[09:59] <JonathanD> Morning.
[10:00] <rmg51> Morning
[10:00] <JonathanD> Hey rmg51
[10:00] <rmg51> o/
[10:09] <InHisName> morning
[11:48] <jedijf> those threads crack me up - pick one - use it - stfumorning
[11:48] <jedijf> err, morning
[11:53] <jedijf> ChinnoDog: fwiw i don't like the concave pad - prefer old eraser head - better grip/grab
[12:32] <rmg51> looks like the latest kernel update broke Teddy's laptop :P
[12:35] <rmg51> have to go back two kernels to get it to boot to the login screen
[13:53] <ChinnoDog> jedijf: My Thinkpad has a bulb with a rough surface on it. I miss it.
[14:01] <jedijf> ChinnoDog: yeah, that  sounds like classic eraserhead
[14:01] <jedijf> best pointing device evah
[14:06] <ChinnoDog> On Sunday I found an international grocery store by accident while I was out shopping and bought a box of chai from the Indian aisle. Idk how it is so different from grocery store knockoff chai but one cup gives me the caffeine buzz.
[14:08] <ChinnoDog> I think you should look for some jedijf. You could supplement your coffee intake.
[14:09] <cyberanger> good chi is worth it just for the taste
[14:09] <cyberanger> I mean, having a good variety is nice
[14:10] <jedijf> what is this chai you speak of? a tea?
[14:10] <jedijf> i'm on a green kick - with tumeric - lemon - cinnamon
[14:11] <ChinnoDog> Yes. Tea. I'd tell you the brand but I threw out the box so I could put the remaining bags in a ziplock bag.
[14:11] <ChinnoDog> This one has cardamom.
[14:11] <jedijf> i will give it a try - the green doesn't caffeine me at all (or at least i don't feel it, per se)
[14:12] <ChinnoDog> I don't buy the cheap knockoffs in most grocery stores. They aren't strong enough and don't taste much much like chai imho.
[14:13] <ChinnoDog> This chai is strong even with heavy cream added.
[14:14] <jedijf> i'll definitely give it a shot
[14:15] <ChinnoDog> Thai tea can be pretty strong too but only if you brew it yourself. The stuff in Thai restaurants is usually very diluted.
[14:16] <teddy-dbear> Morning peoples, dogs, turkeys and everything else
[14:16] <ChinnoDog> Morning teddy
[14:16] <teddy-dbear> o/
[15:15] <ChinnoDog> Anyone know of an open source PCI compliance scanner?
[15:15] <InHisName> Not yet but sounds interesting
[15:18] <ChinnoDog> Seems like there are a lot of commercial ones but no good free ones.
[16:01] <square-r00t> ChinnoDog: not free, but iirc nessus scans for pci compliance
[16:01] <square-r00t> and is good for scanning for other stuff too
[16:01] <square-r00t> http://www.tenable.com/products/nessus
[16:02]  * square-r00t remembers back in the day when nessus was F/OSS
[16:02] <square-r00t> "Nessus compliance checks help to eliminate fines and external audit findings. It covers PCI DSS, HIPAA / HITECH, NIST, DISA STIGs..."
[16:27] <ChinnoDog> square-r00t: Thanks. I'm checking that out right now. Looks promising? It /used/ to be OSS? :-(
[16:28] <square-r00t> yeah :/ that was like, yeaaars ago
[16:29] <square-r00t> http://en.wikipedia.org/wiki/Nessus_%28software%29#History
[16:29] <square-r00t> "On October 5, 2005, Tenable Network Security, the company Renaud Deraison co-founded, changed Nessus 3 to a proprietary (closed source) license.[3] The earlier versions appear to have been removed from the official website since then."
[16:30] <square-r00t> openvas (openvas.org) is a pretty good fork of nessus 2 that's fairly well maintained, but i don't recall if it scans for PCI compliance
[16:40] <ChinnoDog> It does not do PCI compliance. However, it does also look like it could be a good tool.
[16:54] <square-r00t> honestly with a little scripting it could probably do PCI. PCI's more or less just a port scan with versioning info and matching it against PCI requirements. the tricky thing is generating the reports so you can show an auditor
[16:54] <square-r00t> because you'd still need to be licensed as compliant, and the auditor would want to see them.
[16:55] <square-r00t> (shrug) or just use nessus, which is an authorized PCI compliance tool. heh
[16:56] <square-r00t> (and does generate reports)
[16:56] <cyberanger> what PCI class?
[16:56] <square-r00t> not sure, ChinnoDog is the one looking for comp
[16:57] <cyberanger> ChinnoDog: what PCI class?
[16:58] <cyberanger> the sad thing is compliance is usually easier to meet than documenting it is
[16:58] <ChinnoDog> I think you are referring to the compliance level based on transaction volume. We have customers in more than one class.
[16:58] <square-r00t> lol. too true, though.
[16:58] <cyberanger> ChinnoDog: yeah, I was, what's the highest class, 4?
[16:58] <cyberanger> highest class you have
[16:59] <ChinnoDog> I don't know. I don't consider myself a PCI expert. For the customers I work with probably not the higher classes.
[17:00] <square-r00t> ChinnoDog: http://www.pcicomplianceguide.org/pcifaqs.php#5
[17:01] <cyberanger> the highest class is actually for the losest transctions if I recall, yeah not one myself, consulting work it may have happened to a coworker twice in my time
[17:02] <square-r00t> cyberanger: yep, you're right. PCI-4 = < 20k transactions
[17:03] <square-r00t> PCI-3 = 20k - 1m, PCI-2 = 1m - 6m, PCI-1 = 6M+
[17:09] <cyberanger> I was thinking in terms of cost for licensing
[17:09] <cyberanger> if you went with nesus
[17:13] <ChinnoDog> We would probably do all the scanning so one license would be sufficient.
[17:15] <square-r00t> https://store.tenable.com/?gclid=CN7TlZjsw7kCFRIaOgodfmcADw
[17:16] <square-r00t> or they're running some sales on their bundles, https://store.tenable.com/index.php?main_page=index&cPath=7
[17:16] <square-r00t> but probably not really worth it if you aren't an auditor by trade
[17:17] <square-r00t> (though, $your_company could then offer pci compliance services to everyone else and charge a nice penny for it as long as you get licensed as an auditor. is good money, so the investment could potentially pay for itself)
[17:33] <ChinnoDog> That is what I was thinking. I suggested that after I saw the licensing.
[18:20] <jedijf> starving
[18:30] <square-r00t> samesies
[18:39] <jedijf> to the diner!
[18:40] <square-r00t> i wish
[18:40] <square-r00t> too busy today
[18:40] <square-r00t> and THEN
[18:40] <square-r00t> i need to drop the supernode server off at hive76
[18:41] <jedijf> what time is server drop
[18:43]  * jedijf may do a parts drop at hive
[18:44] <square-r00t> mmm 7ish
[18:45] <square-r00t> server image isn't perfected, but the box VPNs back to NOC so it's not too big a deal
[18:46] <square-r00t> i need to make a
[18:46] <square-r00t> err
[18:46] <jedijf> late night :/
[18:46] <square-r00t> a "supernode" pacman package
[18:46] <square-r00t> open house doesn't even start till 7 lol
[18:46] <square-r00t> i don't think i've been to enough to go up for membership approval yet
[18:47] <jedijf> dismember; certainly
[18:47] <jedijf> and that's the coolest name too
[18:48] <square-r00t> yeah but i was gonna go for the basic membership
[18:48] <jedijf> i was a dis first
[18:48] <square-r00t> that way i could come in in the middle of the night when i can't sleep
[18:58] <square-r00t> rmg51: i kind of want to out a rPi or beagleboard inside teddy-dbear with an IRC client, stitch him back up, and have vga and usb hookups coming out of his paws.
[18:58] <square-r00t> cyborg_teddy++
[18:58] <square-r00t> s/out/put/
[18:59] <square-r00t> (well, and cat-5 hookup too for times when wi-fi wouldn't work)
[18:59] <teddy-dbear> no way!!!!! :-/
[18:59] <square-r00t> teddy-dbear: but you could IRC with your body then!
[19:00] <square-r00t> the surgery would be quick and painless
[19:00] <square-r00t> forget transhumanism, you could be the first transbearist
[19:01] <teddy-dbear> this bear is not going to be cut open
[19:02] <square-r00t> you could even run a custom ubuntu derivative! ubearntu.
[19:05] <rmg51> sq
[19:05] <rmg51> oops
[19:06] <rmg51> square-r00t: you need to go to build-a-bear
[19:06] <square-r00t> that's not as fun
[19:12] <teddy-dbear> better for me :-D
[19:13] <square-r00t> :( but teddy-dbear you could let rmg51 ssh or vnc into you then!
[19:13] <square-r00t> and then down the road we could put in some servos and motors...
[19:13] <square-r00t> you could be like a real bear! walking around!
[19:21] <teddy-dbear> then I might have to do something :'(
[19:22] <teddy-dbear> I likes just sitting here looking way cute
[19:28]  * waltman suddenly has a vision of teddy-dbear catching swedish fish from a chocolate fountain
[19:28] <pleia2> I have dreams like that sometimes
[19:28] <waltman> do you now?
[19:30] <teddy-dbear> dang silly humans
[19:30] <square-r00t> silly ol' bear.