[00:09] *** Travis__ has joined #arpnetworks [00:20] *** Travis__ has left [05:26] *** lyarick has left [07:14] *** jcv has quit IRC (Ping timeout: 250 seconds) [07:18] *** jcv has joined #arpnetworks [09:25] *** carvite has quit IRC (Ping timeout: 250 seconds) [11:26] *** carvite has joined #arpnetworks [14:02] *** medum has joined #arpnetworks [16:38] *** pyvpx has quit IRC (Ping timeout: 240 seconds) [16:58] *** pyvpx has joined #arpnetworks [17:41] *** chrismsnz has joined #arpnetworks [17:43] Hi guys, I was trying to find an arp networks official position on running Tor exit nodes and thought I would ask here before emailing support [17:43] i think it'd be considered network abuse. [17:44] that is unfortunate - i'll email support for an official statement [17:47] Not tor specifically, but it's fair to assume a similar stance would be taken http://support.arpnetworks.com/kb/main/do-you-allow-irc-traffic [17:47] (I think it's been covered here in IRC before too [17:47] ) [17:48] heh [17:49] fair enough - their house their rules [17:49] Oh imagine that, I asked that question a couple years back http://irclogger.arpnetworks.com/irclogger_log/arpnetworks?date=2013-12-28,Sat&sel=475#l471 [17:50] here was the reply chrismsnz http://irclogger.arpnetworks.com/irclogger_log/arpnetworks?date=2013-12-29,Sun&sel=2#l-2 [17:50] oh i saw the question, did not see the reply [17:50] pretty ruthless on the old banhammer it seems [17:51] ARP provides a service, but will take no legal risk on you *shrug* [17:51] To be fair, that's relatively consistent among hosting providers [17:51] chris: well it tends to invite ddos's etc. [17:51] and can hvae legal ramifications [17:51] a lot of people abuse tor nodes. [17:52] chrismsnz: what everyone is saying is right [17:52] i mean it's a nice idea for anonymising, but as it happens currently it's mostly people doing illegal etc stuff. [17:52] Not to mention even the automated DMCA senders hit the exit nodes, and then someone from $host has to figure out who's responsible, or take on the legal burden of ignoring the notice. [17:53] i tried using tor once, it was so slow [17:53] mercutio: if only there were some more exit nodes :D [17:53] chris heh [17:53] well, i would take precautions to limit the amount of abuse but it is unreasonable to expect that no strangeness would ever occur [17:54] unless someone with a lot of money is going to set about to setup lots of exit nodes on their own and encourage everyone to use it i can't see it changing. [17:54] seems like a really bad idea [17:54] a few exit nodes here and there won't really fix the problem [17:55] up_the_irons: thanks [17:55] chrismsnz: we've had customers run exit nodes successfully, as well as VPN services, but the responsibility is really all on you. And if, for example, you get a $10 VPS and I get one complaint, it's hardly even worth it for me. [17:55] up_the_irons: would the result of an abuse complaint due to tor traffic result in a nuked server or permanent ban of my account [17:55] oh it would be a $150/mo dedi [17:56] it somewhat concerns me even more, since a dedi can handle a lot more exit traffic, and thus, far greater chances of illegitimate traffic. [17:57] the limiting factor would be my data cap provision, i expect [17:57] why not just get a $50 dedi at Hetzner, or OVH, i'm sure they don't even care ;) [17:57] i suspect ovh is where most of them are. [17:58] up_the_irons: i was pretty keen to move some personal stuff to a new provider and was looking for openbsd support [17:58] apparently hostgator supprot exit nodes [17:58] chrismsnz: I'd be uncomfortable with 10TB of tor exit traffic, to be honest [17:58] as well as an exit node [17:59] up_the_irons: :O i did not expect that! [17:59] https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs [17:59] there's a list here. [17:59] chrismsnz: well, you came to the right place for openbsd support :) [17:59] i hadn't checked your plans was just my budget [18:00] chrismsnz: ah ok [18:00] up_the_irons: yeah so basically im looking for a host but don't want all my other legit stuff burned down if someone get snooty about a mean comment left via tor and subs a complaint [18:00] i will probably keep them seperated >_< [18:00] yeah keep 'em separated. [18:01] As Tor themselves recommend ;) [18:01] chrismsnz: ya know, in general, if you want to host personal services and then also do somewhat "questionable" services, I'd recommend just use two different providers [18:02] thanks guys [18:02] no problem! [18:02] oh wow you're in nz :) [18:02] yessir [18:04] well if you can get ufb, you could just run your own tor exit node from home? :) [18:06] well i have 200/200 tubes [18:06] cool. [18:06] i did consider [18:06] but residential isp's probably going to be more trigger happy than the grizzled old colo owners [18:07] :D [18:07] interesting. [18:07] i'd be more concerned about legal ramifications. [18:07] that too [18:08] it's kind of crazy how fast internet in new zealand got [18:08] it was only 5 years ago that it was hard to get 10 megabit [18:08] and there's no easy way to segregate the tor stuff from my home netwokr too - unlike a multi homed box out on the net [18:08] chrismsnz: hey, who you callin' grizzled old colo owners ;) [18:08] i heard snap do /29s for $5 [18:08] yeah absolutely [18:09] so you could have diff ip at least. [18:09] up_the_irons: i'm abuse@ for my companies netblock... we're pentesters [18:09] i know the feels :) [18:09] ;) [20:34] chrismsnz: curious, what do you think about things like cybrary> [20:36] jpalmer: never heard of it o_O [20:37] up_the_irons: gotta love a host with values, morals, ethics RE: [20:56] <@up_the_irons> chrismsnz: I'd be uncomfortable with 10TB of tor exit traffic, to be honest [20:41] hmm, is that a criticism? if so I feel it's unfairly made [20:41] (of up_the_irons, that is) [20:47] chrismsnz: it was intended as a compliment [20:47] :-) [21:07] mercutio: whats a good way to determine how many upstream ISPs my ISP is using? [21:07] bgp.he.net [21:07] although it still wouldn't be conclusive [21:07] it'll underreport rather than overreport though [21:08] what asn is your isp? [21:10] Origin AS: 5645 [21:10] eww cogent :) [21:10] few mtr seem to point to level3 and hel.net [21:10] he.net [21:10] cogent? [21:11] yeah, tata, he.net, level3, cogent, tinet, [21:11] i dunno some of these [21:11] seems to hvae a lot of level3 though [21:11] but mostly he.net for ipv6 [21:12] they dont provide ipv6 to me [21:12] they might not be doing ipv6 to customers yet [21:12] gtt also [21:13] whats a good ip hosted by cogent? [21:13] my forward route to a random ip is via he.net from here [21:13] tinet = gtt [21:13] c.root-servers.net? [21:13] i'm trying to remember [21:14] cogent has a lg [21:14] www.cogentco.com ? [21:14] it's not on cdn [21:15] trace to this ip is the only one using cogent upstream: 38.9.52.2 [21:15] from the few I tested [21:16] that uses cogent for me [21:17] do cogent and he not peer with each other? [21:18] http://bgp.he.net/AS174#_graph6 [21:18] oh c.root-servers.net was cogent too [21:19] weirdly for me i have level3 -> cogent for that route [21:19] other cogent routes is going to cogent directly [21:21] he.net and cogent do not peer IPv6. Not sure about v4 [21:21] yeah i was looking at v6 for some reason [21:21] not only do they not peer, they do not have reachability either between each other [21:22] you sure? [21:22] pretty sure [21:22] Ipv6 internet is fragmented [21:22] when it comes to cogent and he.net [21:22] http://www.cogentco.com/en/network/looking-glass [21:23] https://lg.he.net/ [21:23] quick test will show [21:23] yeh i see [21:23] i just did the same [21:23] from cogent [21:23] why does dns work? :) [21:23] pretty sad state of affairs [21:24] you mean the ipv6 address of c.root? [21:24] lg.he.net [21:24] can be resolved by cogent [21:24] probably v4 lookup? [21:24] oh that'll be v4 [21:24] yeh [21:25] so who's fault is it? [21:25] cogent wants he.net to pay for IPv6 transit [21:25] but he.net has heaps of ipv6 [21:25] he.net has a global dual stack backbone and is ready to pper [21:25] peer [21:26] so it's cogents fault [21:26] cogent wants to be an ipv6 tier1 and wants he.net not to have that same status [21:26] yea - cogents fault [21:26] they're both tier 2 [21:26] striving to be ipv6 leaders [21:28] http://bgp.he.net/country/US [21:28] too bad you cant sort by column [21:28] nevermind [21:28] you can [21:29] yeh it's sorted reasonably anyway [21:29] IPv6 isnt mainstream yet, else cogent and he.net would communicate [21:29] this sorting is hell slow [21:30] over 13,000 routes vs under 3000 from cogent [21:30] well he.net has pushed ipv6 hard for YEARS [21:30] basically as a way to get their foot in the door from what i can tell [21:30] like they're not trying to make a lot of money, they're trying to make enough, and get netowrko reach and customers [21:31] source code for that page is like 146,000 lines [21:31] and so it was in their best interests to push v6 [21:31] That's what she said!! [21:31] chrome came up with the wait/kill thing [21:31] i've heard that cogent and he.net are cheap if you want > 1 gigabit [21:32] compared to other providers [21:32] would you say you get what you pay for [21:32] in terms of quality [21:32] well i used to hate he.net [21:32] certainly for cogent [21:32] but i haven't seen any major issues since the new york flooding [21:32] where he.net had terrible packet loss between US/EU [21:32] but the thing is it was inw orld news [21:33] and it wasn't unreachable, just severely degraded. [21:33] i think he.net as part of a mix isn't too bad [21:33] I need someone to come up with a more efficient way to manage chrome tabs [21:33] or if you want to do cheap high bandwidth stuff [21:33] i use windows+tabs [21:34] at least it gives a bit more order [21:34] but yeah i struggle [21:34] do you mean separate chrome windows? [21:34] yes [21:34] as well as tabs [21:34] or some kind of addon [21:34] ahh [21:34] so you can have 8 windows with 8 tabs [21:34] and it's easier to find things [21:34] cos you group things together a bit [21:34] i hardly use any plugins [21:35] i'm loving ublock origin though [21:36] I currently have 73 tabs open [21:36] +1 for ublock origin [21:40] did you count? [21:40] i dunno how many i have open, and i don't want to have to count them :) [21:40] I installed toomanytabs [21:40] ahh [21:40] an addon that aims to manage your tabs [21:40] i probably have more than that [21:41] i'm guessing [21:41] lets you search between them, provides previews etc [21:41] i close them every now and then [21:41] but i like being able to go bakc and see what i've been looking at [21:41] I sometimes declare bankrupcy and close them all [21:41] so i've got a window open about this he.net/cogent thing [21:41] actually i have two, one of them was more about cogent vs he.net in the end though [21:42] are you a tarsnap user? [21:42] nope [21:42] hmm i still have window open about ram :) [21:42] i'm trying to decide if i should get 3x8gb of 6x4gb for my server [21:43] upgradeability is nice to have [21:43] yeh you pay for it though [21:43] go from 24 to 48 in the future [21:43] is it ddr3? [21:43] and you can in theory have 9 sticks [21:43] yeh [21:44] ddr3 registered [21:44] it's e5620 cpu, so it only does 1066 mhz [21:44] what OS do you plan on running [21:44] linux [21:44] Xen Vms? [21:45] nah kvm [21:46] yeah 48gb may be nice sometime [21:46] http://www.ebay.com/itm/Lot-of-3-KTH-PL313-8G-KINGSTON-24GB-3x8GB-DDR3-REG-ECC-MEMORY-w-Heatsink-/252116820487?hash=item3ab3556207 [21:46] watching this atm [21:47] there's a lot of ddr2 fbdimms on ebay now [21:48] do you have any bids on there yet? [21:48] not yet [21:48] i prefer to bid late ;) [21:48] on ebay lots of people bid in the last couple of seconds though [21:48] I prefer buy it now sales [21:48] yeh so do i [21:49] but it's like $90 or so that way [21:50] i suppose it's not that bad [21:50] i could just get 6x8 from the get go too [21:53] what motherboard did you go with? [21:53] it's hp ml330 g6 [21:53] came with mbd, cpu, ram etc. [21:53] for like $80 NZ [21:53] mercutio: mnathani_ : bgp.he.net, as well as other ASN reporting services, tend to be really off (under report) [21:54] up_the_irons: yeh it underreports rather than over at least. [21:54] yeah [21:54] up_the_irons: is there something better to get an idea though? [21:54] mercutio: not sure [21:54] fire up looking glass? [21:54] mnathani_: you'd nede a looking glass that showed your providers routes though [21:54] yeah [21:54] once it gets to another provider you don't get to see all the providers [22:04] http://pastebin.ca/3196103 [22:05] that shows 3356,6453,3257,6939,174 [22:05] not sure which providers those are other than level3 he.net and cogent [22:05] hm, that prefix is originating from savvis (3561) [22:06] 3356 is level3 i think [22:06] 6453 is tata [22:07] 3257 is gtt/tinet/etc. [23:35] lol I just noticed the SeaBIOS compile host string, mercutio ;) [23:35] oh i have a fixed version of that actually [23:35] it just hasn't been pushed [23:36] i mean it's only cosmetic.