InHisName | mr bacon is missing: http://imgur.com/gallery/s7m9R | 00:40 |
---|---|---|
TheEvilPhoenix | heh | 00:43 |
anduril | InHisName was just me trying to win karma on reddit :-p | 01:09 |
=== TheEvilPhoenix is now known as Resistance | ||
beta0x64 | woot | 06:21 |
beta0x64 | hello | 06:21 |
beta0x64 | ls | 06:36 |
beta0x64 | woops :( | 06:36 |
JonathanD | Morning | 09:28 |
rmg51 | morning JonathanD | 09:56 |
JonathanD | hey rmg51 | 09:59 |
rmg51 | o/ | 10:20 |
InHisName | good morning now that we are all back together a 2nd time | 11:17 |
JonathanD | indeed. | 11:17 |
JonathanD | InHisName: why did you break freenode. | 11:17 |
InHisName | I just was trying out a new hacker tool, I din't realize it was gonna DOooo something......... | 11:21 |
SamuraiAlba | Good bacon to all! | 11:33 |
InHisName | mr bacon came and went already and I couln't send him the bucket o' bacon | 13:33 |
ChinnoDog | om nom bucket 'o bacon | 13:48 |
=== paulproteus_ is now known as paulproteus | ||
InHisName | I'm dabbling around with iptables and NAT trying to connect outside to 192.168.101.163:80 anyone have suggestions. All that I tried haven't made a diff yet. | 17:38 |
InHisName | I'm seeing a default web page from my astlinux box I want the other to respond not this one. The astlinux box is where the iptables are used. | 17:40 |
ChinnoDog | Where is "outside"? | 17:41 |
InHisName | wild wild internet | 17:43 |
ChinnoDog | You can't route to a private IP range across the internet because the internet routers will block it | 17:47 |
rhpot1991 | you would need to route it at the router | 17:52 |
rhpot1991 | if you have access to it | 17:52 |
rhpot1991 | think firewall | 17:52 |
Resistance | ^ | 17:58 |
InHisName | after experimenting with several iptable items, I needed one FORWARD and one PREROUTING item to get page to play from hidemyass proxy. Now I have a simple page up at that web site playing off one of my machines instead of a host web site. | 18:28 |
jthan | jedijf: meeting tomorrow night? I have a potential "new contributor" to the team that would like to see what we're all about here on irc :-p | 18:35 |
jthan | He saw we have meetings, but didn't know if they were a real thing | 18:35 |
InHisName | I have lotta usb logging into /var/log/messages -- how do I find where logs coming from so I can decide if I want to turn it off ? | 19:47 |
InHisName | seems this is set to 'yes' -- zcat /proc/config.gz | grep USB_STORAGE_DEBUG | 19:51 |
InHisName | zcat /proc/config.gz | grep USB_DEBUG | 19:53 |
InHisName | that one not set | 19:53 |
InHisName | http://pastebin.com/HJphhm89 | 20:28 |
InHisName | I found errors in /var/log/messages back in early morning hours. | 20:29 |
InHisName | Errors on ports that 'shields-UP!' reports as stealthed. | 20:29 |
InHisName | Can someone interpret these lines into something meaning ful ? | 20:30 |
InHisName | the logging above in in dmesg some sort of 'ring logging' Things fall off pretty quick due to all the USB logging. | 20:31 |
InHisName | s/in in/is in/ | 20:32 |
ssweeny | InHisName, someone is trying a dictionary attack on your server | 20:32 |
InHisName | those ports 35739 and so on are all tested as 'stealthed' by shields up! How is someone hooking into a stealthed port ? | 20:34 |
InHisName | Or is that HIS IP and port numbers ? | 20:35 |
ssweeny | InHisName, that's the remote port | 20:35 |
InHisName | Oh now makes more sense. Is there clue which of my ports they are trying to punch on ? | 20:36 |
ssweeny | InHisName, my guess would be 22 | 20:36 |
jthan | InHisName: just use shorewall and lock up your ports.. use pubkey auth for your ssh | 20:36 |
ssweeny | InHisName, that's the standard ssh port | 20:36 |
InHisName | Yes, I noticed I had left it 'open' a few days ago and forgot about it. It is closed now. | 20:37 |
jedijf | switch port | 20:38 |
jthan | You could always use 443 | 20:38 |
jthan | 52500 | 20:38 |
InHisName | I am playing with web server on internal machine and connecting to port 80. What can these .ru folks try to do in that port. | 20:39 |
InHisName | You all saying to use 443 or 52500 in place of 80 ? | 20:39 |
jedijf | leave it open; the F opyum team needs something to do | 20:39 |
ssweeny | if you change the port they'll have a harder time finding it | 20:39 |
InHisName | It might be tough on anyone who wanted to browse to that website if they did not know to postfix :52500 on end. | 20:41 |
ssweeny | right | 20:41 |
ssweeny | but if you're just playing with your own you can put it wherever you want | 20:41 |
MutantTurkey | why does he need all of this? | 20:42 |
MutantTurkey | j/w? | 20:42 |
jedijf | InHisName: mainly 22 | 20:42 |
InHisName | But for next few weeks where no one will be browsing yet, sounds like at least good enough temporailly. | 20:42 |
jedijf | let them hammer your 80 | 20:42 |
MutantTurkey | InHisName: intruders? | 20:42 |
MutantTurkey | just set a good password for ssh, lockout after 3 attempts. | 20:42 |
MutantTurkey | thats all. | 20:42 |
InHisName | aparently so. I left 22 open for a few days. No one was getting in only 2 users and really goofy passwords. | 20:43 |
jedijf | InHisName: and no root login | 20:43 |
jedijf | sshd.config | 20:43 |
jthan | yeah | 20:43 |
MutantTurkey | vim that baby! | 20:43 |
Resistance | sshd_config :/ | 20:43 |
MutantTurkey | vim is 20 years old? | 20:43 |
MutantTurkey | jeez | 20:43 |
jthan | search for permitrootlogin | 20:43 |
InHisName | that machine does have a root. Not ubuntu | 20:44 |
jedijf | for ssh you don't wnat to allow root login | 20:44 |
jedijf | root@inhisname.com would be a disaster | 20:45 |
InHisName | its all closed up now. Now I've opened up port 80, should I change it to big port #? | 20:46 |
jedijf | InHisName: just change it(ssh) | 20:46 |
InHisName | ssh is closed 2 hours ago | 20:46 |
Resistance | InHisName: fwiw, i moved my SSH traffic to 63329 | 20:47 |
* Resistance chose a random port :P | 20:47 | |
Resistance | i also use 2222 on occasion | 20:47 |
Resistance | depending on the setup | 20:47 |
InHisName | right now I don't need any ssh traffic from outside | 20:47 |
MutantTurkey | Resistance: not very secure now that we all know your port and IP address... | 20:48 |
Resistance | MutantTurkey: i didnt say its to this system ;P | 20:48 |
MutantTurkey | sure sure | 20:48 |
InHisName | but NO bot logging here so not too awful | 20:48 |
Resistance | MutantTurkey: you cant even be sure that's the correct port ;P | 20:48 |
jedijf | who cares, it's give you log monitor practice | 20:48 |
jedijf | then netstat and see the ircbots they install as crons | 20:49 |
jedijf | and john internally scanning itself | 20:49 |
jedijf | the compromised box | 20:49 |
jedijf | honeyd homework | 20:50 |
InHisName | Ok, now got big numbered port open and 80 closed. | 21:30 |
jedijf | InHisName: 80's not the problem, 22 was | 21:31 |
InHisName | I said a couple times that 22 got closed up and was asking about 80 and what to expect from that being open. I close it about 4 hours ago now. | 21:33 |
InHisName | how come when I do 'last', I only get one line output. The file grows larger after each login/logout. Still only the first line is shown with last command. | 23:04 |
InHisName | I am running an older linux 2.6.16.12 with busybox doing the last command. | 23:05 |
JonathanD | waltman: new UPS works, holodeck is secure. | 23:12 |
jedijf | InHisName: try last -n5 | 23:17 |
jedijf | for 5 lines(if they exist) man last for more info...-Fad may interest you | 23:18 |
waltman | JonathanD: excellent | 23:20 |
waltman | JonathanD: pleia2 seems to think she's in "Florida" this week, so I guess it's working | 23:21 |
JonathanD | I needed extra power for florida. | 23:21 |
waltman | understandable, what with all that heat down there | 23:25 |
JonathanD | Indeed. | 23:25 |
waltman | and emulating Disney must be tough | 23:26 |
JonathanD | waltman: emulating disney isn't the hard part. | 23:27 |
waltman | oh? | 23:27 |
JonathanD | Getting re-broadcast rights to do so is. | 23:27 |
waltman | it's not technically being broadcast, is it? | 23:27 |
JonathanD | it is, to lots of virtual people. | 23:27 |
JonathanD | Besides, the media companies think you should pay for broadcast licenses if animals can hear your music. | 23:28 |
waltman | oh, you mean that *you're* Disney? | 23:28 |
waltman | When my cousins went down there last month, that was YOU? | 23:28 |
JonathanD | There is no disney. ONly my basement. | 23:28 |
waltman | impressive! | 23:28 |
JonathanD | it's all a myth. | 23:28 |
waltman | That explains a LOT | 23:28 |
JonathanD | This is why it's always so crowded there. | 23:29 |
waltman | it explains the mouse motif | 23:29 |
JonathanD | I don't like mice. | 23:29 |
waltman | exactly! | 23:29 |
JonathanD | I haven't seen one (outside a pet store) in quite a while. | 23:29 |
JonathanD | Last time I saw one was I think at my parents house, when in high school... | 23:30 |
JonathanD | I shot it :/ | 23:30 |
waltman | yow | 23:30 |
waltman | ! | 23:30 |
JonathanD | oh wait | 23:30 |
JonathanD | last time was the mouse + snake? | 23:30 |
waltman | outside doesn't count | 23:30 |
waltman | that's NATURE | 23:30 |
JonathanD | https://secure.flickr.com/photos/47445571@N07/5041763415/in/photostream | 23:31 |
waltman | cute mouse + big scary snake | 23:31 |
JonathanD | https://secure.flickr.com/photos/47445571@N07/5041763249/in/photostream RAWR I AM DEATH SNAKE! | 23:31 |
waltman | at some point I figured out what kind of snake that was, but now I forget | 23:32 |
JonathanD | I recall | 23:33 |
JonathanD | waltman: apparently one that likes mice, though. | 23:33 |
waltman | many snakes like mice, no? | 23:37 |
waltman | I think I'd decided it was an Eastern Rat Snake | 23:39 |
JonathanD | it must have been confused | 23:39 |
JonathanD | as that isn't a rat. | 23:39 |
waltman | bah, no. | 23:40 |
waltman | eastern milk snake | 23:40 |
JonathanD | that isn't a milk eihter. | 23:40 |
waltman | wikipedia says they got the name because they're often found near barns | 23:42 |
waltman | of course, it's not a barn, either | 23:42 |
pleia2 | it's actually not been very hot, so I don't think it's working very well | 23:46 |
JonathanD | hmmmm | 23:46 |
JonathanD | pleia2: isn't it supposed to be 20F above the norm wherever you travel? | 23:47 |
waltman | pleia2: the sizing algorithm for the parrots seems a little off, too | 23:47 |
pleia2 | haha | 23:47 |
* pleia2 lurks in conference hallways | 23:48 | |
pleia2 | there is a lot of yuengling here, it's weird | 23:49 |
pleia2 | clearly I'm in PA | 23:49 |
JonathanD | pleia2: beer is hard to simulate. | 23:50 |
pleia2 | yeah | 23:50 |
JonathanD | Much easier to just use local stuff. | 23:50 |
waltman | JonathanD: Perhaps this explains why they switched to synthehol in the next gen series | 23:52 |
waltman | I'm beat today. I probably should've skipped Central. | 23:57 |
pleia2 | I should have skipped that beer | 23:59 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!