| --- | Log | opened Tue Jul 22 00:00:49 2008 |
| 00:02 | <det> | Fremont wins for me in latency and B/W, too bad none are available :-) |
| 00:02 | <StevenK> | Wasn't that Linode 64? :-) |
| 00:03 | <StevenK> | det: Pick the second best, add a ticket to migrate to Fremont when one comes available? |
| 00:03 | <det> | Yeah, I think I'll do that |
| 00:03 | -!- | Syn- [~joer@c-76-117-55-239.hsd1.pa.comcast.net] has quit [Ping timeout: 480 seconds] |
| 00:03 | <det> | Is migration manual? |
| 00:04 | <StevenK> | Ish |
| 00:04 | <StevenK> | Linode staff set up the migration, and when you're ready, you shut down your Linode and hit the migrate button |
| 00:04 | <det> | Oh, sounds easy. |
| 00:05 | <det> | I guess all that needs to be done is configure IP address and DNS and they do that? |
| 00:05 | -!- | hfb [~hfb@cpe-76-87-161-213.socal.res.rr.com] has joined #linode |
| 00:05 | <StevenK> | If you leave your Linode getting IP from DHCP, even that doesn't have to change |
| 00:05 | <Peng_> | But yes, your IP will change. You'll have to update DNS. |
| 00:06 | <Peng_> | StevenK: I heard one person had a Linode32. |
| 00:06 | <StevenK> | Still? :-) |
| 00:07 | -!- | ryan8403_laptop [~ryan8403_@cpe-24-29-17-230.cinci.res.rr.com] has joined #linode |
| 00:08 | -!- | Syn- [~joer@c-76-117-55-239.hsd1.pa.comcast.net] has joined #linode |
| 00:12 | <exor674> | I want a Linode1 <_< |
| 00:13 | <StevenK> | That can be arranged. |
| 00:13 | <StevenK> | You can set the amount of RAM your Linode gets ... |
| 00:13 | <exor674> | haha right :D |
| 00:13 | <exor674> | not sure what would WORK in 1MB of ram |
| 00:13 | <Peng_> | How much disk space did Linode64s get? |
| 00:13 | <Peng_> | Or the 32? |
| 00:14 | <bd_> | StevenK: The kernel doesn't fit in 1MB |
| 00:15 | <Hobbsee> | Peng_: 1gb. |
| 00:15 | <Hobbsee> | with 25gb bandwidth / month. |
| 00:15 | <exor674> | I totally want to make a Linux box with 1MB of RAM |
| 00:15 | <Hobbsee> | and you could buy in increments of 16mb for extra ram, per month. |
| 00:18 | <Peng_> | Heh, now it's increments of 90 MB. |
| 00:20 | -!- | robg [~robg@c-76-28-24-86.hsd1.ct.comcast.net] has quit [Quit: Bye!] |
| 00:27 | -!- | r3z`` [~r3z@c-68-58-96-186.hsd1.in.comcast.net] has joined #linode |
| 00:27 | -!- | r3z` [~r3z@c-68-58-96-186.hsd1.in.comcast.net] has quit [Read error: Connection reset by peer] |
| 00:30 | -!- | qwe [~d5164189@webuser.linode.com] has joined #linode |
| 00:32 | <internat> | man those boxes were awsome. |
| 00:32 | <internat> | that was how you learned to tweak stuff :P |
| 00:37 | <charlie> | det: migration is really easy, you don't do anything except request it and hit the migrate button like StevenK said |
| 00:37 | <charlie> | exor674: you could probably use ucLinux for that |
| 00:37 | <charlie> | *uClinux |
| 00:39 | -!- | ^GaveUp^ [gaveup@your.friendly.neighborhood.hellmouth.info] has quit [Ping timeout: 480 seconds] |
| 00:43 | -!- | ninjaPo [~41b632d8@webuser.linode.com] has joined #linode |
| 00:45 | <ninjaPo> | hi... can someone help me get mod_rewrite working? i installed it and restarted apache but the command "sudo apache2ctl -l" does not list mod_rewrite as a compiled module |
| 00:45 | <StevenK> | sudo a2enmod rewrite ? |
| 00:46 | <ninjaPo> | StevenK: that returns "This module is already enabled!" (good news, i assume) |
| 00:46 | -!- | MrRx7 [~MrRx7@dpc674448253.direcpc.com] has joined #linode |
| 00:46 | <StevenK> | ninjaPo: Then you should be able to use mod_rewrite |
| 00:47 | <StevenK> | ninjaPo: Rewrite isn't compiled in, it's a loadable module |
| 00:47 | <ninjaPo> | StevenK: it seems to be working okay now; i guess it just took a few minutes to "come alive" |
| 00:47 | <ninjaPo> | StevenK: Thanks for the info |
| 00:47 | <StevenK> | ninjaPo: No trouble |
| 00:48 | <MrRx7> | Looks like linode is retiring some the of dallas hosts ? |
| 00:49 | -!- | ninjaPo [~41b632d8@webuser.linode.com] has quit [Remote host closed the connection] |
| 00:49 | <bd_> | MrRx7: hm? |
| 00:52 | <MrRx7> | I got a ticket email that they started a trasfer of my linode off dallas 73 |
| 00:53 | <MrRx7> | apperently its being retired |
| 00:53 | <exor674> | isn't dallas 73 t he one that's missing RAM? |
| 00:53 | * | bd_ looks at the forums |
| 00:54 | <bd_> | http://www.linode.com/forums/viewtopic.php?t=3370 <-- could be |
| 00:59 | <MrRx7> | thats over a week old :) |
| 00:59 | <bd_> | MrRx7: well, it wasn't urgent - it's just that they lost a few gb of RAM somehow |
| 00:59 | -!- | Nigel [~njones@whio.nigelj.com] has quit [Server closed connection] |
| 01:00 | <bd_> | they migrated people off until everything was booting properly right away, and I guess they're getting ready to try to actually fix it |
| 01:00 | -!- | ryan8403_laptop [~ryan8403_@cpe-24-29-17-230.cinci.res.rr.com] has quit [Ping timeout: 480 seconds] |
| 01:02 | <SelfishMan> | Did I miss anything good? |
| 01:02 | <tjfontaine> | everything |
| 01:03 | <StevenK> | Haha |
| 01:03 | <SelfishMan> | figures |
| 01:03 | <Peng_> | Apparently the *chans are DDoSing each other. |
| 01:04 | <SelfishMan> | eh? |
| 01:04 | <SeishinMoon> | LAWL |
| 01:04 | <MrRx7> | meh, migrated fine :) |
| 01:04 | <MrRx7> | 20minutes for the entire linode... not bad for a downtime |
| 01:04 | <Peng_> | Ppor dallas73. |
| 01:04 | <StevenK> | Indeed. |
| 01:04 | <MrRx7> | none of my memberbase noticed :D |
| 01:04 | <SelfishMan> | *chans? |
| 01:05 | <Peng_> | SelfishMan: 4chan, et al |
| 01:05 | <SelfishMan> | Ah. |
| 01:06 | <SelfishMan> | Was that the source of the issue 12 hours ago? |
| 01:06 | <Peng_> | There was an issue 12 hours ago? |
| 01:06 | <SelfishMan> | Well, 10-11 hours ago in dallas. 800Mbit DDoS |
| 01:06 | <tjfontaine> | 4chan? |
| 01:07 | <Peng_> | SelfishMan: Wow. |
| 01:07 | <Peng_> | Well, it didn't interrupt my SSH connection. |
| 01:07 | <tjfontaine> | depended on your host |
| 01:08 | <Peng_> | Oh. |
| 01:08 | <SelfishMan> | It was strange. I have two nodes in Dallas and one was completely unreachable on both the private and public IP and the other was just fine |
| 01:08 | <tjfontaine> | well to be more accurate what switch your host was plugged into |
| 01:08 | <SelfishMan> | Sure. Blame the switch. Everyone always does. |
| 01:08 | <StevenK> | Haha |
| 01:09 | <SelfishMan> | Those switches work hard to make sure your packets get to where they are going. It could be a jerk every now and then and send it out the wrong port but it is better than that. It does it's job unless you lie to it. |
| 01:09 | <SelfishMan> | But you just had to blame the switch. |
| 01:09 | <tjfontaine> | why's it always gotta be a switch thing |
| 01:09 | <SelfishMan> | Switches UNITE! |
| 01:09 | <@mikegrb> | lolz |
| 01:09 | <SelfishMan> | lol |
| 01:10 | <SelfishMan> | I blame the boots on the cables |
| 01:10 | <StevenK> | Cables can choke you, you know ... |
| 01:10 | <@mikegrb> | lolz |
| 01:10 | <SelfishMan> | lol |
| 01:10 | <StevenK> | And cables are vindictive. Tripping people over and everything |
| 01:15 | -!- | mattt [~mattt@lnx1.wateringcan.ca] has quit [Server closed connection] |
| 01:16 | -!- | mattt [~mattt@lnx1.wateringcan.ca] has joined #linode |
| 01:22 | -!- | Bryanstein [~Bryanstei@24-217-194-153.dhcp.stls.mo.charter.com] has quit [Ping timeout: 480 seconds] |
| 01:27 | <MrRx7> | heh, I ripped the entire backplain of a server out once becuase I triped and grabbed onto a vga cable |
| 01:27 | <MrRx7> | suprizingly enough to server kept running, long enough to trasfer all the data off it :D |
| 01:27 | -!- | jblack [~jblack@pool-72-79-176-12.sctnpa.east.verizon.net] has quit [Quit: Lost terminal] |
| 01:30 | <@mikegrb> | lolz |
| 01:30 | <internat> | lol |
| 01:31 | <internat> | bet some people werent happy at you for that one |
| 01:32 | <internat> | i was wondering why i had a fair bit of lag 12hrs ago. and why my monitoring stuff went ape shit at me. |
| 01:32 | <internat> | was the target a linoder? or someone in dallas in general? |
| 01:33 | <StevenK> | I always what happens when you rip a card out of a running machine. |
| 01:33 | <SelfishMan> | Yep. 12 hours ago was crap because MrRx7 ripped out a server backplane |
| 01:33 | <StevenK> | I'm not game enough to try it with my own hardware. |
| 01:33 | <bd_> | dallas in general wouldn't hit linode's upstream links |
| 01:33 | <SelfishMan> | A node in Linode was the target I think |
| 01:33 | <internat> | thats unfortunate, |
| 01:34 | <SelfishMan> | TP was fine. I have other equipment down there and it was just fine. Only within Linode was there any problems that I could see. |
| 01:34 | <SelfishMan> | Less than 5 minutes and they had it dealt with |
| 01:34 | <internat> | u sure about that? |
| 01:34 | <SelfishMan> | yep |
| 01:34 | <internat> | my emails say it had issues for about 40 minutes.. but then ive deleted them so i cant reference that. |
| 01:35 | <SelfishMan> | There was talk of level3 acting strange before that |
| 01:37 | <MrRx7> | @internat: Actually they all died laughing, the server was one of our "admin crap" storage servers. |
| 01:37 | <internat> | ah thats not too bad then :) |
| 01:37 | <internat> | atleast it wasnt a customer facing server :) |
| 01:37 | -!- | Nigel [~njones@moa.nigelj.com] has joined #linode |
| 01:38 | <MrRx7> | heh, it actually used to be the main DNS server |
| 01:38 | <MrRx7> | but the week before I had migrated it to vmware |
| 01:44 | <MrGeneral> | caker, u there? |
| 01:52 | -!- | JDLSpeedy [~joe@fl-69-34-4-219.sta.embarqhsd.net] has quit [Ping timeout: 480 seconds] |
| 02:01 | -!- | JDLSpeedy [~joe@fl-69-34-4-219.sta.embarqhsd.net] has joined #linode |
| 02:12 | -!- | jblack [~jblack@pool-72-79-176-12.sctnpa.east.verizon.net] has joined #linode |
| 02:13 | -!- | MrRx7 [~MrRx7@dpc674448253.direcpc.com] has quit [Quit: MrRx7] |
| 02:18 | <jblack> | Oh man, the difference between 75ms and 32ms makes _all_ the difference in the world. |
| 02:19 | <SelfishMan> | It can. Depends on what you are doing. |
| 02:19 | <jblack> | ssh with a large key. |
| 02:20 | <SelfishMan> | yep. That will do it |
| 02:37 | <jblack> | I also suspect that I'm on a box that has nicer neighbors |
| 02:38 | <jackc> | anyone had issues compiling iptables in gentoo on their vps? |
| 02:38 | <jackc> | mine just failed |
| 02:44 | <jblack> | Does destroying a linode erase all data, or should I wipe the filesystem clean first? |
| 02:46 | -!- | kupesoft [~dave@CPE004314674170-CM0018c0c44e76.cpe.net.cable.rogers.com] has quit [Remote host closed the connection] |
| 02:56 | <jackc> | newark1 is flapping from my perspective... anyone else? |
| 02:56 | <StevenK> | jblack: I suspect destroying the linode will destroy the disk image. |
| 02:57 | <jblack> | Yeah. I'm sure the disk image gets destroyed. THat doesn't mean the blocks get zeroed. I played it safe by removing everything important and writing a big pile of 0s. |
| 02:57 | <SelfishMan> | jackc: Solid from here, dallas71 and newark8 for me |
| 02:57 | <jackc> | k thanks |
| 03:00 | -!- | Schroeder [1000@kntpin04-nas-02-s153.cinergycom.net] has quit [Ping timeout: 480 seconds] |
| 03:01 | <Peng_> | I believe the CIA recommends overwriting everything 7 times. |
| 03:02 | <SelfishMan> | That implies you have full control over the hardware |
| 03:03 | <jblack> | I don't have anything that requires that level of security. If someone wants to take linode's drives and run them through magnetoscopes in order to get my ssh server key, then they can have it. |
| 03:04 | -!- | RiverRat [me@97-112-151-147.clsp.qwest.net] has quit [Ping timeout: 480 seconds] |
| 03:04 | <jblack> | However, someone getting my blog entries by using "unformatted", they can kiss off. ;) |
| 03:07 | <Peng_> | I never thought of that before. |
| 03:07 | <Peng_> | I wonder if I could find anything in my disk image? |
| 03:08 | <Peng_> | How are disk images stored? If they're just files, can they jump around the disk a bit, giving users access to areas previously occupied by other people? |
| 03:08 | <SelfishMan> | They should just be files |
| 03:09 | <Hobbsee> | carrier pidgeon droppings. |
| 03:13 | -!- | RiverRat [me@97-112-146-172.clsp.qwest.net] has joined #linode |
| 03:15 | -!- | Invitado [~Invitado@200.121.132.185] has joined #linode |
| 03:15 | <Invitado> | hola |
| 03:16 | <Invitado> | soy nuevo en linux y quisiera que alguien me ayuda so bre una duda porfa |
| 03:20 | <Invitado> | somebody please helpme with linux |
| 03:22 | -!- | getsmart [~getsmart@88-149-230-143.dynamic.ngi.it] has joined #linode |
| 03:23 | <tozz> | generic question of the day |
| 03:23 | -!- | RiverRat [me@97-112-146-172.clsp.qwest.net] has quit [Ping timeout: 480 seconds] |
| 03:24 | <SelfishMan> | Well, this is a Linux node support channel |
| 03:24 | <tozz> | I thought this was Linode support channel |
| 03:25 | <SelfishMan> | Linode = Linux Node |
| 03:25 | -!- | jblack [~jblack@pool-72-79-176-12.sctnpa.east.verizon.net] has quit [Ping timeout: 480 seconds] |
| 03:26 | -!- | det [~chris@ip68-108-105-23.lv.lv.cox.net] has quit [Remote host closed the connection] |
| 03:26 | <Invitado> | alguien que hable español y me quiera ayudar con linux |
| 03:32 | -!- | Invitado [~Invitado@200.121.132.185] has quit [Quit: Invitado] |
| 03:32 | -!- | RiverRat [me@75-173-253-32.clsp.qwest.net] has joined #linode |
| 03:35 | -!- | getsmart [~getsmart@88-149-230-143.dynamic.ngi.it] has quit [Ping timeout: 480 seconds] |
| 03:36 | <tozz> | SelfishMan: you're missing the point :) |
| 03:41 | -!- | rsd [~c636cae2@webuser.linode.com] has joined #linode |
| 03:42 | -!- | det [~chris@ip68-108-105-23.lv.lv.cox.net] has joined #linode |
| 03:51 | -!- | Eman is now known as Guest703 |
| 03:51 | -!- | Eman [OHGODHOW@dyn216-8-131-233.ADSL.mnsi.net] has joined #linode |
| 03:52 | <elzapp> | j #blug |
| 03:52 | <elzapp> | err |
| 03:52 | <elzapp> | sorry |
| 03:53 | <rsd> | mental node... don't upload php bindings for the linode api with your api key still in the file :P |
| 03:53 | <rsd> | and by upload i mean publish...too early in the mornign |
| 03:53 | <rsd> | arh |
| 03:56 | -!- | Guest703 [OHGODHOW@dyn216-8-172-31.ADSL.mnsi.net] has quit [Ping timeout: 480 seconds] |
| 04:03 | -!- | digx [~rick@c-76-109-201-140.hsd1.fl.comcast.net] has joined #linode |
| 04:22 | -!- | RiverRat [me@75-173-253-32.clsp.qwest.net] has quit [Ping timeout: 480 seconds] |
| 04:50 | -!- | erikh [~erikh@hollensbe.org] has quit [Server closed connection] |
| 04:51 | -!- | erikh [~erikh@hollensbe.org] has joined #linode |
| 04:55 | -!- | digx [~rick@c-76-109-201-140.hsd1.fl.comcast.net] has left #linode [] |
| 05:25 | * | Peng_ yawns. |
| 05:27 | -!- | r3z` [~r3z@c-68-58-96-186.hsd1.in.comcast.net] has joined #linode |
| 05:27 | -!- | r3z`` [~r3z@c-68-58-96-186.hsd1.in.comcast.net] has quit [Read error: Connection reset by peer] |
| 05:30 | -!- | qwe [~d5164189@webuser.linode.com] has quit [Remote host closed the connection] |
| 05:43 | -!- | getsmart [~getsmart@88-149-241-182.dynamic.ngi.it] has joined #linode |
| 05:46 | <@jadoba> | yawn... |
| 05:48 | -!- | getsmart [~getsmart@88-149-241-182.dynamic.ngi.it] has quit [Quit: Ex-Chat] |
| 06:01 | <Peng_> | Good morning. |
| 06:09 | -!- | Beirdo [~gjhurlbu@beirdo.user.oftc.net] has quit [Server closed connection] |
| 06:31 | -!- | spasmfac_ [~spasm@r220-101-68-180.cpe.unwired.net.au] has quit [Ping timeout: 480 seconds] |
| 06:44 | -!- | Oejet [~user@243-128.5-85.cust.bluewin.ch] has joined #linode |
| 06:45 | <jvaughan> | n\ |
| 06:53 | -!- | TofuMatt [~TofuMatt@hlfxns0163w-142068210090.pppoe-dynamic.ns.aliant.net] has quit [Quit: ^D] |
| 07:00 | -!- | binel_ [~h00s@78-0-242-17.adsl.net.t-com.hr] has joined #linode |
| 07:01 | -!- | pointer [~pointer@aj.catt.com] has quit [Server closed connection] |
| 07:01 | -!- | pointer [~pointer@aj.catt.com] has joined #linode |
| 07:06 | -!- | ondrej [~ondra@ip4-83-240-41-73.cust.nbox.cz] has joined #linode |
| 07:06 | -!- | binel [~h00s@78-0-234-218.adsl.net.t-com.hr] has quit [Ping timeout: 480 seconds] |
| 07:08 | -!- | JDLSpeedy [~joe@fl-69-34-4-219.sta.embarqhsd.net] has quit [Ping timeout: 480 seconds] |
| 07:17 | <MrGeneral> | hii |
| 07:18 | -!- | JDLSpeedy [~joe@fl-69-34-4-219.sta.embarqhsd.net] has joined #linode |
| 07:24 | -!- | coyled [~coyled@frog.knifejaw.com] has left #linode [] |
| 07:50 | -!- | Ravsi [~chatzilla@pool-71-108-183-109.lsanca.dsl-w.verizon.net] has quit [Quit: ChatZilla 0.9.83 [Firefox 3.0.1/2008070208]] |
| 07:56 | -!- | Tallo [~meer@rigel.nutomix.com] has joined #linode |
| 08:04 | -!- | TheFirst [gaveup@your.friendly.neighborhood.hellmouth.info] has joined #linode |
| 08:07 | <BubbleWrap> | morning |
| 08:12 | -!- | TimothyA2 [~TimothyA@200.26.228.226] has joined #linode |
| 08:12 | <TimothyA2> | is it normal to have over 400 unclosed connections from ams.nl ? |
| 08:13 | <Dave> | not really |
| 08:13 | <encode> | it could be. i doubt it though |
| 08:14 | <internat> | i cant imagine its a good thing. |
| 08:14 | <Dave> | encode: get your shell thing working yesterday? |
| 08:15 | <TimothyA2> | how do i enforce it to ban this specific IP? |
| 08:15 | <TimothyA2> | from ever reaching my linode at all |
| 08:15 | -!- | xitology [~xi@golovko1.donbass.com] has joined #linode |
| 08:16 | <encode> | Dave: umm, haven't done anymore work on it |
| 08:16 | <encode> | for now, users can deal with not being able to change their password |
| 08:16 | <Dave> | encode: I think you should use my idea of changing their shell to /usr/bin/passwd :) |
| 08:17 | <internat> | we did that at work. |
| 08:17 | <internat> | had a shitty system that users logged in to it via their unix creds, but never actually logged into the unix box |
| 08:17 | <internat> | that was the only way we could allow them to change there pw. |
| 08:18 | <encode> | their* |
| 08:18 | <Peng_> | TimothyA2: You can firewall it, of course, but traffic from it will still hit your server; it'll just be discarded very quickly. |
| 08:19 | <encode> | Dave: I'll try it - how hard could it be? </rhetorical question> |
| 08:19 | <Dave> | encode: I checked it out yesterday, it does work |
| 08:21 | <TimothyA2> | Peng_; doesn't a linode have that built-in to start with? |
| 08:22 | <Dave> | TimothyA2: no, you need to configure it yourself |
| 08:22 | <TimothyA2> | oh |
| 08:22 | <TimothyA2> | any utilities that come with debian from start? |
| 08:23 | <Peng_> | Define "built-in". It won't magically know you want to block the IP; you'd have to configure *something*, if only "ufw block from 1.2.3.4". |
| 08:23 | <Peng_> | TimothyA2: No, but there are lots you can install. |
| 08:23 | <TimothyA2> | oh |
| 08:23 | <TimothyA2> | which one do you recommend?\ |
| 08:23 | <Dave> | google for iptables |
| 08:23 | <Peng_> | Well, netfilter is part of the kernel, but I think you'd have to install iptables or some other tool to manage it. |
| 08:24 | <Peng_> | iptables is the official way to manage netfilter, but there are other programs out there to make the whole process much easier. |
| 08:24 | <TimothyA2> | fail2ban ? |
| 08:24 | <Peng_> | TimothyA2: That's not what fail2ban is for. |
| 08:25 | -!- | TheFirst [gaveup@your.friendly.neighborhood.hellmouth.info] has quit [Ping timeout: 480 seconds] |
| 08:25 | <Peng_> | TimothyA2: It's used to automatically block some kinds of abusive IPs (with iptables). |
| 08:25 | <TimothyA2> | it's for automagically observe and ban offending IP's, right? :x |
| 08:25 | <TimothyA2> | ;>.> |
| 08:26 | <encode> | not automagically |
| 08:27 | <encode> | it monitors logs with regular expressions |
| 08:27 | <TimothyA2> | k |
| 08:27 | <TimothyA2> | aha |
| 08:27 | <encode> | if ams.nl is just connecting to a service, theres nothing it can do to stop it |
| 08:27 | <TimothyA2> | is having a lot of "STREAM CONNECTED" in netstat a bad thing? |
| 08:27 | <encode> | SpaceHobo: it can do other things besides ssh, like sasl, apache, etc |
| 08:28 | <encode> | TimothyA2: is shutting down the nic a possiblity? |
| 08:28 | <TimothyA2> | no |
| 08:28 | <TimothyA2> | it would kick me out too :P |
| 08:28 | <encode> | thats what lish is for |
| 08:30 | <TimothyA2> | how will lish connect to an disconnected linode? |
| 08:30 | <Peng_> | TimothyA2: lish basically uses the serial port, not networking. You SSH into your *host*, and it connects to your Linode internally. |
| 08:31 | <Peng_> | (It isn't using a virtual serial port or something, but it's the same idea.) |
| 08:34 | <TimothyA2> | ah |
| 08:41 | -!- | DeepInTheFire [~pyromance@fireinthedeep.net] has joined #linode |
| 08:42 | <Peng_> | Blah, 213.41.77.74 (or some other IPs in that netblock) have been regularly port scanning me a little bit. |
| 08:42 | <Peng_> | But I don't think they actually try any of the ports (such as 80 or 8080) where I'm running anything. |
| 08:49 | -!- | mendel [rats@76-10-159-31.dsl.teksavvy.com] has quit [Quit: Leaving.] |
| 08:54 | -!- | rsd [~c636cae2@webuser.linode.com] has quit [Remote host closed the connection] |
| 08:58 | -!- | rsd [~c636cac3@webuser.linode.com] has joined #linode |
| 08:58 | -!- | rsd [~c636cac3@webuser.linode.com] has quit [Remote host closed the connection] |
| 09:00 | -!- | kupesoft [~dave@CPE004314674170-CM0018c0c44e76.cpe.net.cable.rogers.com] has joined #linode |
| 09:07 | -!- | daMaestro [~jon@content.beatport.com] has joined #linode |
| 09:15 | * | MrGeneral entidades para tirar cursos profissionais, em q se receba por volta do ordenado minimo? cursos de equivalencia ao 12º?<- respondam ai q voces sao bue cultos |
| 09:16 | <exor674> | ? |
| 09:16 | <Dave> | sorry, I dont speak foreign |
| 09:17 | <Peng_> | Heh, that's a good way to put it. |
| 09:18 | -!- | rsd [~c636cad6@webuser.linode.com] has joined #linode |
| 09:20 | <exor674> | does anyone here have any idea if you can "mess with" the software on a Linksys WRT100? |
| 09:20 | <Nivex> | I ran it through Google translate. Looks spammy |
| 09:21 | -!- | hfb [~hfb@cpe-76-87-161-213.socal.res.rr.com] has quit [Quit: Leaving] |
| 09:21 | <exor674> | I have a really weird setup I'm stuck with, and I don't really want to set up something with a hard dtive as a router again |
| 09:22 | -!- | digx [~rick@c-76-109-201-140.hsd1.fl.comcast.net] has joined #linode |
| 09:23 | -!- | MrRx7 [~Owner@dpc674448253.direcpc.com] has joined #linode |
| 09:24 | <MrRx7> | altanta under attack again? |
| 09:24 | <@caker> | looks fine here. What does traceroute/mtr say? |
| 09:25 | <MrRx7> | running, just a sec |
| 09:26 | <MrRx7> | linode to linode, it dies at atl-core-3-gi4-4 |
| 09:27 | <MrRx7> | personal to linode its 101.sub-66-174-38.myvzw.com |
| 09:27 | <MrRx7> | hops 7 and 16 respectively |
| 09:28 | <@caker> | is your node blocking icmp? |
| 09:28 | <@caker> | your IP comes up in a browser, but doesn't ping |
| 09:28 | <MrRx7> | it blocks echo, but not traces |
| 09:28 | <MrRx7> | just was just a hicup |
| 09:29 | <@mikegrb> | lolz |
| 09:29 | <MrRx7> | on a side note however, lol |
| 09:29 | <@mikegrb> | lolz |
| 09:29 | <MrRx7> | according to the linode manager, the linode I'm ssh'd into is shutdown lol |
| 09:31 | -!- | jm [~fake@c-76-113-194-7.hsd1.mn.comcast.net] has joined #linode |
| 09:32 | <MrRx7> | apperently I broke nagios :-x |
| 09:36 | <zeroday> | can grep do multiline matches? e.g. <text>....\n.....</text> |
| 09:38 | -!- | digx [~rick@c-76-109-201-140.hsd1.fl.comcast.net] has quit [Quit: digx] |
| 09:53 | -!- | lakin [~lakin@S01060013101832cd.cg.shawcable.net] has joined #linode |
| 10:01 | <zeroday> | anyone use mod_gnutls? |
| 10:01 | -!- | Oejet [~user@243-128.5-85.cust.bluewin.ch] has quit [Read error: Connection reset by peer] |
| 10:02 | <zeroday> | trying ssl with multiple vhosts doesnt work |
| 10:03 | <path-> | hah |
| 10:04 | <path-> | coffee maker on ups |
| 10:04 | <path-> | load goes from 50% to 80% |
| 10:04 | -!- | Schroeder [1000@kntpin04-nas-02-s254.cinergycom.net] has joined #linode |
| 10:04 | <path-> | i need to find another power strip for non-ups stuff |
| 10:04 | <@mikegrb> | but at least it is a purely resistive load! |
| 10:05 | <path-> | my office has one outlet |
| 10:05 | <@mikegrb> | ur mom has 3 |
| 10:05 | * | mikegrb runs |
| 10:05 | <path-> | and then when we got rid of some equipment, i kept the old ups hooked up.. 6000kva |
| 10:06 | <path-> | so we connected my office and two cubes to it |
| 10:06 | <@mikegrb> | mmm |
| 10:06 | <path-> | ghetto |
| 10:06 | <@jadoba> | buy a power strip and plug the UPS into it |
| 10:06 | <path-> | it's 208V |
| 10:06 | <path-> | heh |
| 10:06 | <path-> | and it's in the other room |
| 10:07 | <@jadoba> | do you have a restroom? |
| 10:07 | <path-> | you know it's hard to find 12 guage extension cords |
| 10:07 | <path-> | no |
| 10:07 | <path-> | well down the hall |
| 10:07 | <path-> | :) |
| 10:08 | <path-> | this is all pretty ridiculous |
| 10:09 | <path-> | i should plug the coffee maker into a wall outlet, but i'd need another extension cord.. not that this has become a fire hazzard yet, but it's a waste of electric |
| 10:10 | <@mikegrb> | on the sub, the coffee pot in maneuvering was on the emergency power circuit |
| 10:10 | <path-> | i just need to move it somewhere else |
| 10:10 | <path-> | you were on a sub? |
| 10:10 | * | mikegrb must now kill you |
| 10:10 | <@mikegrb> | I've said too much |
| 10:10 | <path-> | that'd be neat.. |
| 10:11 | <path-> | well, that is enough justification for me.. if the navy puts coffee on emergency power, then we should too! |
| 10:11 | <@mikegrb> | if you are in to walking sideways and hearing nothing but constant loud roar of really large mechanical stuffs |
| 10:11 | <path-> | and being away from civilization for extended periods of time.. |
| 10:13 | -!- | mendel [~rich@TOROON12-1279379717.sdsl.bell.ca] has joined #linode |
| 10:15 | -!- | shauber [~c0f92f08@webuser.linode.com] has joined #linode |
| 10:17 | -!- | Oejet [~user@243-128.5-85.cust.bluewin.ch] has joined #linode |
| 10:18 | <sungo> | mikegrb: sounds like most large datacenters I've worked in. |
| 10:19 | <sungo> | mikegrb: at one point in my life, I was spending so much time on the dc floor that I couldn't sleep without massive white noise. |
| 10:19 | <sungo> | it was ... pathetic. |
| 10:21 | <@mikegrb> | nah this was ear plugs + ear muffs required |
| 10:21 | <@mikegrb> | but only when NAVOSH is around (OSHA for navy) |
| 10:21 | <@mikegrb> | as a result /me is half deaf |
| 10:21 | <path-> | apparently the state has exempted themself from osha |
| 10:24 | <rsd> | do i get a cookie for writing a php wrapper for the api? |
| 10:24 | <@mikegrb> | rsd: every body that goes to linode.com is welcome to partake in cookies |
| 10:24 | <rsd> | eeexcellent |
| 10:26 | -!- | sveiss [~sveiss@2001:470:1f09:2a4:21b:63ff:fe1b:abd3] has quit [Ping timeout: 480 seconds] |
| 10:28 | -!- | r3z`` [~r3z@c-68-58-96-186.hsd1.in.comcast.net] has joined #linode |
| 10:29 | <path-> | on a side note, some of us from work went to something where APC was trying to sell some crap |
| 10:30 | <path-> | the engineers were telling us that ups's in general work most efficiently when they are under a load |
| 10:31 | <@mikegrb> | yes |
| 10:31 | <@mikegrb> | yes well it depends on the type |
| 10:32 | <path-> | battery type? |
| 10:33 | <@mikegrb> | nah, the other bits |
| 10:33 | <@mikegrb> | the electronics |
| 10:33 | <path-> | oh |
| 10:34 | <@mikegrb> | there are a few general categories of ups all of the big ones operate the same general way |
| 10:34 | <@mikegrb> | consumer grade has some variation |
| 10:34 | * | Peng_ pats his consumer-grade UPS. |
| 10:34 | -!- | r3z` [~r3z@c-68-58-96-186.hsd1.in.comcast.net] has quit [Ping timeout: 480 seconds] |
| 10:35 | <path-> | our servers are all on 3000kva APCs, but the one we're using for our offices is an old powerware ups |
| 10:35 | <jetlag> | If I didn't use a UPS for, say, 9 months, would it still work? |
| 10:35 | <path-> | the cool thing about it is that you can upgrade from 3000 to 6000 by adding a battery module |
| 10:36 | <path-> | so we had two powerware's and one of the electronics modules blew |
| 10:36 | <jetlag> | I think I killed my battery then :( |
| 10:36 | <path-> | so we got two sets of new batteries and used the good one |
| 10:37 | <path-> | it is recommended to replace batteries every three years |
| 10:37 | <jetlag> | I put in a replacement battery and didn't think to leave it disconnected until I needed it |
| 10:40 | <jetlag> | guess I should have plugged it in somewhere then? |
| 10:40 | <DeepInTheFire> | jetlag: the battery should be fine the sealed lead acids are pretty resilient but it might need a good charge before you can put any real load on it |
| 10:41 | <jetlag> | The UPS says it has a full charge and less than 2 minutes of run-time. |
| 10:42 | <jetlag> | path-: You have a 3million va APC? How big is that? |
| 10:43 | -!- | cdlu [~cdlu@cdlu.ombudsman.oftc.net] has quit [Server closed connection] |
| 10:43 | -!- | cdlu [~cdlu@ottawa-hs-64-26-156-90.s-ip.magma.ca] has joined #linode |
| 10:44 | <path-> | uhhh |
| 10:44 | <path-> | no |
| 10:44 | <path-> | oh yea |
| 10:44 | <path-> | heh |
| 10:45 | -!- | ryan8403_laptop [~ryan8403_@NW-ESR1-74-215-114-165.fuse.net] has joined #linode |
| 10:45 | <path-> | smart-ups 3000 |
| 10:45 | <path-> | the old ones were 3U, but the new ones are 2U |
| 10:45 | <path-> | the old powerware one is floor standing |
| 10:45 | <path-> | i would love to get rid of all that crap and get something for the entire room |
| 10:46 | -!- | joejaxx [joejaxx@core.joejaxx.net] has quit [Quit: leaving] |
| 10:47 | <@linbot> | New news from forums: ns1.linode.com down for 4 hours? in General Discussion <http://www.linode.com/forums/viewtopic.php?t=3397>; |
| 10:47 | <Peng_> | Nice. |
| 10:51 | -!- | Darxus [~darxus@panic.chaosreigns.com] has joined #linode |
| 10:54 | -!- | ryan8403_laptop [~ryan8403_@NW-ESR1-74-215-114-165.fuse.net] has left #linode [] |
| 10:55 | -!- | webPragmatist [~cleblanc@adsl-99-148-164-47.dsl.rcsntx.sbcglobal.net] has joined #linode |
| 10:56 | <Darxus> | Is there a linode kernel corresponding to the ubuntu kernel vulnerability announcement 7 days ago? http://www.ubuntu.com/usn/usn-625-1 |
| 10:59 | <Peng_> | Yow. |
| 10:59 | <cruxeternus> | You want a kernel that's vulnerable? :) |
| 11:06 | <BubbleWrap> | Ubuntu <3 |
| 11:07 | <Darxus> | SpaceHobo: I know. |
| 11:07 | <Darxus> | I didn't do a great job of asking the question. The current linode 2.6 kernel isn't vulnerable? |
| 11:12 | -!- | row [row@who.br0ke.me.uk] has quit [] |
| 11:13 | -!- | shauber [~c0f92f08@webuser.linode.com] has quit [Remote host closed the connection] |
| 11:13 | -!- | TimothyA2 [~TimothyA@200.26.228.226] has quit [Ping timeout: 480 seconds] |
| 11:14 | <BubbleWrap> | :S |
| 11:17 | -!- | row [row@who.br0ke.me.uk] has joined #linode |
| 11:18 | <Dave> | BubbleWrap: I thought you hated ubuntu? |
| 11:18 | <BubbleWrap> | Dave: iunno |
| 11:18 | <BubbleWrap> | it grows on you? |
| 11:18 | <Dave> | Darxus: linode compiles their own special kernels |
| 11:19 | <Darxus> | Dave: I know. |
| 11:19 | <Dave> | so any ubuntu specific kernel problems wont occur :) |
| 11:20 | <Dave> | plus, the kernel I'm running isnt listed in their list of kernels, although Im probably not on the latest |
| 11:21 | <JasonF> | e |
| 11:24 | <Peng_> | Those vulnerabilities don't sound like tehy'd be Ubuntu-specific. |
| 11:24 | * | Peng_ wanders off. |
| 11:24 | <Dave> | Peng_: I chose not to read that link for no good reason! |
| 11:26 | <Darxus> | It is interesting that they don't list 2.6.23. |
| 11:28 | <Darxus> | 2.6.23.17-linode43 is linode's Latest 2.6. |
| 11:30 | <bd_> | Darxus: >2.6.18 is still beta-y |
| 11:31 | <tjfontaine> | that's a UML kernel |
| 11:31 | <bd_> | oh |
| 11:33 | -!- | al [~al@cpe-24-24-239-238.socal.res.rr.com] has quit [Ping timeout: 480 seconds] |
| 11:38 | <Darxus> | "The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service...." |
| 11:39 | <Darxus> | So... no linode staff in the channel at the moment? |
| 11:40 | -!- | noops [~noops@c-24-60-25-225.hsd1.ma.comcast.net] has joined #linode |
| 11:48 | <anderiv> | Darxus: they're in the channel (the channel ops are all staff members), they're just away or not paying attention ATM. |
| 11:48 | -!- | bliblok [~bjornar@ti500720a080-8908.bb.online.no] has joined #linode |
| 11:50 | <Darxus> | Yeah, I think I'm going to open a ticket to upgrade to 2.6.25. |
| 11:50 | <tjfontaine> | caker was going to do a uml kernel refresh recently, dunno if was able to |
| 11:51 | <Darxus> | (Or otherwise verify that relevant vulnerabilities have been patched.) |
| 11:55 | <noops> | Does anyone know if the DNS nameservers have been patched? |
| 11:56 | <noops> | 207.192.69.4, 207.192.69.5, etc |
| 11:58 | <Nivex> | don't appear to have been... |
| 11:59 | <Nivex> | stby for pbin |
| 11:59 | <bd_> | those are owned by the DC I think :/ |
| 11:59 | <bd_> | hmm |
| 11:59 | <Nivex> | http://pastebin.com/m5213814a |
| 11:59 | <Nivex> | looks like I install bind9 in my linode after lunch |
| 12:01 | <bd_> | 192.168.133.104 <-- my (patched) bind, for those on the newark private net |
| 12:02 | -!- | lakin_ [~lakin@S01060030ab12b2fb.cg.shawcable.net] has joined #linode |
| 12:03 | <noops> | Hrm...Guess I'll switch to opendns |
| 12:03 | <path-> | 207.192.69.4, 207.192.69.5 have members.linode.com hostnames |
| 12:03 | -!- | lakin_ [~lakin@S01060030ab12b2fb.cg.shawcable.net] has quit [] |
| 12:04 | <@caker> | I shall fix. |
| 12:04 | <Battousai> | should've been fixed a month ago |
| 12:04 | <Battousai> | i demand credit |
| 12:04 | <path-> | har |
| 12:04 | <@jadoba> | Battousai: thanks for pointing that out |
| 12:04 | <Battousai> | someone could use that to hack my car |
| 12:05 | <path-> | if that caused your site to be down, you've got something wrong with your site\ |
| 12:05 | -!- | lakin [~lakin@S01060013101832cd.cg.shawcable.net] has quit [Ping timeout: 480 seconds] |
| 12:05 | <Battousai> | site? |
| 12:05 | <path-> | linode.. whatever |
| 12:05 | <Battousai> | it caused my slightly legal torrents to go down or something |
| 12:06 | -!- | xitology [~xi@golovko1.donbass.com] has quit [Quit: Ex-Chat] |
| 12:07 | <@caker> | done. |
| 12:08 | <Battousai> | i was just kidding about the credit btw |
| 12:08 | <@jadoba> | Battousai: i gave you credit |
| 12:09 | <Battousai> | heh |
| 12:09 | <@jadoba> | 12:04 <@jadoba> Battousai: thanks for pointing that out |
| 12:09 | <@jadoba> | ^^^ |
| 12:09 | <path-> | negative credit? |
| 12:09 | <@jadoba> | no, it is affirmative credit. the verbal kind |
| 12:09 | <path-> | oh, i c |
| 12:09 | <Battousai> | i better give it to Nivex |
| 12:10 | <Darxus> | caker: Is a 2.6 upgrade due, before I open a ticket about it? |
| 12:11 | <Darxus> | Linux kernel. |
| 12:11 | -!- | alnr [~weechat@e4ward.com] has quit [Server closed connection] |
| 12:11 | <@jadoba> | Darxus: ltnc |
| 12:12 | -!- | alnr [~weechat@e4ward.com] has joined #linode |
| 12:12 | <Darxus> | jadoba: Yeah I usually only come in here to complain, which doesn't happen much :) |
| 12:12 | <@jadoba> | glad that i don't see you that often then! |
| 12:12 | * | jadoba ducks |
| 12:13 | <bd_> | for those who haven't read slashdot - the DNS vulnerability has leaked |
| 12:13 | <straterra> | z0mg |
| 12:13 | <bd_> | it'd be nice if the linode recursive resolvers were patched ;) |
| 12:14 | <@jadoba> | Darxus: seriously though, if you want to open a ticket go ahead. we'll update it when the next kernel becomes available |
| 12:14 | <straterra> | z0mg my leet dns will be hax0red |
| 12:14 | <Darxus> | jadoba: ..It is available. |
| 12:14 | <@jadoba> | Darxus: i meant we'll update teh ticket when the next linode kernel becomes available :) |
| 12:14 | <Darxus> | Ohh, okay :) |
| 12:14 | <bd_> | oh, maybe they are patched now... hmm |
| 12:16 | <Darxus> | It would be nice if the damn linux kernel changelog listed the CVEs it fixed. |
| 12:16 | <noops> | bd_: that's what I came in here to find out |
| 12:16 | <bd_> | noops: host -t txt porttest.dns-oarc.net server-to-test |
| 12:17 | <Darxus> | Cute. |
| 12:17 | <bd_> | Darxus: linus doesn't like to do that; it makes it too easy to grep for the patch that fixes it (and therefore, demonstrates exactly what the vulnerability was) |
| 12:17 | <bd_> | He doesn't want to participate in embargoes, but doesn't want to make things trivial to find, you see |
| 12:17 | <Darxus> | Then Linus is a pain in the ass :P |
| 12:18 | <bd_> | possibly :P |
| 12:18 | <@caker> | that was a fun read on LKML |
| 12:18 | <bd_> | http://kerneltrap.org/Linux/Security_Bugs_and_Full_Disclosure |
| 12:18 | <@caker> | Darxus: I still need to read up on the ipsec thing |
| 12:18 | <@caker> | I'll do that this afternoon |
| 12:18 | <bd_> | caker: you may find this interesting (re: the upcoming NAS thing) http://kerneltrap.org/Linux/Security_Bugs_and_Full_Disclosure |
| 12:19 | <bd_> | errr |
| 12:19 | <bd_> | wrong link |
| 12:19 | <bd_> | http://kerneltrap.org/DragonFlyBSD/2.0_HAMMER_Filesystem |
| 12:19 | <bd_> | there |
| 12:19 | <noops> | bd_ oh nice thanks for that =) |
| 12:19 | <@caker> | yes .. I followed that a while ago .. I'll check it out, thanks |
| 12:19 | -!- | pbryan [~pbryan@209.52.48.162] has joined #linode |
| 12:19 | <bd_> | I don't know if it's production ready yet, but it sounds shiny |
| 12:19 | -!- | lakin [~lakin@S01060013101832cd.cg.shawcable.net] has joined #linode |
| 12:20 | <Darxus> | I opened a ticket! :P |
| 12:20 | <SelfishMan> | !avail-tp |
| 12:20 | <@linbot> | SelfishMan: Dallas360 - 26, Dallas540 - 7, Dallas720 - 8, Dallas1080 - 0, Dallas1440 - 0, Dallas2880 - 0 |
| 12:20 | <Karrde> | hm, 67.18.92.50 = ns.theshore.net = one of Linode's DNS servers rite? |
| 12:20 | <SelfishMan> | Someone added new hardware! |
| 12:20 | <Darxus> | Oh no! |
| 12:21 | -!- | SelfishMan [~TheSelfis@host-72-175-55-117.lvt-mt.client.bresnan.net] has quit [Quit: SelfishMan] |
| 12:21 | <Darxus> | Aren't all 2.6.x kernel releases security fixes? |
| 12:21 | <bd_> | Karrde: I don't know if it's a recursive resolver |
| 12:21 | <bd_> | but it seems to need a port randomization patch |
| 12:21 | <Darxus> | I'm only running 2.6 because caker told me to :P |
| 12:21 | -!- | robg [~robg@c-24-61-142-198.hsd1.ct.comcast.net] has joined #linode |
| 12:21 | <Karrde> | bd_: yeah. |
| 12:21 | <@caker> | Karrde: yes, it is. And I believe that's the last one I need to update |
| 12:21 | <bd_> | well, I don't know if it's /meant/ to be a recursive resolver :) |
| 12:22 | <Karrde> | heh |
| 12:22 | <bd_> | "67.18.92.50 is POOR: 26 queries in 1.2 seconds from 1 ports with std dev 0.00" |
| 12:22 | -!- | noops [~noops@c-24-60-25-225.hsd1.ma.comcast.net] has quit [Quit: noops] |
| 12:22 | <Karrde> | 4.2.2.1 - 4 are FAIR, and my school's DNS server is GOOD :) |
| 12:22 | <bd_> | roadrunner's still not patched :/ |
| 12:23 | <Karrde> | in other news, I really need to find out how to disable these screen alignment shortcuts on this new Thinkpad. |
| 12:23 | <Karrde> | I try to switch workspaces and my display turns sideways. |
| 12:23 | <bd_> | dig @4.2.2.1 +short porttest.dns-oarc.net txt |
| 12:23 | <bd_> | z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. |
| 12:23 | <bd_> | "209.244.7.40 is GOOD: 50 queries in 150.9 seconds from 50 ports with std dev 15580.64" |
| 12:23 | <bd_> | 150.9 seconds? oO |
| 12:26 | -!- | SelfishMan [~TheSelfis@69.51.75.42] has joined #linode |
| 12:27 | -!- | getsmart [~getsmart@88-149-241-182.dynamic.ngi.it] has joined #linode |
| 12:31 | <Darxus> | What *is* 4.2.2.1? |
| 12:31 | <Darxus> | I've used it a bunch :P |
| 12:32 | <Bdragon> | It's a public dns server |
| 12:33 | <Bdragon> | Or rather |
| 12:33 | <Bdragon> | l3's anycasted dns "server" |
| 12:33 | <Darxus> | Ah. |
| 12:34 | <Bdragon> | So it tries to get a closer location when you use it.. |
| 12:34 | <Darxus> | Will linode do secondary DNS for me yet? |
| 12:35 | <Peng_> | bd_: Thanks for thhat DNS server tester. The only one I knew of was web-based, so I couldn't try it on my Linode. |
| 12:35 | <SelfishMan> | Did you piss them off? |
| 12:36 | <@linbot> | New news from forums: Where is php.ini (ubernub) in Linux, Apache, Mysql and PHP (LAMP) Forum <http://www.linode.com/forums/viewtopic.php?t=3398>; |
| 12:37 | <Peng_> | Oh, yay. It gives me "GOOD" for the servers I get in Dallas (two Linode and two TP). |
| 12:38 | <SelfishMan> | There is a non-web based tester? Linky please? |
| 12:39 | <@jadoba> | Darxus: slave dns? yes |
| 12:39 | <Peng_> | SelfishMan: <bd_> noops: host -t txt porttest.dns-oarc.net server-to-test |
| 12:40 | <Darxus> | jadoba: Oh, cool. |
| 12:40 | <Darxus> | Good :) |
| 12:40 | <SelfishMan> | Oh. That one. I was hoping for something else. |
| 12:40 | <bd_> | such as? |
| 12:40 | -!- | getsmart [~getsmart@88-149-241-182.dynamic.ngi.it] has quit [Quit: Ex-Chat] |
| 12:41 | <SelfishMan> | Something that actually worked on a regular basis |
| 12:42 | <bd_> | what's wrong with porttest.dns-oarc? |
| 12:43 | <SelfishMan> | It was down half the morning |
| 12:43 | <bd_> | oh |
| 12:44 | <SelfishMan> | I might just write something myself. I don't get what the big issue has been since everything was disclosed before. |
| 12:45 | <bd_> | SelfishMan: the main issue is there's no more luck involved |
| 12:45 | <bd_> | say you want to take control of google.com |
| 12:45 | <bd_> | what you do is start querying for (random).com |
| 12:46 | <bd_> | and race with a packet containing a NS for google.com in its additional section |
| 12:46 | <bd_> | or an A record for google.com's nameservers |
| 12:46 | <bd_> | sure, you might not suceed - but you can keep doing this with random .com subdomains until you win |
| 12:46 | <bd_> | and then just make sure the poisoned glue has a very long TTL |
| 12:47 | <SelfishMan> | Yep, that's the problem with UDP and sequential ports. But everyone has been freaking out because Dan never released any details. |
| 12:47 | <SelfishMan> | The thing is, from day one it talked about randomizing the source port and the TXID. Seems to me that is all anyone needs right there. |
| 12:47 | <bd_> | well, the bit about using glue to poison it is what's new, I think |
| 12:48 | <SelfishMan> | I think he was an idiot for trying to hold onto the "big secret" for several months so he could better cash in on it. |
| 12:49 | <SelfishMan> | Because, you know, nobody will ever figure it out themselves. |
| 12:50 | <bd_> | I think it's more an issue of, "Maybe people will actually patch it this time if they have something to fear" |
| 12:50 | <SelfishMan> | True |
| 12:54 | <Nivex> | dang you guys is quick. I go to lunch and two of the three servers are fixed! |
| 12:55 | <Nivex> | I think the third one is not linode's |
| 12:55 | * | Nivex removes |
| 12:57 | <Nivex> | my hat's off to whoever patched them so quick |
| 12:58 | <Battousai> | mikegrb didn't do it |
| 12:58 | <@jadoba> | Nivex: what servers? |
| 12:58 | <Nivex> | 207.192.69.4&5 |
| 12:59 | <Nivex> | (newark's DNS servers) |
| 12:59 | <Battousai> | caker got em |
| 13:02 | -!- | lucca [~lucca@nemu.accela.net] has quit [Ping timeout: 481 seconds] |
| 13:08 | -!- | Netsplit resistance.oftc.net <-> kinetic.oftc.net quits: Karrde, cramer_as8758, weasel, binel_, Tallo, spiki, Clorith |
| 13:09 | -!- | Netsplit over, joins: Tallo |
| 13:09 | -!- | Netsplit over, joins: binel_ |
| 13:09 | -!- | Netsplit over, joins: weasel |
| 13:09 | -!- | Netsplit over, joins: spiki |
| 13:09 | -!- | Netsplit over, joins: Clorith |
| 13:09 | -!- | Netsplit over, joins: cramer_as8758 |
| 13:09 | -!- | Netsplit over, joins: Karrde |
| 13:12 | -!- | MrRx7 [~Owner@dpc674448253.direcpc.com] has left #linode [] |
| 13:13 | <charlie> | is there a slowness for new jersey servers for anyone else, or is it on my end? |
| 13:14 | <SelfishMan> | Well, I'm transferring some stuff to mine at 42KB/s but that is maxing out the 380Kbps uplink I have |
| 13:14 | <SelfishMan> | Otherwise dallas<->newark is working fine for me |
| 13:14 | <jackc> | charlie: NAC is wicket fast from here |
| 13:14 | <charlie> | must be my end |
| 13:15 | <charlie> | *clickety click* *login to router* *disable all traffic aside from my laptops* ;-P |
| 13:19 | -!- | lucca [~lucca@kuu.accela.net] has joined #linode |
| 13:27 | <Karrde> | NAC can max out my fiber - 2.5MB/s |
| 13:29 | -!- | voxadam [~voxadam@ip131.fa1-0-1.occ.iinet.com] has joined #linode |
| 13:32 | <JDLSpeedy> | how can you see if a dns server is patched or not? |
| 13:32 | <Peng_> | JDLSpeedy: <bd_> noops: host -t txt porttest.dns-oarc.net server-to-test |
| 13:33 | <Peng_> | (I should stop highlighting bd_.) |
| 13:33 | <JDLSpeedy> | Peng: o ok |
| 13:33 | <@mikegrb> | lolz |
| 13:33 | <JDLSpeedy> | LOL |
| 13:33 | <Peng_> | JDLSpeedy: Also, http://www.doxpara.com/ is web-based and tests your current DNS server |
| 13:35 | <voxadam> | Do any of the linode data centers support native IPv6? |
| 13:36 | <tierra> | other than using a tunnel broker? no |
| 13:36 | <Dave> | voxadam: yeah, one does, although linode currently doesnt |
| 13:37 | <voxadam> | Hrmph.. |
| 13:37 | <@jadoba> | JDLSpeedy: http://michael.toren.net/code/noclicky/ |
| 13:37 | <avongauss> | fwiw, using HE TunnelBroker you should get near native speeds at Fremont, Dallas and Newark. |
| 13:38 | <avongauss> | Atlanta is about 20 ms away from the NY tunnel broker. |
| 13:39 | <Dave> | my linode in dalas is around 1ms away from its v6 gateway |
| 13:39 | <Dave> | dallas |
| 13:39 | <voxadam> | Thanks Dave. |
| 13:41 | -!- | clochette [~clochette@ANantes-257-1-111-107.w90-25.abo.wanadoo.fr] has joined #linode |
| 13:41 | <Peng_> | Dave: Which one supports native IPv6? HE or NAC? |
| 13:42 | -!- | clochette [~clochette@ANantes-257-1-111-107.w90-25.abo.wanadoo.fr] has quit [autokilled: undesired bot. Mail support@oftc.net with questions (2008-07-22 17:42:07)] |
| 13:42 | <Dave> | Peng_: cant remember |
| 13:42 | <Dave> | HE probably |
| 13:44 | <Karrde> | I was playing with ipv6 but could never get iptables to allow it |
| 13:44 | <Dave> | HE do run tunnelbroker.com |
