***: anis has joined #arpnetworks
phlux has joined #arpnetworks
up_the_irons has joined #arpnetworks
ChanServ sets mode: +o up_the_irons
m0unds1 has joined #arpnetworks
relrod_ has joined #arpnetworks
jcv_ has joined #arpnetworks
relrod has quit IRC (Ping timeout: 246 seconds)
jcv has quit IRC (Ping timeout: 246 seconds)
tooth has quit IRC (Ping timeout: 246 seconds)
b^_^d has joined #arpnetworks
b^_^d has quit IRC (Changing host)
b^_^d has joined #arpnetworks
tooth has joined #arpnetworks
d^_^b has quit IRC (Ping timeout: 246 seconds)
NiTe has quit IRC (*.net *.split)
nesta has quit IRC (*.net *.split)
neish_ has quit IRC (*.net *.split)
twobithacker has quit IRC (*.net *.split)
RandalSchwartz has quit IRC (*.net *.split)
tellnes has quit IRC (*.net *.split)
plett has quit IRC (*.net *.split)
m0unds has quit IRC (*.net *.split)
staticsafe has quit IRC (*.net *.split)
NiTeMaRe has quit IRC (*.net *.split)
meingtsla has quit IRC (*.net *.split)
pyvpx_ has joined #arpnetworks
pyvpx has quit IRC (Ping timeout: 246 seconds)
milki__ is now known as milki
nesta has joined #arpnetworks
plett has joined #arpnetworks
twobithacker has joined #arpnetworks
meingtsla has joined #arpnetworks
neish has joined #arpnetworks
staticsafe has joined #arpnetworks
RandalSchwartz has joined #arpnetworks
RandalSchwartz has quit IRC (Changing host)
RandalSchwartz has joined #arpnetworks
twobithacker is now known as twobithac
tellnes has joined #arpnetworks
NiTe has joined #arpnetworks
jcv_ has quit IRC (Quit: leaving)
jcv has joined #arpnetworks
m0unds1 has quit IRC (Quit: WeeChat 1.1.1)
m0unds has joined #arpnetworks
relrod_ is now known as relrod staticsafe: mercutio: you around? ***: NiTeMaRe has joined #arpnetworks
anis is now known as anisfarhana
anisfarhana has quit IRC (Changing host)
anisfarhana has joined #arpnetworks mercutio: staticsafe: i am now staticsafe: mercutio: you think up_the_irons will announce IPs for a VPS without my own AS? mercutio: staticsafe: nope
staticsafe: do you have a /24 ? staticsafe: yes mercutio: and is your provider just advertised it with their own ASN atm? staticsafe: indeed mercutio: it's aRIN? staticsafe: yes mercutio: looks to be $550 for an ASN and $100/year
on arin's fee schedule page.
the general issue with multiple providers doing that is it's harder to tell if people are spoofing or such. staticsafe: im looking to move from my current provider, i'll be asking them to drop the announcement as soon as I'm done moving some stuff mercutio: you could always ask
new asn's juumped to 32 bits too. -: staticsafe nods mercutio: there's no real ip to asn mapping
but if too asn's advertise the same ip address it can look like one provider is spoofing the other provider
actually i wouldn't worry too much, it used to be common.
but it's not considered good practice
wow the average programmer is 42.8 years
err average age for mnathani_: how can you have your own IP space but no AS Number? staticsafe: someone else is announcing the IP space mercutio: arin fees are so much smaller than apnic fees.
mnathani_: that's actually pretty common for legacy space. mnathani_: can you multihome like that
with no AS staticsafe: nope mercutio: mnathani_: in theory yes. mnathani_: would require coordination among providers? mercutio: nope mnathani_: inbound multihoming or outbound ? ***: staticsafe has quit IRC (Quit: WeeChat 1.1.1) mercutio: you can do both mnathani_: does it require anything special from the providers mercutio: not really, this is how things like google getting spoofed happens
there's quite a few instances of route hijacking that happen
there's various levels of filtering...
but overall it's a sorry state of affairs.
that said; it's easy to hijack. but it's also reasonably easy to notice hijacking
but there's a reasonably real concern that if it got possible to make false certs easily for instance, it'd be easy to spoof paypal
if you can do damage in a short period of time, ..
http://www.slate.com/articles/technology/future_tense/2014/08/bgp_hijacking_cybercriminals_used_internet_architecture_to_mine_bitcoins.html
something like that
it's one of those issues that people have known about for years..
just like the other issue where you can spoof anyone's ip
the spoofing people's ip addresses makes ddos's harder to track.
and it seems to be less of an issue than it used to be.
but i don't know if it is that providers have done more to stop it, or if there are just more easily hackable sites to ddos from. RandalSchwartz: there must be well known solutions to system being down when a cron job is schedule to run it anyway lataer. mercutio: arp stops you ddos'ing from random ips. RandalSchwartz: I seem to recall something like "anacron" or something mercutio: RandalSchwartz: chronie
and anacron
that stuff all got fixed years back
when linux on desktop became common :)
https://wiki.archlinux.org/index.php/Cron
seems to be lots of information on there. RandalSchwartz: thanks mercutio: http://www.bgpmon.net/bgp-optimizer-causes-thousands-of-fake-routes/
hmm
so enzu(budgetvm) leaked routes on any2ix recently. mnathani_: anyone else tracking the stock price of Amazon and Microsoft over the last few days? mercutio: nope, si it going downor up? mnathani_: both going u p
MSoft %10
Amazon closer to %15 mercutio: wow
i wonder why
wow
amazon web services made shit loads of money mnathani_: its a solid product offering mercutio: it never impressed me :/
at the low end it pretty much sucks to my mind
but they are pretty well known with some big customers.
i really don't understand why people like netflix use aws mnathani_: Api to control the vms, regions for redundancy mercutio: i suuppose it has that going for it
but they have all of their servers everywhere
youu'd think they could just go in house
netflix's web site is pretty bad actually ***: staticsafe has joined #arpnetworks mercutio: http://aws.amazon.com/solutions/case-studies/netflix/
hmm they have a case study
10s of thousands of instances
sounds really expensive :/ mnathani_: thousands of instances and hundreds of open connect appliances at the expense of service providers everywhere m0unds: they didn't design it to be used like a cloud server
"cloud" server in quotes (e.g. a VPS w/dedicated storage)
i think that's the biggest thing lots of folks don't get (not saying you don't, but it's a common misconception about aws and azure both) brycec: m0unds++ RandalSchwartz: Ooooh.... fcron.
like regular crons on steroids brycec: I remember fcron (et al) from my Gentoo days... ***: twobithac is now known as twobithacker mercutio: did anyone ever use the at command?
it seems underused
i uused to just use sleep && grody: use atq on fbsd
especially when doing updates to firewall or something critical to a server coponent incase i slam myself out remotely.. have a backup command ready to fire off after x time if i didnt jump in and stop it
s/atq/at/ - although atq is a command related too
just seemed cleaner using it in scripts instead of sleep and &(&&) mercutio: yeah
it's been around forever, i just don't see it uused much grody: i still suspend, bg, fg, jobs a lot too mercutio: yeah i do a bit grody: ah crap, i broke my bloody aosp repo again - my isp must ♥ me, be downloading like the end of the world is nigh
13GB a pop to download it again
maybe should get a good copy, tarball it, then if i break again just use the good repo
running out of space though... and places to put drives mercutio: can'y you just back it up
oh right yeh do that :/
or just zfs snapshot it ***: anis has joined #arpnetworks
anisfarhana has quit IRC (Ping timeout: 264 seconds)
anis is now known as anisfarhana
anisfarhana has quit IRC (Changing host)
anisfarhana has joined #arpnetworks brycec: mercutio++ I was going to suggest the same thing (until I got caught up this far)
I typically transfer between 500GB and 1TB a month, my ISP can suck it.