[04:01] *** Hien has quit IRC (Ping timeout: 252 seconds) [04:02] *** Hien has joined #arpnetworks [04:07] is heartbleed still common in the US? [04:07] amount of attempts on 443 vs. my entire IP ranges in the UK, am seeing more on my /29 from ARP [04:31] never assume hackers are good at targetting [04:32] there's been a general increase of scanning in general though [04:32] not only malicious [04:34] aye, i've seen a lot of "research" companies are contributing the the noise [04:34] just glad when i setup this pfsense that i managed to get it's webui to listen on a port other than 443 [04:34] else i would have probably got admin/admin owned [04:47] seems like my bank hates me [04:56] *** cpet has left [05:03] typical.. i tanked my previous CSR/Key for my ssl [05:03] i hate revoking [07:13] *** Guest56962 is now known as qbit [08:06] *** sjackso has joined #arpnetworks [08:10] up_the_irons: Just saw the new web site, and had to drop by and say congrats. Looks great. [09:26] *** ant has quit IRC (Read error: Connection reset by peer) [09:44] *** ant has joined #arpnetworks [09:57] *** ant has quit IRC (Quit: Leaving) [10:21] *** ant has joined #arpnetworks [10:56] anyone have some documentation for port knocking and how I would go about setting that up on a Linux system? [10:57] Like http://linux.die.net/man/1/knockd ? [10:58] (There are a handful of promising looking google results) [11:04] thanks [11:12] np (and here I didn't think I was being very helpful :p) [12:09] *** ameise has joined #arpnetworks [12:12] *** ant has quit IRC (Quit: Leaving) [12:12] *** ameise is now known as ant [12:13] *** grody has quit IRC (Read error: Connection reset by peer) [12:13] *** grody has joined #arpnetworks [16:34] speaking of port knocking / security. with ipv4 ipsec never really took off for casual use because people's ip's are constantly changing, nat etc.. [16:35] but i wonder with ipv6 having ipsec policies between ip subnets without any vpn or such will become more popular. [16:47] I'm getting like 2KB/s from ARP [16:48] o_o [16:48] oh wait, just picked up a bit [16:48] 2k/sec?! [16:48] it looks normal from here fwiw [16:48] even using this session for IRC (which is screen'd on an ARP server) is painfully lagged [16:49] mtr please [16:49] yeah it's probably the route back to you if it's 2k/sec [16:49] but it could be either direction [16:49] mtr in both directions is good :) [16:49] Yea, looking like its in the middle [16:50] You might try http://ipv4.speedtest.cobryce.com/index-php.html too which is hosted on ARP. I just ran it and maxed my VPS/ISP's bandwidth. [16:50] middle can mean it's changing paths too [16:50] like it returns a good path half way to sending to arp, then hops further along go down a bad path back. [16:50] * brycec should move that to box with GbE one of these days [16:51] i'm getting 20/8 from that [16:51] installing mtr [16:51] Well it's better than the 2k/s that pjs was getting :P [16:51] buut i'm not experiencing issues [16:51] use mtr-tiny pjs [16:51] if ubuntu [16:51] it doesn't have all the gtk dependency crap [16:51] mercutio, os x [16:52] oh [16:52] (I got just under 100mbps down from it, and 12mbps up to my speedtest, which is ARP's and my ISP's limits, respectively) [16:52] cool. [16:52] It won't even run for me :) [16:52] heh [16:53] my mtr install seems to have died as well (fetching files) [16:53] hmm [16:53] pjs: would you mind telling us your ip? [16:53] probably an issue outside of ARP [16:53] no doubt [16:53] but yeah sounds like it could be outside arp [16:53] Agreed. At least it's probably not limited to just your VPS' host machine or subnet. [16:54] outages says about verizon dallas routing issues [16:54] can't see anything else [16:54] *** sjackso has quit IRC (Quit: Lost terminal) [16:54] are you using verizon pjs? [16:54] because my verizon smokeping went off earlier today too [16:55] I do see a Verizon IP hitting my speedtest [16:55] (but not starting a test) [16:55] from 71.96.0.0/11 [16:55] that's dallas isan't it? [16:55] well the .1.1 is :) [16:55] mercutio Yes I am.. FiOS [16:56] a /11 is pretty big [16:56] I'm in LA :) [16:56] pjs: yeh i think it's probably just a verizon issuue then i'm sorrey [16:56] mercutio: It's the netblock whois returned and I didn't want to get too personal with his IP ;P [16:56] brycec: understand :) [16:56] Just my luck.. all good.. whatever [16:57] it'll probably clear up soon i imagine [16:59] they're talking about issues in NY on outages@ [16:59] oh and apparently issues on verizon to level3 and ntt [16:59] both of which arp use [17:00] thanks dude! [17:00] that helps [17:04] \o/ hooray we're a helpful IRC channel. [17:05] heh, we usually are brycec [17:08] weird, i have a few mtr's running and they seem to be burning heaps of cpu for some reason [17:08] like 2 to 13% cpu each [17:08] I've seen mtr do that on long-running instances, eventually grinding to a halt too. [17:08] they probably are long running [17:08] i have too many shells open again [17:08] (not even 'R' reset cleans it up) [17:09] i was just noticing my load average is a bit high [17:10] hmm, i wonder if i should get my window manager tos how how many shells are open [17:10] i closed a whole lot, and it's down to 245 on grep for zsh :) [17:17] one of tehm shifted to 100% cpu and isn't responding [17:18] is that what you meant brycec? [17:18] yup [17:18] it doesn't even respond to ^C [17:18] I've had exactly that happen [17:18] oh neither does this one [17:18] not even ctrl \ works hmm [17:18] second one did the same [17:19] ctrl-\ ? that's a new one to me... [17:19] does a coredump [17:19] ah, TIL [17:19] sometimes works when ^C doesn't [17:19] That's what she said!! [17:19] down to 23 shells, taht's a bit more reasonable :) [18:47] *** toeshred has quit IRC (Read error: Connection reset by peer) [19:19] *** toeshred has joined #arpnetworks [19:36] who do i pester about having my /48 routed to me? [19:36] That's what she said!! [19:37] grody: support@ [19:37] thanks :) [19:38] And be sure you understand how to configure it on your end. support@ has no patience for that kind of nonsense [19:38] that's what she said. :) [19:38] twss [19:38] Okay! twss! 'that's what she said. :)' [19:38] And be sure you understand how to configure it on your end. support@ has no patience for that kind of nonsense [19:38] twss [19:38] Okay! twss! 'And be sure you understand how to configure it on your end. support@ has no patience for that kind of nonsense' [19:38] (at least, that's what the FAQ says) [19:38] I presume ipv6 /48 [19:38] brycec, indeed.. i've been playing with IPv6 for quite a while.. just never needed more than the /64 on ARP til now [19:38] if you have a ipv4 /48... scary [19:39] /48's are easy [19:39] The /48 gets routed to a link-local address rather than just being made available on the VLAN. It's quite simple really, but comes as a shock to many. [19:39] i do have two /32's advertised... it's a &*%^"*! nightmare [19:39] v4 or v6 /32? [19:39] heh... v4 /32 is a single address [19:40] "come talk to me at 2.3.4.5!" [19:40] brycec, yea.. every IP in the scope simply gets sent to the automagic link-local, my end i choose what /64's i want and via link-local on iface [19:40] and v6 /32 is ISP-sized subnet [19:40] grody: it's a static link-local, but you've got the idea. [19:40] I have something like 5 /48's now [19:41] (You are fe80::2 and ARP is fe80::1) [19:41] brycec, yea pfsense (freebsd) is piece of piss for networking :) [19:41] like teh easiest to get things done impo [19:42] just wanna experiment with VPN based load-balancing [19:42] have US/EU/UK IP addresses, but ultimately route to a single server blade [21:42] you could run an accelerator in different locations grody? [21:42] well for web stuff [21:43] what would a v4 /48 even be [21:46] confusing :) [21:47] "my ip address is 2.3.4.5.00132' [21:47] actually port is 2 bytes... [21:49] of course that's only tcp/udp