=== Lcawte is now known as Lcawte|Away | ||
=== zmoylan-1i is now known as zmoylan-pi | ||
ShoeGazer | Does anyone know if a preinstalled Windows 8 laptop can be wiped clean and Ubuntu loaded? | 03:37 |
---|---|---|
daftykins | wow, stick around. | 03:43 |
m0nkey_ | NO IMMEDIATE ANSWER. CLOSE WINDOW. | 03:57 |
m0nkey_ | :) | 03:57 |
daftykins | \o/ | 03:57 |
zmoylan-pi | drive by questions | 04:23 |
daftykins | pew pew pew | 04:24 |
* zmoylan-pi hands out the nerf in case they show up again | 04:25 | |
daftykins | does it launch ubuntu DVDs? | 04:25 |
zmoylan-pi | i did modify a dart to hold a usb drive | 04:26 |
zmoylan-pi | sneakernet speed boost | 04:26 |
daftykins | \o/ | 04:28 |
zmoylan-pi | accurate to about 60-70feet | 04:29 |
zmoylan-pi | and made a nerf pistol on desk at work justifiable :-P | 04:33 |
daftykins | ;] | 04:35 |
zmoylan-pi | gets harder when you put the belt fed machine gun nerf on desk... :-) | 04:38 |
zmoylan-pi | just saw this which would allow a shock mounted usb hard drive :-P http://ultrafactsblog.com/post/106573106761/fact-source-follow-ultrafacts-for-more-facts#_=_ | 04:39 |
mapps | hi night owls | 05:12 |
daftykins | heya | 05:16 |
mapps | just startd watching the closer | 05:26 |
mapps | was watching major crime..but cits a spinoff of the closer | 05:27 |
mapps | so decided id watch that first;] | 05:27 |
mapps | night | 06:46 |
daftykins | o/ | 06:51 |
foobarry | frosty start | 09:36 |
popey | yeah | 09:36 |
foobarry | anyone else got a lot of condensation on their house windows atm? | 09:36 |
foobarry | unsure if its because of the new extension still drying out | 09:37 |
popey | nope | 09:37 |
foobarry | hmm | 09:39 |
foobarry | 4yr old son off to get his glasses :( | 09:41 |
foobarry | told him i would get an eye test too as i'd never had one | 09:41 |
knightwise | morning everyone | 09:47 |
foobarry | so, you've been working in ebola treatment centre and they just let you back in the coutnry without quarantine? | 10:04 |
foobarry | "He said the Government was doing "absolutely everything it needs to" to keep the public safe" | 10:04 |
foobarry | yeah right | 10:04 |
brobostigon | morning boys and girls. | 10:46 |
popey | !upgrade | 10:51 |
lubotu3 | For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade | 10:51 |
dutchie | morning | 10:51 |
popey | hello | 10:54 |
brobostigon | morning | 10:56 |
=== Lcawte|Away is now known as Lcawte | ||
knightwise | Greetings from my Raspberry Pi ! | 12:56 |
penguin42 | ah, something useful to do with a pi | 12:57 |
foobarry | shrink yourself and live inside it? | 12:57 |
knightwise | yep , not quite use what I was going to do with it .. so I installed debian on it and am gonna try using it as a desktop for a day or two | 12:57 |
knightwise | Indeed ! I have shrunken to rediculously small proportions and am now inside my Pi kicking the transistors and pooping on the sdcard | 12:58 |
brobostigon | raspbian? | 12:59 |
foobarry | i hate that programme called The Voice but i love the advert with the raven | 12:59 |
knightwise | brobostigon: correct | 12:59 |
penguin42 | knightwise: That explains a lot about sdcards | 12:59 |
brobostigon | :) | 12:59 |
knightwise | foobarry: we don't have cable tv anymore. One of the joys of that is that we don't have that kinda crap :) | 13:00 |
foobarry | freeview? | 13:00 |
knightwise | foobarry: Netflix + Plex + popcorn-time + youtube + iplayer (via the Hola Proxy) | 13:02 |
popey | ooh, reminds me, got a 32GB SDCard for xmas, need to put it in the dashcam! | 13:04 |
knightwise | Oh popey :) Are you an amateur dashcam filmer ? | 13:05 |
popey | ya | 13:05 |
knightwise | My sister in law has a little van and a dashcam | 13:05 |
knightwise | I call it 'the bang bus' | 13:05 |
knightwise | because she keeps bumping into things :) | 13:05 |
popey | knightwise: https://www.youtube.com/watch?v=yXWQ5GAr02A | 13:05 |
knightwise | holdon , installing a browser that can run Chrome | 13:06 |
popey | youtube-dl ☻ | 13:06 |
* knightwise loves youtube-Dl :) | 13:06 | |
* knightwise has sung its praise in a podcast many times ! | 13:06 | |
Azelphur | youtube-dl supports dash audio now which is awesome, you can download just the audio. | 13:09 |
foobarry | can an otg cable allow me to plug a keyboard/mouse into my tablet? | 13:12 |
MartijnVdS | foobarry: yes | 13:12 |
Azelphur | foobarry: depends what tablet. | 13:13 |
foobarry | hp douchepad | 13:15 |
MartijnVdS | Android tablets generally support it | 13:17 |
MartijnVdS | so do Windows tablets | 13:17 |
foobarry | wonder if any games support keyboard entry | 13:17 |
foobarry | some would be more fun with kb/mouse | 13:17 |
MartijnVdS | foobarry: some support joysticks | 13:17 |
foobarry | brother in law picked up a nexus 7 for £80 refurb | 13:26 |
popey | 2012 or 2013? | 13:27 |
foobarry | 2013 | 13:29 |
popey | not bad. | 13:29 |
popey | 2013 is an okay tablet | 13:29 |
foobarry | from the currys auction shop | 13:30 |
MartijnVdS | Knuth! https://www.youtube.com/watch?v=v678Em6qyzk | 13:38 |
popey | that was excellent | 13:46 |
zmoylan-pi | how many cyclists are we going to see bounce magnificently over windscreen? :-P | 14:29 |
zmoylan-pi | sorry, looking back at popeys dashcam link | 14:30 |
popey | hah | 14:30 |
knightwise | hey everyone | 15:41 |
zmoylan-pi | o/ | 15:41 |
knightwise | zmoylan-pi: are you on your Pi ? | 15:43 |
zmoylan-pi | my pi is on 24x7 | 15:43 |
zmoylan-pi | i just happen to connect to it when i'm at home | 15:43 |
knightwise | I'm running from my Pi Aswell :) | 15:43 |
* knightwise gives zmoylan-pi a pi-five ! | 15:43 | |
knightwise | what do you mostly use your pi for zmoylan-pi | 15:44 |
* zmoylan-pi keeps meaning to buy new pi to use a a) an ip camera in garden to look at kitties, foxes, magpies and other critturs or b) a homemade laptop | 15:44 | |
zmoylan-pi | but the pi in kitchen is also used for rss using newsbeuter console based rss reader | 15:45 |
knightwise | so basically its your headless command line machine you ssh into ? | 15:45 |
zmoylan-pi | ypu | 15:45 |
zmoylan-pi | yup* | 15:45 |
knightwise | Cool. I might use it for that to , but I do have 2 headless vm's running on my home servers to tunnel into so .. using the Pi for that would be a little redundant. | 15:46 |
zmoylan-pi | i was looking at ways over weekend to maybe start talking to it from outside the house via sms to automate things. email would make the response time too long unless i drop refresh time to 1 minute | 15:50 |
knightwise | zmoylan-pi: you can sent it a tweet | 15:50 |
knightwise | ah :) it seems that they got Quake3 working on a pi LOL | 15:51 |
zmoylan-pi | thought of that too and i did set up ttytter on it but i like the idea of sms as i'd only use it very occasionly | 15:51 |
knightwise | But how do you get your pi to read an sms ? | 15:52 |
zmoylan-pi | there are a number of sms related bit of software in the repositories of raspian. will just have to plough through them to find one that a) works and b) does what i want 3) when i want :-) | 15:53 |
knightwise | but you have to hook up a phone to the pi then ? | 15:56 |
zmoylan-pi | well i suspect some of them use online web service which may or may not work on irish networks which would complicate things | 15:57 |
knightwise | aha , that is also true. | 15:58 |
knightwise | ok :) part of my retro-pi project : Step 1 install and run Quake3 :) | 15:58 |
zmoylan-pi | then when i wrote a sms server in 90s there was the whole get it working and then a week later the phone company stopped delivering messages from my phone to another phone as they labelled it spam no matter how much is said that it wasn't | 15:58 |
knightwise | Damn ! | 15:58 |
zmoylan-pi | they wanted me to pay more per message on different service to get a better cut | 15:59 |
zmoylan-pi | but they didn't say that for 2-3 weeks while i tried to debug what went wrong | 15:59 |
knightwise | crap ! | 16:00 |
knightwise | thats a bummer dide | 16:00 |
knightwise | just logged into the pi irc channel | 16:00 |
knightwise | and downloading quake3 :) | 16:00 |
knightwise | Playing this on the pi would be awesome too :p | 16:02 |
knightwise | I started my fps gaming career on that game | 16:02 |
=== whaletales is now known as aptanet | ||
=== zmoylan-pi is now known as nsa-nark1 | ||
=== nsa-nark1 is now known as zmoylan-pi | ||
NET||abuse | hi dudes,, got my odroid-c1 today!! | 16:57 |
NET||abuse | quite excited.. but have to figure out if i can get latest versions of stuff onto it. they build an 14.04.1 image which i presume is just a case of do inplace upgrade to 14.10 if you want, or otherwise just add xbmc rep's | 16:58 |
penguin42 | NET||abuse: You might find they've added some special kernel builds and stuff to do with how to flash upgrades, so just check for special stuff like that first | 16:59 |
czajkowski | aloha | 19:27 |
penguin42 | hey | 19:39 |
ChunkzZ | sup | 19:43 |
safiyyah | I am having trouble with my audio settings please anyone. I can hear (from the speakers) but there is no input via Skype or sound recorder | 20:05 |
safiyyah | Also I have tested it with a spare | 20:07 |
penguin42 | safiyyah: Sometimes you have to look for just getting the right slider on the audio settings for input | 20:09 |
penguin42 | safiyyah: The other thing is are you sure you've got the mic in the right input on your PC (if it's an external mic) | 20:09 |
safiyyah | penguin42, I think that it thinks the webcame is the microphone | 20:10 |
safiyyah | because it is accepting the sound from the webcam | 20:10 |
safiyyah | oh I got it!!!! | 20:11 |
safiyyah | yeiii | 20:11 |
ChunkzZ | what was it? | 20:11 |
safiyyah | Very stupid problem, it was muted! | 20:15 |
safiyyah | I wasn't used to the interface | 20:15 |
safiyyah | and it didn't seem muted | 20:15 |
safiyyah | I am on Xubuntu | 20:16 |
penguin42 | ah well, if it's muted :-) | 20:16 |
ChunkzZ | lol | 20:19 |
ChunkzZ | best OS for a desktop other than ubuntu? | 20:19 |
ChunkzZ | need something that's fast for an ssd but not too hungry on ram... | 20:19 |
safiyyah | Xubuntu is running super smooth | 20:20 |
safiyyah | on my SSD | 20:20 |
ChunkzZ | hmm tried that last night, wasn't a big fan. | 20:22 |
safiyyah | sorry am back trying to fix the keyboard now | 20:28 |
safiyyah | I found the bug on launchpad and there is a fix, only I can't work out how to install the fix | 20:28 |
safiyyah | https://bugs.launchpad.net/ubuntu/+source/linux/+bug/281993 | 20:29 |
lubotu3 | Launchpad bug 281993 in Linux "[intrepid] REGRESSION: multimedia keys no longer working" [Low,Confirmed] | 20:29 |
ali1234 | that bug is 6 years old | 20:32 |
ali1234 | the fix is already included | 20:32 |
ali1234 | if it doesnt work report a new bug | 20:32 |
safiyyah | okay thanks | 20:32 |
ali1234 | so i've got a problem | 20:33 |
ali1234 | client swears blind their web server is returning malware links, but i can't reproduce it, nor can i find any malware on the server that could be responsible | 20:33 |
penguin42 | ali1234: Inserted by their browser or ISP ? | 20:33 |
ali1234 | two different users reported seeing it | 20:34 |
ali1234 | on different ISPs and computers | 20:34 |
ali1234 | they all work from home | 20:34 |
ali1234 | they could all have the same malware i suppose | 20:34 |
ali1234 | i thought it might be this: http://www.welivesecurity.com/2013/04/26/linuxcdorked-new-apache-backdoor-in-the-wild-serves-blackhole/ | 20:34 |
popey | seems more likely | 20:34 |
ali1234 | but i checked the httpd md5sum and it matches | 20:34 |
penguin42 | ali1234: I was reading something about a .pac attack that gives different pac configs to different hosts, only targets some; but they were only targetting banks and facebook | 20:35 |
ali1234 | so unless the server is totally rooted, or they made a collision... | 20:35 |
ali1234 | i'll check the sha... | 20:35 |
ali1234 | nope, checks out | 20:36 |
ali1234 | there's also a "nyet.htm" declaring server hacked by some hackers | 20:37 |
ali1234 | however, i know exactly how they did that, and their exploit actually half failed | 20:37 |
ali1234 | and that wouldn't have allowed them to take over the httpd and insert links | 20:37 |
ali1234 | that's also a different subdomain running totally different software | 20:38 |
penguin42 | ali1234: Have you got a dump of the html that the customer is receiving? | 20:38 |
ali1234 | no. customer is not smart and didn't save it | 20:38 |
ali1234 | they just sent me an email with "we're getting links to adultfriendfinder on our webpage" | 20:38 |
penguin42 | I'd be happy to try in a VM if you want | 20:39 |
foobarry | can i do direct debit/recurring payment to a foreign bank account? | 20:39 |
ali1234 | my plan currently is to do that | 20:39 |
ali1234 | however, i would like some way to automate it... cos you never know where the bad link will show up | 20:40 |
ali1234 | apparently it only happens once, just like with the cdorked thing | 20:40 |
ali1234 | foobarry: i think it depends on the country | 20:43 |
penguin42 | ali1234: Well if it's like that cdorked one then it's saying it's in memory, nothing on disk | 20:48 |
foobarry | seems they want £10 per payment | 20:52 |
penguin42 | foobarry: It might help if you use a bank that has international branches, but just remember that banks are mostly out to annoy you | 20:52 |
webpigeon | ali1234: are you using a CMS? if you are they could inject rubbish into the db/htaccess/files can cause issues | 21:00 |
ali1234 | yes, that's how they uploaded the nyet.htm, however they couldn't modify htaccess so nobody ever saw it | 21:01 |
webpigeon | What CMS is it? we had someone modify the theme files for joomla which did something simliar to what your describing | 21:01 |
webpigeon | images which were not really images and the like | 21:02 |
ali1234 | it's joomla | 21:02 |
ali1234 | and i patched the one where they can upload images that are really scripts ages ago | 21:02 |
webpigeon | we tracked ours back to a joomla admin who had a stupid password, the attacker used a script to upload and extract a .zip file which thought it was a theme | 21:03 |
ali1234 | the website that is doing the weird URLs isn't joomla | 21:04 |
webpigeon | fair enouph | 21:04 |
webpigeon | checked that there isn't another .htaccess in a sub directory of the comprimised site? | 21:05 |
ali1234 | none of the files in the htdocs directories have been modified, except the addition of that one nyet.htm in a different subdomain | 21:09 |
penguin42 | ali1234: it could be purely in memory, difficult to tell unless you go hunting through memory | 21:19 |
penguin42 | ali1234: You could dig through memory of the apaches but it wouldn't be easy even if it's still there | 21:20 |
ali1234 | well it must still be there | 21:20 |
penguin42 | ali1234: anyway depending how bad your box is owned (if it is) then you may have hidden files that you wouldn't be able to see | 21:23 |
ali1234 | file mem | 21:25 |
ali1234 | well the inserted URL is definitely a onimiki one | 21:58 |
ali1234 | this is looking bad | 21:58 |
daftykins | what's that? | 21:59 |
ali1234 | read this: http://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf | 21:59 |
ali1234 | server shows the symptoms of this botnet - it serves up redirects very rarely, using the 23 character v2 DGA resolution as described | 22:00 |
ali1234 | however there are no signs it has been compromised at all except for the outward ones | 22:00 |
ali1234 | which likely means the malware authors fixed all the "bugs" that made it easy to detect | 22:00 |
penguin42 | ali1234: Why would there be - if it's in memory you shouldn't be able to tell easily | 22:00 |
ali1234 | according to the PDF it is not in memory | 22:00 |
ali1234 | they also list a few other methods for detecting it, but none of them work | 22:01 |
ali1234 | but this server is almost certainly compromised | 22:01 |
ali1234 | i just can't prove it | 22:01 |
daftykins | :/ | 22:02 |
daftykins | definitely not what you want at this time of year | 22:02 |
daftykins | or any | 22:02 |
penguin42 | ali1234: They not showing up in ipcs -m ? | 22:04 |
ali1234 | there is nothing much interesting in there, no | 22:04 |
ali1234 | there are some shared regions but they are owned by root not apache | 22:05 |
ali1234 | and they aren't the right size | 22:05 |
ali1234 | but who knows? | 22:05 |
ali1234 | nothing conclusive anyway | 22:05 |
penguin42 | ali1234: Anything large ? | 22:06 |
ali1234 | not really no | 22:06 |
penguin42 | ali1234: in ipcs -m | 22:06 |
ali1234 | half a meg | 22:06 |
ali1234 | and nothing with 666 | 22:06 |
ali1234 | wait no, biggest is 16kb | 22:07 |
penguin42 | ali1234: I guess you could look at /proc/pid/maps of your apaches that you think are serving it, but it's not going to be an easy one to find | 22:08 |
penguin42 | ali1234: Did you try that 'yara' thing ? | 22:08 |
ali1234 | i tried to cat /proc/<pid>/mem on the httpd process | 22:08 |
penguin42 | ali1234: https://github.com/eset/malware-ioc/tree/master/windigo the yara stuff on there for Linux/onimiki ? | 22:08 |
ali1234 | and it said no such process | 22:08 |
ali1234 | yes i tried ssh -G | 22:09 |
ali1234 | and the favicon.iso thing | 22:09 |
ali1234 | server doesn't run named | 22:10 |
penguin42 | ali1234: They seem to have more specific rules for detecting the network traffic | 22:10 |
ali1234 | i can't sniff the box from outside, it's hosted | 22:10 |
ali1234 | and if you sniff from inside it knows and turns off all comms | 22:10 |
penguin42 | ali1234: Time to get your hosting provider to warm you up a fresh image then | 22:11 |
daftykins | hmm, tubes went down | 22:12 |
penguin42 | daftykins: It's the ice | 22:12 |
daftykins | :D | 22:12 |
daftykins | we haven't dipped below 4 deg C down here yet i think | 22:12 |
ali1234 | "Most of the indicators below no longer work." | 22:12 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!