#arpnetworks 2015-10-13,Tue

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
***Travis__ has joined #arpnetworks [00:09]
Travis__ has left [00:20]
.............................................................. (idle for 5h6mn)
lyarick has left [05:26]
...................... (idle for 1h48mn)
jcv has quit IRC (Ping timeout: 250 seconds)
jcv has joined #arpnetworks
[07:14]
.......................... (idle for 2h7mn)
carvite has quit IRC (Ping timeout: 250 seconds) [09:25]
......................... (idle for 2h1mn)
carvite has joined #arpnetworks [11:26]
................................ (idle for 2h36mn)
medum has joined #arpnetworks [14:02]
................................ (idle for 2h36mn)
pyvpx has quit IRC (Ping timeout: 240 seconds) [16:38]
..... (idle for 20mn)
pyvpx has joined #arpnetworks [16:58]
......... (idle for 43mn)
chrismsnz has joined #arpnetworks [17:41]
chrismsnzHi guys, I was trying to find an arp networks official position on running Tor exit nodes and thought I would ask here before emailing support [17:43]
mercutioi think it'd be considered network abuse. [17:43]
chrismsnzthat is unfortunate - i'll email support for an official statement [17:44]
brycecNot tor specifically, but it's fair to assume a similar stance would be taken http://support.arpnetworks.com/kb/main/do-you-allow-irc-traffic
(I think it's been covered here in IRC before too
)
[17:47]
chrismsnzheh
fair enough - their house their rules
[17:48]
brycecOh imagine that, I asked that question a couple years back http://irclogger.arpnetworks.com/irclogger_log/arpnetworks?date=2013-12-28,Sat&sel=475#l471
here was the reply chrismsnz http://irclogger.arpnetworks.com/irclogger_log/arpnetworks?date=2013-12-29,Sun&sel=2#l-2
[17:49]
chrismsnzoh i saw the question, did not see the reply
pretty ruthless on the old banhammer it seems
[17:50]
brycecARP provides a service, but will take no legal risk on you *shrug*
To be fair, that's relatively consistent among hosting providers
[17:51]
mercutiochris: well it tends to invite ddos's etc.
and can hvae legal ramifications
a lot of people abuse tor nodes.
[17:51]
up_the_ironschrismsnz: what everyone is saying is right [17:52]
mercutioi mean it's a nice idea for anonymising, but as it happens currently it's mostly people doing illegal etc stuff. [17:52]
brycecNot to mention even the automated DMCA senders hit the exit nodes, and then someone from $host has to figure out who's responsible, or take on the legal burden of ignoring the notice. [17:52]
mercutioi tried using tor once, it was so slow [17:53]
chrismsnzmercutio: if only there were some more exit nodes :D [17:53]
mercutiochris heh [17:53]
chrismsnzwell, i would take precautions to limit the amount of abuse but it is unreasonable to expect that no strangeness would ever occur [17:53]
mercutiounless someone with a lot of money is going to set about to setup lots of exit nodes on their own and encourage everyone to use it i can't see it changing. [17:54]
mjp_seems like a really bad idea [17:54]
mercutioa few exit nodes here and there won't really fix the problem [17:54]
chrismsnzup_the_irons: thanks [17:55]
up_the_ironschrismsnz: we've had customers run exit nodes successfully, as well as VPN services, but the responsibility is really all on you. And if, for example, you get a $10 VPS and I get one complaint, it's hardly even worth it for me. [17:55]
chrismsnzup_the_irons: would the result of an abuse complaint due to tor traffic result in a nuked server or permanent ban of my account
oh it would be a $150/mo dedi
[17:55]
up_the_ironsit somewhat concerns me even more, since a dedi can handle a lot more exit traffic, and thus, far greater chances of illegitimate traffic. [17:56]
chrismsnzthe limiting factor would be my data cap provision, i expect [17:57]
up_the_ironswhy not just get a $50 dedi at Hetzner, or OVH, i'm sure they don't even care ;) [17:57]
mercutioi suspect ovh is where most of them are. [17:57]
chrismsnzup_the_irons: i was pretty keen to move some personal stuff to a new provider and was looking for openbsd support [17:58]
mercutioapparently hostgator supprot exit nodes [17:58]
up_the_ironschrismsnz: I'd be uncomfortable with 10TB of tor exit traffic, to be honest [17:58]
chrismsnzas well as an exit node
up_the_irons: :O i did not expect that!
[17:58]
mercutiohttps://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs
there's a list here.
[17:59]
up_the_ironschrismsnz: well, you came to the right place for openbsd support :) [17:59]
chrismsnzi hadn't checked your plans was just my budget [17:59]
up_the_ironschrismsnz: ah ok [18:00]
chrismsnzup_the_irons: yeah so basically im looking for a host but don't want all my other legit stuff burned down if someone get snooty about a mean comment left via tor and subs a complaint
i will probably keep them seperated >_<
[18:00]
mercutioyeah keep 'em separated. [18:00]
brycecAs Tor themselves recommend ;) [18:01]
up_the_ironschrismsnz: ya know, in general, if you want to host personal services and then also do somewhat "questionable" services, I'd recommend just use two different providers [18:01]
chrismsnzthanks guys [18:02]
up_the_ironsno problem! [18:02]
mercutiooh wow you're in nz :) [18:02]
chrismsnzyessir [18:02]
mercutiowell if you can get ufb, you could just run your own tor exit node from home? :) [18:04]
chrismsnzwell i have 200/200 tubes [18:06]
mercutiocool. [18:06]
chrismsnzi did consider
but residential isp's probably going to be more trigger happy than the grizzled old colo owners
:D
[18:06]
mercutiointeresting.
i'd be more concerned about legal ramifications.
[18:07]
chrismsnzthat too [18:07]
mercutioit's kind of crazy how fast internet in new zealand got
it was only 5 years ago that it was hard to get 10 megabit
[18:08]
chrismsnzand there's no easy way to segregate the tor stuff from my home netwokr too - unlike a multi homed box out on the net [18:08]
up_the_ironschrismsnz: hey, who you callin' grizzled old colo owners ;) [18:08]
mercutioi heard snap do /29s for $5 [18:08]
chrismsnzyeah absolutely [18:08]
mercutioso you could have diff ip at least. [18:09]
chrismsnzup_the_irons: i'm abuse@ for my companies netblock... we're pentesters
i know the feels :)
[18:09]
up_the_irons;) [18:09]
.............................. (idle for 2h25mn)
jpalmerchrismsnz: curious, what do you think about things like cybrary> [20:34]
chrismsnzjpalmer: never heard of it o_O [20:36]
mnathani_up_the_irons: gotta love a host with values, morals, ethics RE: [20:56] <@up_the_irons> chrismsnz: I'd be uncomfortable with 10TB of tor exit traffic, to be honest [20:37]
chrismsnzhmm, is that a criticism? if so I feel it's unfairly made
(of up_the_irons, that is)
[20:41]
mnathani_chrismsnz: it was intended as a compliment
:-)
[20:47]
..... (idle for 20mn)
mercutio: whats a good way to determine how many upstream ISPs my ISP is using? [21:07]
mercutiobgp.he.net
although it still wouldn't be conclusive
it'll underreport rather than overreport though
what asn is your isp?
[21:07]
mnathani_Origin AS: 5645 [21:10]
mercutioeww cogent :) [21:10]
mnathani_few mtr seem to point to level3 and hel.net
he.net
cogent?
[21:10]
mercutioyeah, tata, he.net, level3, cogent, tinet,
i dunno some of these
seems to hvae a lot of level3 though
but mostly he.net for ipv6
[21:11]
mnathani_they dont provide ipv6 to me [21:12]
mercutiothey might not be doing ipv6 to customers yet [21:12]
mnathani_gtt also
whats a good ip hosted by cogent?
[21:12]
mercutiomy forward route to a random ip is via he.net from here
tinet = gtt
[21:13]
meingtslac.root-servers.net? [21:13]
mercutioi'm trying to remember
cogent has a lg
www.cogentco.com ?
it's not on cdn
[21:13]
mnathani_trace to this ip is the only one using cogent upstream: 38.9.52.2
from the few I tested
[21:15]
mercutiothat uses cogent for me
do cogent and he not peer with each other?
http://bgp.he.net/AS174#_graph6
oh c.root-servers.net was cogent too
weirdly for me i have level3 -> cogent for that route
other cogent routes is going to cogent directly
[21:16]
mnathani_he.net and cogent do not peer IPv6. Not sure about v4 [21:21]
mercutioyeah i was looking at v6 for some reason [21:21]
mnathani_not only do they not peer, they do not have reachability either between each other [21:21]
mercutioyou sure? [21:22]
mnathani_pretty sure
Ipv6 internet is fragmented
when it comes to cogent and he.net
http://www.cogentco.com/en/network/looking-glass
https://lg.he.net/
quick test will show
[21:22]
mercutioyeh i see
i just did the same
from cogent
why does dns work? :)
[21:23]
mnathani_pretty sad state of affairs
you mean the ipv6 address of c.root?
[21:23]
mercutiolg.he.net
can be resolved by cogent
[21:24]
mnathani_probably v4 lookup? [21:24]
mercutiooh that'll be v4
yeh
so who's fault is it?
[21:24]
mnathani_cogent wants he.net to pay for IPv6 transit [21:25]
mercutiobut he.net has heaps of ipv6 [21:25]
mnathani_he.net has a global dual stack backbone and is ready to pper
peer
[21:25]
mercutioso it's cogents fault [21:26]
mnathani_cogent wants to be an ipv6 tier1 and wants he.net not to have that same status
yea - cogents fault
[21:26]
mercutiothey're both tier 2 [21:26]
mnathani_striving to be ipv6 leaders [21:26]
mercutiohttp://bgp.he.net/country/US [21:28]
mnathani_too bad you cant sort by column
nevermind
you can
[21:28]
mercutioyeh it's sorted reasonably anyway [21:29]
mnathani_IPv6 isnt mainstream yet, else cogent and he.net would communicate [21:29]
mercutiothis sorting is hell slow [21:29]
mnathani_over 13,000 routes vs under 3000 from cogent [21:30]
mercutiowell he.net has pushed ipv6 hard for YEARS
basically as a way to get their foot in the door from what i can tell
like they're not trying to make a lot of money, they're trying to make enough, and get netowrko reach and customers
[21:30]
mnathani_source code for that page is like 146,000 lines [21:31]
mercutioand so it was in their best interests to push v6 [21:31]
BryceBotThat's what she said!! [21:31]
mercutiochrome came up with the wait/kill thing
i've heard that cogent and he.net are cheap if you want > 1 gigabit
compared to other providers
[21:31]
mnathani_would you say you get what you pay for
in terms of quality
[21:32]
mercutiowell i used to hate he.net [21:32]
mnathani_certainly for cogent [21:32]
mercutiobut i haven't seen any major issues since the new york flooding
where he.net had terrible packet loss between US/EU
but the thing is it was inw orld news
and it wasn't unreachable, just severely degraded.
i think he.net as part of a mix isn't too bad
[21:32]
mnathani_I need someone to come up with a more efficient way to manage chrome tabs [21:33]
mercutioor if you want to do cheap high bandwidth stuff
i use windows+tabs
at least it gives a bit more order
but yeah i struggle
[21:33]
mnathani_do you mean separate chrome windows? [21:34]
mercutioyes
as well as tabs
[21:34]
mnathani_or some kind of addon
ahh
[21:34]
mercutioso you can have 8 windows with 8 tabs
and it's easier to find things
cos you group things together a bit
i hardly use any plugins
i'm loving ublock origin though
[21:34]
mnathani_I currently have 73 tabs open
+1 for ublock origin
[21:36]
mercutiodid you count?
i dunno how many i have open, and i don't want to have to count them :)
[21:40]
mnathani_I installed toomanytabs [21:40]
mercutioahh [21:40]
mnathani_an addon that aims to manage your tabs [21:40]
mercutioi probably have more than that
i'm guessing
[21:40]
mnathani_lets you search between them, provides previews etc [21:41]
mercutioi close them every now and then
but i like being able to go bakc and see what i've been looking at
[21:41]
mnathani_I sometimes declare bankrupcy and close them all [21:41]
mercutioso i've got a window open about this he.net/cogent thing
actually i have two, one of them was more about cogent vs he.net in the end though
[21:41]
mnathani_are you a tarsnap user? [21:42]
mercutionope
hmm i still have window open about ram :)
i'm trying to decide if i should get 3x8gb of 6x4gb for my server
[21:42]
mnathani_upgradeability is nice to have [21:43]
mercutioyeh you pay for it though [21:43]
mnathani_go from 24 to 48 in the future
is it ddr3?
[21:43]
mercutioand you can in theory have 9 sticks
yeh
ddr3 registered
it's e5620 cpu, so it only does 1066 mhz
[21:43]
mnathani_what OS do you plan on running [21:44]
mercutiolinux [21:44]
mnathani_Xen Vms? [21:44]
mercutionah kvm
yeah 48gb may be nice sometime
http://www.ebay.com/itm/Lot-of-3-KTH-PL313-8G-KINGSTON-24GB-3x8GB-DDR3-REG-ECC-MEMORY-w-Heatsink-/252116820487?hash=item3ab3556207

watching this atm
there's a lot of ddr2 fbdimms on ebay now
[21:45]
mnathani_do you have any bids on there yet? [21:48]
mercutionot yet
i prefer to bid late ;)
on ebay lots of people bid in the last couple of seconds though
[21:48]
mnathani_I prefer buy it now sales [21:48]
mercutioyeh so do i
but it's like $90 or so that way
i suppose it's not that bad
i could just get 6x8 from the get go too
[21:48]
mnathani_what motherboard did you go with? [21:53]
mercutioit's hp ml330 g6
came with mbd, cpu, ram etc.
for like $80 NZ
[21:53]
up_the_ironsmercutio: mnathani_ : bgp.he.net, as well as other ASN reporting services, tend to be really off (under report) [21:53]
mercutioup_the_irons: yeh it underreports rather than over at least. [21:54]
up_the_ironsyeah [21:54]
mercutioup_the_irons: is there something better to get an idea though? [21:54]
up_the_ironsmercutio: not sure [21:54]
mnathani_fire up looking glass? [21:54]
mercutiomnathani_: you'd nede a looking glass that showed your providers routes though [21:54]
up_the_ironsyeah [21:54]
mercutioonce it gets to another provider you don't get to see all the providers [21:54]
mnathani_http://pastebin.ca/3196103
that shows 3356,6453,3257,6939,174
not sure which providers those are other than level3 he.net and cogent
[22:04]
meingtslahm, that prefix is originating from savvis (3561) [22:05]
mercutio3356 is level3 i think
6453 is tata
3257 is gtt/tinet/etc.
[22:06]
.................. (idle for 1h28mn)
bryceclol I just noticed the SeaBIOS compile host string, mercutio ;) [23:35]
mercutiooh i have a fixed version of that actually
it just hasn't been pushed
i mean it's only cosmetic.
[23:35]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)