[01:14] *** milki_ is now known as milki [06:59] *** d4c4 is now known as DaCa [09:11] nathani: when do you get warmer weather? [11:25] Heads up to anyone that cares: zeit.arpnetworks.com is getting slammed with bursts of 20.000pps [11:25] It can handle it fine, I'm sure, but just so you know and whatnot. [11:27] Surprisingly, from a single IP it looks like (not a DDoS) 207.86.247.66 [11:43] i just got alerted bryce [11:45] heh [11:45] I broke the firewall on it :( emailed support@ [11:45] Didn't know you were up/around, mercutio [11:45] oops [11:45] i did talk a couple of hours earlier :) [11:46] but yeah wasn't watching irc [11:46] iptables is not my native language, what can I say? I'm a pf guy. (I referenced a target that hadn't yet been initialized. Oops) [11:46] mercutio: you might've gone to bed? I don't know what time it is there :p [11:46] i hate iptables :) [11:47] Likewise [11:47] ...does iptables have a syntax checker? like pfctl -n? [11:47] heh it's 8:43 now [11:47] I probably should've checked that before applying [11:47] i use ferm [11:47] which fails everything if something is wrong syntax wise [11:48] mercutio: ah thanks, I'll try and remember that. (You're 9 hours "ahead" of ARP, except it's 21 hours, I know) [11:48] i'm 21 hours ahead actually [11:48] oh right [11:48] i responded too early hah [11:49] i think of being behind by 3 hours, and ahead a day [11:49] heh before you'd read all of what I'd typed [11:49] Yeah that works too. You're "opposite east coast US" [11:49] (but that's just getting confusing if I describe it that way.) [12:05] woo, and it's back online again [12:12] brycec: yeah, ferm is the only way to make iptables tolerable [12:12] i assume most people have at least 3 time servers anyway :) [12:12] if you *just* use ferm, it's actually kinda nice [12:13] i got bitten by bad rules on iptables many years ago [12:13] so i'm pretty apprehensive about scripts that just run through iptables commands [12:14] heh, I use ufw because it's super simple and makes valid rules on its own [12:14] But I needed to write some custom rules... and that's when I got bit [12:17] Don't think it should be necessary [12:18] Was CPU pegged? [12:19] Nope, it had plenty of CPU to handle it. [12:20] But no point in wasting resources when a host is obviously just DoS'ing [12:21] i think it's probably just them trying it on to see if it forwards traffic [12:21] s/forwards/amplifys/ [12:21] i think it's probably just them trying it on to see if it amplifys traffic [12:22] 20kpps over the span of 30+ minutes is more than a probe, I think [12:22] hmm it wasn't sending lots of response though [12:22] idk [12:22] Indeed, our ntpd isn't vulnerable [12:22] They just kept trying [12:23] * brycec would be super-embarrassed as the ntp admin if we were [12:23] i see so many sip probes around [12:23] and a few other things i don't even recognise [12:23] yeah [12:24] when ntp attacks first started there were a few vulnerable people around [12:24] it's kind of disconcerting when there are still vulnerable people though [12:25] (Fun fact: ufw even attempts to do a syntax check, so no idea how it all broke) [13:05] *** mnathani_ has joined #arpnetworks [13:47] mercutio: April through October the average high is in double digits [13:47] June to September are usually warm [19:49] ahh, you seem to have been negative for a while [20:21] anyone else notice ipvfoo chrome extension relocate? [20:22] previously it was just at the end of the address bar, now its more to the right and closer to the corner [22:23] mnathani_: All of Chrome changed things up [22:24] http://www.ghacks.net/2016/03/03/how-to-hide-extension-icons-in-google-chrome/ [22:24] (And I really don't like it.) [23:11] i've been havign heaps of performance issues with chrome recently [23:11] just the other day i had some dialog box that just wouldn't shut [23:11] and i had to kill chrome [23:11] but it's also been lagging out [23:12] none of the new changes seem to improve performance [23:25] *** toeshred has quit IRC (Quit: WeeChat 1.0.1) [23:53] *** toeshred has joined #arpnetworks