[00:05] *** RandalSchwartz has quit IRC (Ping timeout: 245 seconds) [00:08] * brycec has just blocked China. Nothing good comes from China, at least not over the Internet. [00:08] i hope that doesnt' mean apnic in general :) [00:09] * mercutio has been hit by that before [00:10] mercutio: As long as you're not on http://www.ipdeny.com/ipblocks/data/aggregated/cn-aggregated.zone, we're good :) [00:10] * mercutio checks just in case [00:10] nah i'm not [00:10] heh. ipdeny.com is reasonably well respected. And I compared lists from a couple of sources and they matched. [00:11] yeah [00:11] as long as it's not blanket block it's fine [00:11] i suppose that's less common now [00:11] but you see how many 202. address ranges there are? [00:11] and i'm on an ip address beginning with 202 [00:12] I just got sick and tired of individual IP's triggering my filters here and there only to be followed by another IP in the same block. So then I started manually blocking the whole IP's subnet, but that's time-consuming for me to look up. So I just fed that into pf and life should be great. [00:12] i seem to get hacking atteampts from leaseweb myself [00:12] and spam from gmail [00:12] It's mostly ssh brute-force attempts. [00:12] go figure [00:12] (for me) [00:12] ahh [00:12] yeh they may come from china [00:13] lots of the hacking type stuff seems to come from the US, Germany, etcf. [00:13] etc. [00:13] Spam is taken care-of in other ways for me, and doesn't usually go so far as to trigger a pf block. [00:13] probably because someone is using an interactive shell [00:13] whereas the ssh bruteforce is just a worm [00:13] but ssh... I get brute-force attempts every few minutes when it's "quiet" [00:13] someone's probably got numbers somewhere. [00:13] (It doesn't help that I run an shell provider, so running on 22/tcp is sorta "required") [00:13] yeah that's been around for years [00:14] you run a shell provider? [00:14] Not on ARP, mind you. But yes, I (along with some friends) run http://devio.us [00:14] i thought that'd be nifty oonce upon a time. [00:14] oh i think i have a shell on ther [00:15] lol [00:15] or had [00:15] it still looks like it works [00:15] I don't necessarily suggest starting one up. But I signed up once upon a time, and then ended up befriending the right people and ended up an admin, volunteering my tiome. [00:15] Last login: Fri Feb 18 22:03:45 2011 from meh-2-pt.tunnel.tserv15.lax1.ipv6.he.net [00:15] haha [00:16] so not only was it 4 years ago [00:16] but it was on he.net ipv6 tunnel [00:16] oh you're even on the same host as me [00:16] There's just the one host :p [00:16] h [00:16] oh [00:16] oh i see you're usueing arp ipv6 [00:17] write+tmux does not work well [00:17] i'm such a geek that i notice the ip address block :) [00:17] It's very noticeable [00:17] ok i can notice the ipv4 too [00:17] why is reverse lookup not working on ipv4 for the arp address? [00:18] Because those are connections on a separate sshd that has NoDNS enabled [00:18] ahh [00:18] (Admins have our own sshd) [00:18] that's the new default btwr [00:18] Yep, so I hear. [00:18] I kindof want to block North Korea just for the heck of it... Whole country under a single /22 block. [00:18] is that orlando? [00:19] it feels laggy [00:19] oh i can test my script [00:19] The host is located just outside Orlando, FL, yes [00:20] yip as i suspected a little variable [00:20] actually not that bad [00:20] but it's higher than the ping [00:21] is it going to get upgraded to openbsd 5.6? [00:21] Probably not any time soon. [00:22] Too many big things break between 5.4 and 5.5 and we just don't have the time to deal with that. [00:22] debian, openbsd, ubuntu are all coming out with new versions at once. [00:22] (uninstall/reinstall all packages, php changes versions and package names, etc) [00:23] php is the big one [00:24] this is really old server isn't it [00:24] I mean, it's definitely not impossible to upgrade. But it's risky enough as it is (we have no remote console/kvm, all upgrades are 100% headless in the running/old kernel) [00:24] like dual dual core pentium4 [00:24] hw.model=Intel(R) Xeon(TM) CPU 2.80GHz ("GenuineIntel" 686-class) [00:24] quad-core [00:24] you sure? [00:24] I'm just relaying what sysctl hw shows :p [00:25] hw.product=X5DPA-TGM+ [00:25] as opposed to dual dual cores [00:25] Ah on that front, I have no idea [00:25] just going by hw.ncpu [00:25] ddr1 :) [00:25] just "ddr" :p [00:26] yeah [00:26] (it was never called "ddr1") [00:26] it'll be slower than xeon 5060 probably [00:26] it is like sata1 is sata 1 :/ [00:27] i wonder if people will start saying http1 [00:27] to mean http/1.0 or /1.1 [00:27] there was a 0.9.. [00:27] 1.0 is much simpler\ [00:27] so sometimes it's used on purpose [00:28] True [00:29] (looking at dmesg suggests that yes it is 2x dual-core Xeons) [00:30] it's amazing how much faster openbsd feels on old harwdare compared to linux [00:30] arch linux is better than most distributions. [00:30] but even that computer if lightly loaded would seem like a "fast" server probably. [00:34] dns resoluution doesn't work in mtr? [00:35] Not on OpenBSD [00:35] weird [00:35] it works on my openbsd box [00:35] http://comments.gmane.org/gmane.os.openbsd.ports/64403 [00:36] You're not running 5.4 are you? [00:36] oh just broken in 5.4 [00:36] nah i'm current 5.7-current apparently [00:36] And possibly earlier [00:36] But it was fixed after 5.4 [00:39] cool project though [00:45] *** Guest6327 is now known as easymac [00:45] *** easymac is now known as Guest57394 [01:04] hmm there's packet loss on mtr from arp to devio.us on ipv6 [01:07] Oh? My mtr has been running for 14,600 packets and dropped just 62. [01:07] maybe just my luck [01:07] (and none of those in the last 10 seconds) [01:08] mine was 1600 with 2 dropped [01:08] but it shows as 0.1% [01:08] and the best to average is kind of high [01:08] even for first hop [01:08] i don't think ipv6 has deprioristiation [01:09] yeah throughput is shot too [01:09] hmm it's on/off [01:10] curl -6O https://weallsee.net/10m [01:10] 130 packets, no loss anywhere [01:10] the current one is stalled [01:10] it seems to be every 2nd connection is slow [01:10] but maybe juust luck [01:11] I've run it twice in a row now, never stuck. [01:11] there's two ip's [01:12] 2400:cb00:2048:1::681c:67e... [01:12] i think that's the slow one [01:13] i don't know how to makoe curl pick one address [01:13] my usual trick of -x doesn't work with cloudflare [01:14] yeah it's not based on ip anyway it looks liek [01:15] and now it's going fine [01:15] it was < 10k/sec before [01:15] now it's over 600k/sec [01:46] *** Guest57394 is now known as easymac [01:46] *** easymac is now known as Guest93 [02:17] what the hell level3... [02:27] what's level3 doing? [02:47] *** Guest93 is now known as easymac [02:47] *** easymac is now known as Guest31109 [03:32] *** ziyourenxiang has joined #arpnetworks [03:47] *** Guest31109 is now known as easymac [03:48] *** easymac is now known as Guest4079 [03:55] *** ziyourenxiang has quit IRC (Quit: ziyourenxiang) [03:56] *** ziyourenxiang has joined #arpnetworks [04:09] *** ziyourenxiang has quit IRC (Quit: ziyourenxiang) [04:48] *** Guest4079 is now known as easymac [04:48] *** easymac has quit IRC (Quit: leaving) [05:27] *** mike-bur1 is now known as mike-burns [05:41] *** temporary4242 has joined #arpnetworks [05:42] hi, do you guys get a certificate error when you go to https://portal.arpnetworks.com ? [05:42] i don't. [05:43] it's not even yellow in chrome like some web sites have been recently [05:43] what date does your computer say it is? [05:44] okay thanks meructio. think it must be me then. the date on my computer is current. my cellphone browser gives me a certificate error as well. [05:44] because the certificate is only valid from one month ago, so if your date is off by a month it could be reason? [05:45] maybe it's a problem with my cache. [05:45] that's strange. [05:45] cert info isn't usually cached afaik [05:45] it's a rapidssl cert. [05:45] they're pretty common. [05:45] my friend had cert issues with a few sites recently, and he found that os x had somehow got some weird verisign certificate installed. [05:45] which was in a chain [05:46] which made like no sense to me, but apparently you can click and it can replace certs. [05:46] but when it's happening on two devices that kind of thing seems unlikely. [05:46] i duunno if it's chained [06:33] temporary4242: i get an error, too [06:33] running ssltest now [06:33] looks like an intermediate cert is missing [06:34] yup [06:34] https://www.ssllabs.com/ssltest/analyze.html?d=portal.arpnetworks.com&hideResults=on [06:34] yes. i think so too. [06:34] up_the_irons: portal.arpnetworks.com is missing the intermediate cert: https://www.ssllabs.com/ssltest/analyze.html?d=portal.arpnetworks.com&hideResults=on [06:36] *** poulsen has joined #arpnetworks [06:51] *** temporary4242 has quit IRC (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client) [08:24] *** RandalSchwartz has joined #arpnetworks [08:24] *** RandalSchwartz has quit IRC (Changing host) [08:24] *** RandalSchwartz has joined #arpnetworks [08:25] up_the_irons: Also, what gives with the lack of TLSv1.2? [08:25] or v1.1 for that matter [08:25] And all these old, insecure cipher suites that are supported still... [08:26] My ssl test gives a pretty simple error: "Provided certificate issuer does not match issuer in certificate. Sent chain order wrong." [09:32] *** poulsen has quit IRC (Ping timeout: 248 seconds) [10:02] I got a PCI compliance alert... had to disable all SSL versions [10:02] so its only TLS here out [10:05] Many PCI scans flag TLS1.0 usage too [10:06] We had to add a checkbox to our firewall product to allow customers to disable TLSv1.0 in order to pass their PCI scans (at the expense of breaking slightly-old browsers) [10:14] shouldn't the intermediate cert be pulled in automatically? [10:15] is the reason it's working for me because i've visited non portal sites first? [10:16] mercutio: Welcome to certificate chains! It is also downloaded, but a proper chain means that the client has the root cert and your server provides the rest of the links in the chain including its own cert (of course). Otherwise, the intermediate certs could be MITM'd. [10:16] It's a soft-error, generally. [10:16] And certificates are not [supposed to be] cached, so no that wouldn't explain it. [10:17] hmm [10:17] why's chrome accepting it for me? [10:17] is it because the intermediate is stored locally or something? [10:18] Could be. (Why Chrome does anything wrt SSL is often a mystery :p) [10:22] weird [10:23] it says geotrust on firefox, and rapidssl on chrome [10:23] but both look normal to me [10:24] ssllabs shows two paths, one with GeoTrust being the CA in the trust store. (aka cacert.pem) and the other path shows the GeoTrust CA (with a different fingerprint) as being sent from ARP, and rooted with Equifax [10:24] it's definitely a bit screwy ;p [10:25] RapidSSL is still the intermediate either way [10:25] ok [10:25] I'd assume that Chrome opts to show the intermedia as that's most likely the reseller used [10:25] yeah i must admit i'm not that clued up on ssl [10:25] *intermediate [10:26] i still don't see how a certificate being signed by any of a nuumber of signers really does anything [10:26] you just trust to some random company [10:26] adn they don't make sure you're who you say you are? [10:26] Exactly. SSL is effectively broken. [10:26] Well they're supposed to, to varying degrees [10:27] freak attack sounds like a real issue because you can decrypt [10:27] For instance websites with "the big green bar" (eg. github.com) have an "extended validation" cert, where they pay gobs of money and go through extensive background checks. [10:27] but as far as validating domains shouuldn't there just be a key in dns or something? [10:28] lots of sites are yellow for me in chrome recently [10:28] The most basic certificates are issued with just domain-ownership verification (eg. startssl's free certs) wherein they verify that you receive an email sent to one of the addresses on the domain registration. [10:28] yeah that sounds dodgy [10:29] so you could register gmail.com by having an email address @ gmail.com? [10:29] But there's nothing really stopping a rogue CA from just blindly giving out certificates, which has happened... and then that CA's cert is revoked. But if your client machines don't get the memo (eg. Windows Update) then they're still susceptible. [10:29] oh [10:29] one of the ones on whois [10:29] mercutio: has to be in the domain's registration, eg whois [10:29] i'm surprised i don't get more spam with my normal email address being in my whois for my domain names :) [10:29] So I have proven to a company that I own (who really owns domains??) brycec.ninja so they will give me certificates that say they've verified that much. [10:30] I'm surprised too. [10:30] ewll it's only nz ones [10:30] i think they're blocked from international actually [10:30] Nope, not blocked. [10:30] hmm [10:31] (which you could test from your devio.us shell too :P) [10:31] heh [10:31] devio.us has level3 back to arp [10:31] you know how i was searching for level3 test sites? :) [10:31] lol [10:32] hmm i could smokeping it? [10:32] it was showing loss before starting at a hop that said cogent xe or something [10:32] You could smokeping at it. I'm already running a smokeping slave on it. [10:32] (we don't have a great connection, mind you.) [10:32] but seemed to be the entry point to their provider [10:32] and so it was uusing their forward path [10:32] which is level3 [10:33] well yeh the provider has cogent :/ [10:33] I meant internally. For the longest time, the our link to the switch was 10baseT/half-duplex :P [10:33] oh [10:33] ouch [10:34] what is it now? [10:34] (And then one day it magically fixed itself, 100/FD, yay) [10:34] heh [10:34] https://smokeping.cobryce.com/?target=Slaves.wolfman when it works... Often the log-rotate ends up killing smokeping entirely and I just don't notice. [10:34] yeah 10 megabit kind of sucks now adys [10:34] even if it's full duplex [10:34] but for a shell it really shouldn't matter most of the time [10:35] half-duplex limited us to about 250kB/s effectively :( [10:35] it's still slow network wise it seemed [10:35] which meant offsite backups were horrriible [10:35] Yep [10:35] but i wonder if that's partially to do with old cpus and the system cpu usage being high :/ [10:36] loadav 1.68 and all 4 cores about 90% idle? I don't consider that high. [10:36] being that vintage it's likely to be scsi disks though [10:36] so it's not so easy to upgrade cpu [10:37] SATA in BIOS IDE mode actually [10:37] weird i saw high cpu suage on top when i checked [10:37] and commands seemed to pause part way through [10:37] oh [10:37] woah [10:37] it's way faster than it was last time [10:37] ^ that just sounds like network "pause" not execution pause. [10:38] nah multiple little times [10:38] like top and w and so on were slow [10:38] so was logging in [10:38] and there was a delay before showiong shell etc [10:38] well sure, both dump a ton of text to the screen [10:38] it's /way/ faster now [10:38] I get about 60ms from ARP to devio.us, worst was 244ms according to mtr [10:38] i have my cl command on there :) [10:39] it's about 6 msec higher than ping for ssh latency [10:39] but it's reasonably stable [10:39] so i d\on't think it's network [10:39] cur: 213.824msec, min: 213.562msec, max: 217.260msec, avg: 214.050msec [10:39] it was slightly quicker bouncing via arp [10:39] but more spikes [10:40] 2 minutes of mtr - 60.0 +- .2ms [10:40] from my ARP VPS to devio.us, ipv4 [10:42] 240 60.2ms +- 1.66 [10:43] 300: 60.1 +- 1.4ms [10:43] (And https://smokeping.cobryce.com/?target=Slaves.wolfman is repoting once again) [10:43] *reporting [10:46] i probably logged in when it was doing backup or something [10:46] and i dunno why i thought about moving drives. you ucan just copy something onto new drives [10:47] (nope, no system backups. Next backup runs in 1h15) [10:47] oh weird [10:47] (570: 60.0 +- 1.1ms) [10:47] That's not to say a user wasn't copying files or the like... [10:48] i often seem to be around US 1 am etc :) [10:48] Well it's 10.46-13.46 in the mainland US now :p [10:48] yaeh, weird time for a backup [10:48] i shouldn't be up [10:49] i went to bed but got up again heh [10:49] lol [10:49] You do seem to always be on IRC :p [10:49] yeah i've been bad recently [10:49] twss [10:49] Okay! twss! 'yeah i've been bad recently' [10:51] servers aren't as cheap on ebay as i thought they were [10:53] http://www.ebay.com/itm/HP-ProLiant-DL360-G6-Server-w-Quad-Core-2-67GHz-Intel-Xeon-X5550-2GB-RAM-/251918227028?pt=LH_DefaultDomain_0&hash=item3aa77f1654 [10:53] $200 for dl360 g6 [10:53] with shit all ram [10:54] most are more than that though [13:00] brycec: Thanks for that Amazon suggestion http://www.amazon.com/WeMo-Electronics-Anywhere-Automation-Smartphones/dp/B00BB2MMNE WeMo switch. I set it up and it works great [13:00] Amazon: "Belkin WeMo Switch, Control Your Electronics From Anywhere with the Home Automation App for Smartphones and Tablets, Wi-Fi Enabled" [13:01] Super, glad to hear that, mnathani [13:03] *** mnathani_ has joined #arpnetworks [14:20] *** mnathani__ has joined #arpnetworks [14:22] *** mnathani_ has quit IRC (Ping timeout: 246 seconds) [15:17] *** poulsen has joined #arpnetworks [16:37] *** poulsen has quit IRC (Remote host closed the connection) [16:57] ant: hmm seltsam [17:15] *** qbit has quit IRC (Quit: leaving) [17:19] ant: brycec : OK cert chain order should be fixed [17:32] *** qbit has joined #arpnetworks [17:32] *** qbit is now known as Guest81417 [17:35] *** Guest81417 is now known as qbitr [17:36] *** qbitr is now known as qbit [17:41] *** qbit has quit IRC (Quit: leaving) [17:41] *** qbit has joined #arpnetworks [18:08] Confirmed, cert order is correct. [18:08] Still can't imagine why you wouldn't enable TLSv1.1 and 1.2. [18:09] But that's a "fight" for another day I suppose :p [18:10] Server: Apache/2.2.14 (Ubuntu) mod_fastcgi/2.4.6 Phusion_Passenger/3.0.11 PHP/5.3.2-1ubuntu4.27 with Suhosin-Patch mod_ssl/2.2.14 OpenSSL/0.9.8k mod_wsgi/2.8 Python/2.6.5 [18:10] wow, that's an ancient server to have OpenSSL/0.9.8k and Python/2.6.5 [18:11] pre exploit [18:11] is it lucid? [18:20] lucid, yeah [18:23] precise is still php 5.3 [18:28] is there a way to install Archlinux without having to manually create partitions and install a bootloader and get into internal details of the system? [18:28] mnathani: that's actually pretty easy [18:28] i mean to install [18:29] i mean manually creating a partition or two isn't very complicated. [18:29] it's slightly more complicated with uefi [18:30] it was much easier than ubuntu for raid setup for me [18:32] if you have a reasonable knowledge of linux i wouldn't say it's any more time consuming than ubuntu install [18:32] (which has questions.. then does stuff... then questions etc) [18:32] ubuntu install is pretty straightforward [18:32] so is arch [18:32] dont have to manually setup a bootloader [18:32] just follow the install guide [18:32] Gentoo was the same way... though I think there are a couple of derivatives that have sprung up since I last used it that made the install process "user-friendly" [18:32] from the last time I tried [18:32] https://wiki.archlinux.org/index.php/Installation_guide [18:33] if things like "grub-mkconfig -o /boot/grub.cfg" are easy for you it's easy. [18:33] the network configuration is the hardest part imo [18:37] Has Arch settled on a singular way to configure networking yet? [18:37] nope [18:37] Well sorta hard to wrap a simple installer around that :p [18:38] grub etc is the same amongst all the linux [18:38] network config in general is different betwen them [18:38] like centos, arch, openbsd, ubuntu/debian are totally different [18:39] also arch doesn't have ifconfig by default [18:39] so you need net-tools package if you want ifconfig [18:41] do you guys know how to use iptables to do load balancing and other advanced networking? [18:41] i wouldn't use iptables for load balancing [18:42] i know how to do redirect :/ [18:43] if you mean load balancing for web servers or something, then i'd go for layer 7 load balancing [18:43] if you mean for adsl connections or the like there are huge caveats like having different ipa ddreses normally [18:43] yea, web server load balancing [18:43] yeah go layer 7 [18:44] use linux virtual server or the like [18:44] i just use relayd fwiw [18:44] but that's bsd [18:44] what software do you use for the transparent proxy? [18:44] trafficserver [18:45] i used to use squid [18:45] but i have relayd going to trafficserver [18:45] in layer 7 mode [18:45] and passing through the original ip [18:45] layer 7 makes things a lot simpler [18:45] the only caveat is you don't get the users original ip address. [18:46] but you can get it to just add it [18:46] if you have more than one "entry point" it just makes sense a lot easier with layer 7 [18:47] you don't have to share state etc [18:47] but it does still mean that things can get screwy if it changes entry point [18:48] but yeah i'm sure you can find lots of information about linux virtual server if you want to go down that path [18:49] it suupports fancy modes like being able to act only on the forward path and return bypassing the load balancer, but i wouldn't recommend for complexity reasons [18:49] but they're definitely aiming for high performance, and to be able to have a lot of ways of doing things [18:50] http://www.linuxvirtualserver.org/VS-DRouting.html [18:50] ahh this is what i was thinking of [18:50] like that's the highest performance way, but complexity raises [18:51] http://www.linuxvirtualserver.org/software/ktcpvs/ktcpvs.html [18:51] looks like this is one layer 7 way [18:52] hmm last released 2004 [18:53] relayed is a lot simpler :) [18:54] haproxy looks like another alternative [18:55] You're not supposed to want deprecated programs. That's like choosing to run ssh1 :p 18:38:34 ⤷ | so you need net-tools package if you want ifconfig [18:55] brycec: heh [18:55] brycec: a lot of people still expect it [18:55] just like lots of people still use bash :/ [18:55] even though zsh is out and way better [18:56] (or ksh...) [18:56] btw, you know fdisk is deprecated? [18:56] (though I personally use zsh) [18:56] fdisk is still usued a lot too [18:57] Not as much as disklabel where I work :P [18:58] heh [18:58] i hate dladm [18:58] why does everything have to be different [19:19] when ubuntuu etc maintain php 5.3, how well do they maintain it? [19:19] considering it's eol upstream [19:20] seems they do ok with it, but i never ran super intensive php tasks, just webapps [19:20] it's only been eol for 8 months [19:21] oh, missed the 5.3 part [19:21] i'm a bit uuncomfortable with long term support type things by vendors over large amounts of packages [19:21] completely unrelated, we've been feeding our cats w/food made by some company in new zealand [19:22] heh. [19:22] kangaroo and brushtail, haha [19:22] we don't have kangaroos here. [19:22] company is in NZ [19:22] so apparently, they import them [19:22] haha [19:23] i wonder if they sell it locally [19:23] dunno [19:23] Addiction Foods is the only worldwide pet food manufacturer to use the NZ Brushtail / Possum and Australian kangaroo [19:23] yea, that's one [19:23] i can't say i've heard of it :) [19:24] oh the idea if they're pests :/ [19:24] i didn't know kangaroos were pests. [19:24] we've fed our cats addiction stuff and mauri is the other [19:24] i wonder what it tastes like [19:25] dunno, doesn't smell horrible though [19:25] http://www.quora.com/What-does-kangaroo-meat-taste-like [19:25] in pet food [19:25] haha [19:25] yeh i've never eaten it [19:25] cats like it though [19:26] i hate the smell of catfood normally [19:26] yep, me too. i don't really like the smell of meat in general (not a meat eater) but this stuff isn't awful [19:26] smell-wise [19:26] cool. [19:27] do you get nz meat there? [19:27] don't think so, but i haven't bought meat in years [19:27] never remembered seeing it [19:27] i remember reading somewhwere that some places sell lots of tongues, brains, etc. . [19:27] we don't really sell that stuff much here. [19:28] they sell tongue here, it's used in some mexican cuisine [19:28] i've never had tongueu [19:28] That's what she said!! [19:28] tripe too, and intestine [19:28] used in a thing called menudo [19:29] http://en.wikipedia.org/wiki/Menudo_(soup) [19:29] Menudo (soup) :: Menudo is a traditional Mexican soup (also known as pancita) made with beef stomach (tripe) in broth with a red chili pepper base. Usually, lime, chopped onions, and chopped cilantro are added, as well as crushed oregano and crushed red chili peppers. Menudo is usually eaten with tortillas or other breads, such as bolillo. It is often chilled and reheated, which results in a more concentrated flavor. The popularity of... [19:29] i've had tortillas :/ [19:29] That's what she said!! [19:29] but yeah i've never heard of that [19:29] BryceBot: no [19:29] Oh, okay... I'm sorry. 'i've had tortillas :/' [19:29] wtf, lol [19:30] i think the only mexican places i've been to aren't that authentic. [19:30] That's what she said!! [19:30] BryceBot: no [19:30] Oh, okay... I'm sorry. 'i think the only mexican places i've been to aren't that authentic.' [19:30] i heard that indian food is totally different to what people in india eat. [19:30] yeah, it's odd to find absolutely authentic anything outside of the place where you find it normally [19:31] s/odd/hard [19:31] yeah, it's hard to find absolutely authentic anything outside of the place where you find it normally [19:31] *** NiTeMaRe is now known as NiTe [19:31] yeah [19:31] indian is my favourite ethnic food. [19:31] yea, one of mine for sure [19:31] i like indian and thai a lot [19:31] and it's become really popular here. [19:32] i like thai too, but there's no good thai places i can find around here [19:32] and heaps of good indian. [19:32] it's really weird. [19:32] http://www.chaishoppe.com/ i like this place [19:33] this reminds me of hare krishna's :) [19:33] looks interersting [19:34] butu expensive looking too :) [19:34] yeah, a bit [19:34] by presentation rather than price :) [19:34] gotcha [19:34] it's hard to tell portion size . [19:35] american portions are stupid usually, haha [19:40] *** NiTe is now known as NiTeMare [19:40] *** NiTeMare is now known as NiTeMaRe [19:43] *** NiTe has joined #arpnetworks [21:48] *** gizmoguy has quit IRC (Ping timeout: 272 seconds) [23:05] *** himuraken has quit IRC (Quit: No Ping reply in 180 seconds.) [23:18] *** himuraken has joined #arpnetworks [23:28] *** poulsen has joined #arpnetworks [23:52] *** poulsen has quit IRC (Read error: Connection reset by peer) [23:52] *** poulsen has joined #arpnetworks