandalSchwartz: getting weird connectivity
part of the weird might be I'm in ketchikan
but some sites are just popping up quick, others slow
mus1cb0x: do you live there RandalSchwartz?
RandalSchwartz: no... just a visitor
mus1cb0x: ah
why are you there?
RandalSchwartz: but I'm openvpn to arp, and still getting weirdness
www.insightcruises.com/events/sa22/
even tried a few other vpn
BryceBot: That's what she said!!
brycec: BryceBot: no
BryceBot: Oh, okay... I'm sorry. 'even tried a few other vpn'
m0unds: hahaha
s/vpn/potatoes
BryceBot: <RandalSchwartz> even tried a few other potatoes
brycec: (Wow, that "no" trained it from 97% to 11%)
RandalSchwartz: this is the first time that mtr showed the fifth or sixth hop going through a 10.x address
I fear I'm TCP over TCP at the border of ketchikan
m0unds: oh, alaska, cool
how's the weather up there?
RandalSchwartz: cool. :)
m0unds: awesome
just saw 62F as the temp today - that sounds great
haha
-: m0unds is sick of 90+F temps
RandalSchwartz: yeah - switched from summer coat to winter coat for today's shoreside
m0unds: neat
RandalSchwartz: I can't get to google.com from here. but I can ssh to arp. but I can't openvpn to my arp box, just a few others.
I wonder if they have screwed up BGP
but that should then still work if I openvpn to somewhere.
I don't understand this failure
I wonder if it's reverse DNS
no... host 206.223.199.52 gives a fast rever
revers
brycec: If you can't hit certain ports, then sounds like filtering. What's the ISP?
RandalSchwartz: I don't know that it's about certain ports
many web sites come up instantly. Many others don't.
that'd all be 80 or 443
brycec: I was focussing on the OpenVPN, but I see where you said some work others don't
*focusing
RandalSchwartz: my openvpn is on udp 443
but even once I'm on a vpn that *does* work, I still get weirdness
brycec: So seems like the ISP (and not the Internet or ARP) is screwy
RandalSchwartz: I don't see how you come to that conclusion
if I can get *some* VPN, the local ISP can't tell what I'm doing
and yet the behavior seems similar
brycec: Just because you got to those VPN doesn't mean your traffic isn't still traveling over that ISP
RandalSchwartz: but the packets are opaque
brycec: I'm suggesting that the ISP has broad problems, dropping packets probably
RandalSchwartz: no... also tested that with mtr
under 2% loss
brycec: But >0? That sucks
RandalSchwartz: and this "curl -o /dev/null https://arpnetworks.com/100mb.bin" runs at 500kbps
KBps
well mostly 0
but I saw a few when I went to larger packets
the 10.x address in the mtr still scares me
brycec: Nothing out of the ordinary in my smokepings https://smokeping.cobryce.com/?target=ARP.ARPWebsite
m0unds: is it rural enough to be wireless or something?
RandalSchwartz: ahh... I had my openvpn listening on tcp not udp
now I connect fine to arp
m0unds: oh, that'd do it
brycec: m0unds: Well there are no roads to Anchorage, does that count as rural? :P
RandalSchwartz: but STILL can't connect to $randomwebsite equally well
m0unds: haha, it's not rural if you're comparing anchorage to other places in AK
RandalSchwartz: ketchikan is a lot smaller
m0unds: yeah, i saw it on the map
brycec: I've been to both :)
BryceBot: That's what she said!!
brycec: BryceBot: no
BryceBot: Oh, okay... I'm sorry. 'I've been to both :)'
brycec: lol
m0unds: hah
RandalSchwartz: is that a new trigger?
I think it needs to default to "no", and you can say "yes" :)
BryceBot: That's what she said!!
RandalSchwartz: heh!
brycec: RandalSchwartz: It's actually learned, not a "trigger"
m0unds: s/yes/potatoes
BryceBot: <RandalSchwartz> I think it needs to default to "no", and you can say "potatoes" :)
brycec: There's a bayesian net behind it
Like spamassasin, but for "that's what she said"
BryceBot: no
BryceBot: Oh, okay... I'm sorry. 'I think it needs to default to "no", and you can say "yes" :)'
brycec: I love hot dogs
RandalSchwartz: Yeah - I'm still just puzzled by this net issue
brycec: BryceBot: yes
BryceBot: Okay! twss! 'Yeah - I'm still just puzzled by this net issue'
brycec: BryceBot: no
BryceBot: Oh, okay... I'm sorry. 'Yeah - I'm still just puzzled by this net issue'
RandalSchwartz: heh
brycec: As you can see, there are both yes and no
RandalSchwartz: "that's what she said"
this damn net issue
my mtr to www.google.com hits my vpn, then arp, then essentially google
and yet www.google.com doesn't load
but feedly.com does essentially the same, but LOADS IMMEDIATELY.
I do NOT understand this behavior
m0unds: are you routing everything over the vpn?
RandalSchwartz: yes
even dns
m0unds: huh, funky
RandalSchwartz: you're telling me!
BryceBot: That's what she said!!
brycec: Can you curl/lynx/wget/whatever www.google.com on your vps?
RandalSchwartz: I think your bayes was a little loose
you mean on my laptop?
brycec: RandalSchwartz: no I mean on the openvpn server
(I know, obvious things to check)
RandalSchwartz: Well, what's weird, is it works on my laptop
brycec: FWIW my bayes requires a 97% match
RandalSchwartz: it's just safari and chrome and firefox that can't get it
chome says "establishing secure connection" then stops.
brycec: I wonder if your browsers are trying ipv6? And can you curl google from your laptop?
(because debugging connectivity in a browser is convoluted compared to "curl -v")
RandalSchwartz: hmm. maybe v6 interesting.
yes, google from laptop curl
both http and https
brycec: And curl used v4?
RandalSchwartz: Presume so
but I have no default v6 route
brycec: Would've been in the -v output. If curl can reach it but not browsers...
RandalSchwartz: did you curl https:// ?
RandalSchwartz: lemme try
brycec: Might be an MTU thing
RandalSchwartz: ... * Rebuilt URL to: https://www.google.com/
* Hostname was NOT found in DNS cache
* Trying 74.125.25.99...
ahh... so if I set my MTU lower somehow?
brycec: Assuming the issue is on your computer
More likely some naughty gear along the path
RandalSchwartz: that wouldn't explain why some sites and not others
same opaque content either way
brycec: http works when https doesn't often means that the SSL cert being returned is hitting an MTU ceiling somewhere along the path
RandalSchwartz: reduced mtu from 1500 to 1400 for both wifi and tunnel
no - http doesn't work
google.com for either, no work.
at least not in browser. works in curl.
what else is browser doing? :(
brycec: RandalSchwartz: browser is automatically switching to https because Google is on the HSTS list
(one more reason to use curl :P)
You could try http://74.125.25.99 in the browser to test, perhaps (if it doesn't provide the hsts header)
RandalSchwartz: browser still paused
worked fine at command-line though
brycec: Did the browser pause saying "establishing secure connection"?
Perhaps your browsers are trying a proxy? (grasping at straws)
Perhaps you should just reboot? :P
RandalSchwartz: Oooh... google main page came up, and still trying to "establish secure connection"
hmm. https://www.superfish.com/
what the F is that
brycec: malware
http://malwaretips.com/blogs/superfish-window-shopper-adware/
RandalSchwartz: dammit.
can't get taht page either
what's the uninstall instructions
I can't even hit sfari's extensions page
brycec: RandalSchwartz: can you access vps3.cobryce.com? I'll host a copy
(that vps is on ARP)
RandalSchwartz: no it's probably still gonna try to hit superfish
brycec: RandalSchwartz: curl http://sprunge.us/TXIK
just a copy/paste of the text on the page
(Apparently there about 5 different places to uninstall/remove it)
Relevant https://support.mozilla.org/en-US/questions/878411 :)
"How do remove www.superfish.com permanently - it interferes whenever I open my Firefox browser ... no matter which website I wish to visit ?"
Looks like a bunch of plugins/extensions use it for ad revenue
RandalSchwartz: try starting Firefox in safe mode (without loading any extensions)
https://support.mozilla.org/en-US/questions/830223 "How did Superfish get on my PC?"
RandalSchwartz: I can't see any of those
BryceBot: That's what she said!!
brycec: BryceBot: no
BryceBot: Oh, okay... I'm sorry. 'I can't see any of those'
brycec: Even after? │15:18:55 brycec | RandalSchwartz: try starting Firefox in safe mode (without loading any extensions)
***: sga0_ has joined #arpnetworks
RandalSchwartz: how do you do that?
brycec: Pretty sure there's a shortcut for it in the start menu
***: pjs has quit IRC (Read error: Connection reset by peer)
brycec: (sounds like you're using Windows - please correct me if I'm wrong)
RandalSchwartz: "start menu"
no - OSX
wait - neil says he's better after reboot
gonna
try that
brycec: Either hold the Option key while starting, or /Applications/Firefox.app/Contents/MacOS/firefox-bin -safe-mode
RandalSchwartz: ok - rebooted
let's see if this is still a problem
google.com seems to come up ok
in chrome. not in safari
***: sga0__ has joined #arpnetworks
pseudodoge has joined #arpnetworks
fink has quit IRC (Read error: Connection reset by peer)
fink has joined #arpnetworks
m0unds__ has joined #arpnetworks
acf___ has joined #arpnetworks
sga0 has quit IRC (*.net *.split)
m0unds_ has quit IRC (*.net *.split)
eryc has quit IRC (*.net *.split)
eryc_ has joined #arpnetworks
pseudorandom has quit IRC (Ping timeout: 246 seconds)
sga0_ has quit IRC (Ping timeout: 329 seconds)
fink has quit IRC (Read error: Connection reset by peer)
fink has joined #arpnetworks
acf___ has quit IRC (Ping timeout: 240 seconds)
acf__ has quit IRC (*.net *.split)
acf__ has joined #arpnetworks
mus1cb0x has quit IRC (Ping timeout: 240 seconds)
mus1cbox has joined #arpnetworks
jbergstroem: RandalSchwartz: dns issues? chrome disregards some stuff like hosts afaik
***: sga0__ has quit IRC (Read error: Connection reset by peer)
jbergstroem: had "site" issues yesterday which worked just fine in chrome but bad everywhere else; turned out i had stuff laying around in hosts
***: sga0 has joined #arpnetworks
fink has quit IRC (Quit: fink)
RandalSchwartz: hard to tell. But once I refreshed from this morning's backup, everything is good.
acf__: RandalSchwartz, brycec: fwiw, I was seeing similar issues with Google over an ARP IPv6 tunnel today
sometimes Google will load fast
sometimes it will just stop loading, and I have to refresh
then it loads immediately
it's still happening for me
I think pages are cached, so the problem appears to go away
RandalSchwartz: Back on ship, all pages equally slow. :)
Something infected my machine earlier today
to go off to SuperFish
probably the first bar I was at
Neil's machine was fixed by a reboot
mine didn't get fixed until I restored from this morning's clone
but thank goodness, it seems to be rid of whatever I picked up from that first wifi hotspot
acf__: hmm... Google IPv6 used to go over any2ix I thought
I know Google IPv4 did
-: RandalSchwartz wanders off
***: sga0 has quit IRC (Read error: Connection reset by peer)
sga0 has joined #arpnetworks
acf__ is now known as acf_
pseudodoge has quit IRC (Ping timeout: 240 seconds)
novae has quit IRC (Ping timeout: 272 seconds)
novae has joined #arpnetworks
pseudorandom has joined #arpnetworks
pseudorandom has quit IRC (Ping timeout: 240 seconds)