[01:59] <potatoe> Can you recommend a tool that will brute force a given FTP server at least 20-30 times before crashing ? preferably in under 5 minutes, it has to trigger fail2ban
[02:00] <potatoe> apparently running ftp from the command line multiple times is not fast enough
[02:01] <ropetin> THC Hydra?
[02:02] <potatoe> I think my fail2ban is incorrectly setup, I did at least 20 logins in 2 minutes, that should of triggered it, I'll keep looking
[02:50] <qman__> while true; do ftp somehost &; done
[02:50] <qman__> could crash your system
[02:59] <SpamapS> qman__: yes, nie fork bomb
[03:07] <ropetin> Not sure it would trigger fail2ban either, depending I guess on the regex used
[04:35] <Zanzacar> Hi everyone, I wanted to setup a static IP address for my home server.
[04:35] <Zanzacar> http://www.howtogeek.com/howto/ubuntu/change-ubuntu-server-from-dhcp-to-a-static-ip-address/
[04:35] <Zanzacar> That is the site I was following but I had a few quick questions for anyone that is willing to help.
[04:35] <jasef> I'll help if I can, shoot
[04:36] <Zanzacar> 1. What is the netmask I should use? 255.255.255.0 seems normal from what I have seen but was not sure.
[04:36] <jasef> Use whatever netmask your home network uses. Probably 255.255.255.0,
[04:36] <Zanzacar> 2. network is refering to the actual router it is connecting to?
[04:36] <jasef> Are you on 192.168.x.9?
[04:36] <jasef> .x.0*
[04:36] <Zanzacar> 192.168.0.xx
[04:36] <jasef> and no, network is the 'network address' which is the first address, which is unusable
[04:37] <jasef> So for you, you want 192.168.0.0 as the network
[04:37] <Zanzacar> ok so what about broadcast? and gateway?
[04:37] <jasef> broadcast should be 192.168.0.255
[04:37] <jasef> And gateway is the IP of your router
[04:37] <jasef> Which is probably 192.168.0.1
[04:37] <Zanzacar> correct
[04:38] <Zanzacar> wellt hen I guess I will try out everything on that site and if it doesnt work I will have to pull out the monitor
[04:38] <Zanzacar> and keyboard to reset everything haha
[04:38] <jasef> Lol. It's always dangerous to try that :P
[04:38] <Zanzacar> to try and setup a static IP?
[04:38] <jasef> But as long as you have everything from the guide (double check for typos!) it should be fine
[04:38] <Zanzacar> I wish I could just do it with my network
[04:38] <jasef> No, to set new settings that can screw up your networking :P
[04:39] <Zanzacar> o very true haha
[04:39] <jasef> Can't your router give out DHCP reservations?
[04:39] <Zanzacar> I meant router not network
[04:39] <Zanzacar> I dont think so I poked around but count find anything
[04:39] <Zanzacar> couldnt*
[04:40] <jasef> Eh. Some router's don't do it, but that's okay. That config should work. Just make sure you have the auth eth0 line there too or it won't even try to come up
[04:41] <Zanzacar> ya the router is an older linksys router with limited features.
[04:41] <jasef> What IP are you trying to assign it?
[04:41] <Zanzacar> well just something static
[04:42] <jasef> I'd recommend something that the router's DHCP won't normally assign, so that it doesn't conflict with anything in the future.
[04:42] <Zanzacar> it was at 192.168.0.14 for a long time but I was thinking about doing something higher like 68.111.168.2260
[04:42] <jasef> Noooo.
[04:42] <Zanzacar> ip start at .10 and go up from there
[04:42] <jasef> It has to be 192.168.0.x
[04:43] <jasef> Like my network is 192.168.1.0, router gives out .100+, so my server is just .2
[04:43] <jasef> But it MUST match the first 3 groups of numbers (also called octets)
[04:43] <Zanzacar> i see, my ip start at 68.111.168.226, so if I went with something liek .5 then it would work
[04:43] <jasef> ... but... you only have one public IP.
[04:43] <jasef> You have to give it an internal IP address
[04:44] <jasef> Unless you've bought more from your ISP...
[04:44] <jasef> And even then, you would use an internal with NAT to forward the ports, I'd assume.
[04:44] <jasef> Sorry, this laptop kills channels if I accidentally lave it pointed at them
[04:44] <jasef> s/lave/leave/
[04:44] <Zanzacar> I had it set to 192.168.0.14, i forwarded the port so I could SSH in
[04:45] <Zanzacar> i reset the router and then it reset the ip
[04:45] <Zanzacar> so now it is 68.111.168.226
[04:45] <jasef> Your router's external IP is that, right?
[04:45] <jasef> if you type ifconfig on the command line
[04:45] <Zanzacar> which is annoying because now I need to change my router setting, my auto ssh etc etc etc
[04:45] <jasef> What's the IP that shows up?
[04:45] <Zanzacar> 68.111.168.226
[04:46] <jasef> Uhm... what... that shouldn't be possible....
[04:46] <Zanzacar> why is that?
[04:46] <Zanzacar> my router is 192.168.0.1
[04:46] <jasef> Yes
[04:46] <Zanzacar> ip start at 68.111.168.226
[04:46] <jasef> Which means all computers on your network should be 192.168.0.x
[04:47] <Zanzacar> the ip address on my network are
[04:47] <Zanzacar> 68.111.168.226
[04:47] <Zanzacar> 192.168.0.11
[04:47] <jasef> Can you explain what you mean by 'ip start at 68.111.168.226' ?'
[04:47] <Zanzacar> 192.168.0.12
[04:47] <Zanzacar> 192.168.0.13
[04:47] <Zanzacar> .14
[04:47] <Zanzacar> .15
[04:48] <Zanzacar> is that bad?
[04:49] <Zanzacar> thats the output I get from nmap, and also ifconfig/ipconfig etc.
[04:49] <jasef> It's just unusual for you to have an IP like '68.111.168.226' on a local computer
[04:49] <jasef> Unless it's your router's own external address - then that's fine.
[04:50] <jasef> But if your home server is connected to the router just like all the other computers, it should have a local address, unless it's dialing the PPP connection itself.
[04:50] <jasef> Could you please pastebin the output of 'ifconfig' and 'netstat -rn' from the server? I'm just trying to understand what's going on here
[04:51] <jasef> http://paste.ubuntu.com/ or the pastebinit package works pretty nicely
[05:04] <Zanzacar> jasef: Thanks everything worked out perfectly
[05:05] <Zanzacar> jasef: I got my IP setup correctly and everything
[05:05] <jasef> Awesome :)
[05:05] <Zanzacar> wasnt too hard and I didnt have to bust out the monitor and keyboard haha.
[05:05] <Zanzacar> I am off to other things though, just wanted to pop in and say thanks.
[09:34] <goddard> so i go in and try and make it so i can login to my other box via ssh key which was working fine with a password before i changed the config and now all of a sudden it doesn't work i get Read from socket failed: Connection reset by peer
[09:35] <goddard> even trying to connect to the local machine from the same machine results in the same error
[09:35] <goddard> ssh is started
[10:08] <goddard> http://serverfault.com/questions/265244/ssh-client-problem-connection-reset-by-peer
[12:43] <RoyK> heh - Slackware is a free and open source Linux-based operating system. [...] The current stable version is 13.37
[18:37] <keithclark> I've installed Apache and it works fine.  I can verify with http://localhost.  I've installed mysql.  I've installed php, but when I test with a simple phpinfo.php script using http://localhost/phpinfo.php I get a download dialog box.  What am I doing wrong?
[18:39] <keithclark> I am using this page as a reference:  http://blog.sudobits.com/2011/10/28/how-to-install-lamp-apache-mysql-php-on-ubuntu-11-10/
[18:40] <keithclark> No worries, I figured it out.
[18:49] <keithclark> Can someone please test my apache setup?  http://http://clarkhome.dyndns-home.com/
[18:51] <ChmEarl> keithclark, its trying here 69.166.23.54, but port 80 is not open
[18:51] <keithclark> hmmmm
[18:52] <keithclark> ip address is correct
[18:53] <virusuy> firewall or port forwarding ?
[18:53] <keithclark> modem to router.  Port forwarded
[18:55] <Yompa> Or even an ISP often block common server ports.
[18:55] <keithclark> i've set it with 'Virtual Servers'.  I also have 'Port Forwarding' option as well
[18:56] <keithclark> Could someone try again please?
[18:57] <ChmEarl> clarkhome.com works
[18:58] <keithclark> ChmEarl, so it changed from not working to working, correct?
[18:58] <ChmEarl> Connecting to www.clarkhome.com|74.125.127.121|:80... connected
[18:58] <keithclark> ChmEarl, that is not me
[18:59] <ChmEarl> hangs: Connecting to clarkhome.dyndns-home.com|69.166.23.54|:80...
[18:59] <keithclark> hmmmm
[19:01] <keithclark> I have my speedtouch modem forwarding that port to my dir-615 router and the router set to port forward to my computer
[19:01] <keithclark> Doesn't seem to be working.
[19:04] <Yompa> keithclark, if you are on a residential ISP connection, try a different port like 8080 or 8888 forwarded to your local server port 80. Some ISPs have firewalls blocking common server ports.
[19:05] <keithclark> Yompa, I'm checking on that now.  I've submitted a support ticket.
[19:06] <ChmEarl> keithclark,  port 22 is closed too
[19:06] <ChmEarl> or nothing listening
[19:06] <keithclark> ChmEarl, I now
[19:06] <keithclark> ChmEarl, how about 21?
[19:07] <ChmEarl> its a total blackout
[19:07] <keithclark> I would be surprised if it was my ISP.  It is a small, local company.  No limits and very liberal.  I'm thinking it is my router.
[19:08] <keithclark> (talk about secure though!)
[19:08] <pukeko> morning all...  i have several VMs that will be running various web-servers, i want to stick an accelerator in the mix to forward requests to certain machines based on FQL , i need some advise on what to use, is squid overkill ? how about Varnish ?
[19:09] <ChmEarl> keithclark, some technical sites provide a port scanner
[19:09] <ChmEarl> I have port 8080 forward inside my LAN to a Xen guest... imagine how long that took to setup
[19:11] <keithclark> Funny, on Primus it was no issue at all.  I was sure they would have blocks on the common ports but it worked out just fine.
[19:14] <ChmEarl> keithclark, here is one: http://www.subnetonline.com/pages/network-tools/online-port-scanner.php
[19:15] <ChmEarl> check the ToS box first
[19:18] <virusuy> dork: ping
[19:18] <keithclark> thanks ChmEarl
[20:19] <keithclark> Ok, port 80 is not blocked by my isp
[20:21] <keithclark> But still the port is closed
[20:25] <keithclark> I just cannot get through
[20:27] <keithclark> Any ideas?
[20:29] <qman__> are you connected to here through said internet connection?
[20:29] <keithclark> Yup
[20:32] <qman__> well, it's not answering connections on 80 or 21, they time out
[20:32] <keithclark> Yup....not sure why
[20:33] <qman__> if they were making it to your server, they'd be refused or accepted unless otherwise configured in the firewall
[20:33] <qman__> so they have to not be getting there at all, which means either router config or ISP
[20:33] <keithclark> Yup.  ISP assures me no blocking of any ports
[20:33] <keithclark> Modem is forwarding all 80 and 21 ports to the router.
[20:34] <keithclark> Router is forwarding 80 and 21 to this machines ip address
[20:34] <qman__> try forwarding a nonstandard port just to test
[20:34] <qman__> above 1024
[20:35] <keithclark> I tried 5222, still nothing
[20:37] <qman__> then I'm going to have to say router
[20:37] <keithclark> Yeah, throw it out an get another?
[20:37] <qman__> could be, a lot of them really overcomplicate things and bury settings
[20:38] <qman__> if you can't find any substantial information on it, I'd get something else
[20:38] <keithclark> I've been through 3 of these routers!
[20:39] <qman__> trying to do this, or they just failed?
[20:39] <keithclark> Yup, same issue.
[20:39] <qman__> also, same ones/brand, or different
[20:39] <keithclark> different brands
[20:39] <keithclark> I'm thinking Ubuntu
[20:40] <qman__> if ifconfig returns the address you expect, try browsing from a different computer
[20:41] <keithclark> browsing?  I have 2 other machines that browse find plus my ps3
[20:41] <keithclark> *fine
[20:41] <qman__> browsing to your ubuntu server
[20:41] <qman__> e.g. http://192.168.1.123
[20:41] <keithclark> I will try that
[20:44] <qman__> the thing is, if you're getting to ubuntu but it's misconfigured, you'd get a connection refused, not a time out
[20:44] <qman__> so it has to be something with the networking
[20:44] <keithclark> hmmm
[20:44] <qman__> maybe it doesn't have the IP you think it does, or something is wrong with the NIC/cable/switch/etc
[20:45] <qman__> all of which you can troubleshoot by attempting to get to it from the LAN
[20:46] <qman__> by default ubuntu has an accept all firewall policy
[20:46] <pukeko> any recommendations for a "load balancer/forwarder" to use for a couple of VMs hosting web applications ? i have only one public Ip available
[20:47] <keithclark> local access works
[20:49] <keithclark> I can get to this machine from another on my LAN
[20:50] <qman__> ok, can the ubuntu box get to the internet? default gateway and nameservers working
[20:50] <keithclark> Yes, I'm typing from it
[20:50] <qman__> then it has to be the router config
[20:51] <qman__> ubuntu knows how to get to the internet and accept connections from your network
[20:51] <qman__> double check the IP on your ubuntu with ifconfig
[20:52] <qman__> and make sure it's right in the router
[20:52] <keithclark> Checked many times.  Just did it again and all is fine.
[20:52] <qman__> also, try the DMZ setting if it has one
[20:52] <keithclark> Yup, only one router
[20:52] <qman__> and turn off any SPI firewalls on the router
[20:53] <qman__> accept wan ping, no filtering
[20:53] <keithclark> dmz did not work
[20:54] <keithclark> spi off
[20:54] <qman__> pings are not getting through to you
[20:54] <keithclark> Most secure system on the web today!
[20:55] <qman__> what does your network layout look like? systems - router - modem - internet? or combo router/modem
[20:56] <keithclark> speedtouch on 192.168.1.254 to dlink dir-615 router
[20:56] <qman__> if you have the former, but your modem is actually a router/modem, that could be the problem
[20:56] <qman__> the modem would then need to DMZ your router
[20:57] <keithclark> Firewall on the speedtouch is disabled
[20:58] <keithclark> I have the very same modem on Primus at another location with another router and it works fine
[20:58] <qman__> well, your IP is not answering ping or any TCP connections on common ports
[20:59] <keithclark> I know
[20:59] <qman__> so something is blocking them, the modem is first in line and therefore first to check
[21:00] <qman__> read: even if port forwarding doesn't work, it should be answering ping
[21:01] <keithclark> yup, I understand
[21:01] <keithclark> LIke I said, the most secure connection on the planet
[21:10] <keithclark> Well, I'm at a loss here.  Not sure what to try next, if anything.
[21:13] <qman__> well, we've established it's not an ubuntu problem
[21:13] <qman__> if your modem is ISP provided, call them
[21:13] <keithclark> I already have
[21:14] <keithclark> "Port 80 is not blocked"
[21:14] <qman__> yes, but tell them your modem won't respond to ping and you can't forward any ports
[21:15] <qman__> if it's routing, it should do both of those things
[21:15] <qman__> if it's bridging, your router is responsible for doing those things
[21:15] <qman__> don't take this the wrong way, but it's not magic, it's a pretty straightforward setup
[21:16] <qman__> one of the two is currently holding your internet IP, and is responsible for pings and forwarding
[21:16] <qman__> if it's not doing those things, it's either misconfigured or defective
[21:17] <keithclark> I will do, thanks
[21:17] <qman__> if the modem is routing, it needs to DMZ your router, which then port forwards to your LAN
[21:18] <qman__> otherwise your router should be holding your internet IP on its WAN interface
[21:20] <keithclark> I've emailed my isp concerning this.  I've never heard of a bad modem though
[21:21] <qman__> having such a specific problem with no other issues is rare, but it does happen
[21:21] <keithclark> Well, we shall see.
[21:21] <qman__> configuration is far more likely, but in either case, you need to establish which device is responsible for answering pings
[21:21] <qman__> and find out why it isn't
[21:22] <qman__> once that's solved, you can move on to port forwarding if it still doesn't work
[21:22] <pukeko> what speedtouch modem is it ?
[21:23] <keithclark> ST516 is what shows on the webpage
[21:24] <qman__> I have charter, but most of the customers I deal with at work have comcast with SMC modems
[21:24] <qman__> and they can fail quite spectacularly
[21:27] <keithclark> Let's see how my ISP responds.  They are pretty friendly.
[21:28] <keithclark> The only other difference in my two setups is that this machine runs 11.10.
[21:28] <keithclark> I hope that is not the problem
[21:29] <qman__> it has nothing to do with the problem
[21:29] <qman__> problem is that traffic isn't getting there in the first place
[21:29] <qman__> that's not to say it couldn't cause some other problems, but you'll have to get this working before you'd ever see them
[21:43] <keithclark> Ok, I'll wait to hear from my ISP
[23:16] <savid> Is there a place in ubuntu to store a global ssh known_hosts file?
[23:19] <savid> I tried /etc/ssh/ssh_known_hosts, but that doesn't seem to work.
[23:28] <savid> I tried even copying my ~/.ssh/known_hosts to /etc/ssh/ssh_known_hosts, but that doesn't work either.   Any ideas?
[23:30] <RoyK> imho that shouldn't be global
[23:32] <savid> RoyK, I need it to be
[23:32] <RoyK> why?
[23:33] <savid> RoyK,  I'm using puppet to manage server configurations.  Servers need to be able to do git checkouts from various git servers.  I don't want to have to manage a "known_hosts" in the ssh directory of every user that needs it.
[23:33] <savid> RoyK, at any rate, what's wrong with the global ssh_known_hosts?   It's owned by root, and is mode 600
[23:34] <savid> So security-wise it's no different than any other user's known_hosts
[23:34] <RoyK> if you're using puppet from the root user, it's not an issue
[23:34] <RoyK> just update that file
[23:35] <savid> Oh, hmm..  that's why I'm getting errors, because it's not the root user doing the checkout.
[23:36] <savid> guess I need to figure something else out
[23:36] <savid> I guess I assumed that the global ssh_known_hosts file would apply to all users.  But that would make it less secure, I guess
[23:38] <savid> Although, what's the point of /etc/ssh/ssh_known_hosts if only root can read it?