=== aeden__d is now known as aedend | ||
aedend | I think I have znc setup correctly now | 01:53 |
---|---|---|
cyberanger | aedend: ssl? | 02:29 |
aedend | cyberanger, I think so... | 02:29 |
aedend | are you talking about the settings for znc? | 02:32 |
* Unit193 shrugs. | 02:39 | |
cyberanger | aedend: Both how you connect to znc, and how znc connects to irc | 02:41 |
aedend | cyberanger, It says I'm using a secure connection | 02:42 |
Unit193 | cyberanger: Guessing not first. | 02:43 |
aedend | I use ssl to connect to znc and znc connects to chat.freenode.net 6697 | 02:44 |
* Unit193 is wrong. \o/ | 02:45 | |
aedend | cyberanger, are you seeing something that would suggest I have it configured wrong? | 02:46 |
cyberanger | No, Just bringing it up | 02:49 |
cyberanger | You mentioned having it setup, thought it was something you'd want | 02:49 |
aedend | I've got all this setup but I don't understand the benefit | 02:54 |
Unit193 | IRC addicts. | 02:55 |
aedend | If I close this client, since I have znc setup I'll still be connected? | 02:55 |
Unit193 | And you'll see backlog, right. | 02:55 |
aedend | ok. | 02:56 |
aedend | to test this I just joined ##linux (its pretty busy). If I close this client and come back in 10 minutes | 02:57 |
aedend | I should see everything that took place while I was gone | 02:57 |
aedend | yeah... I've got something setup wrong. That didn't work | 03:06 |
aedend | decided to destroy my droplet and start over... | 03:34 |
Unit193 | 0_o | 03:37 |
aedend | just easier than trying to backtrack hours of configs | 03:39 |
cyberanger | Hrm | 04:17 |
* cyberanger just fixed his tts issue on android | 04:18 | |
cyberanger | Read it to me pro seems to no longer work, SpeakMe does | 04:18 |
cyberanger | No to set pushbullet back up fully | 04:19 |
cyberanger | aedend: do you know which version your running? | 04:21 |
aedend | cyberanger, version of what? | 04:32 |
cyberanger | znc | 04:32 |
aedend | I deleted the droplet... configuring it again atm | 04:32 |
cyberanger | Oh right | 04:32 |
=== aeden__d is now known as aedend | ||
average_guy | after playing with squid config a bit realized I really don't want all my web traffic flowing through my server seems dangerous | 14:06 |
aedend | as opposed to flowing through what? | 14:11 |
average_guy | residential gateway (comcast router) | 14:12 |
average_guy | the proxy sends traffic thru sever to get cached and on to the client, I dont wanna rek my server | 14:13 |
aedend | I'm new to networking but can yo not set up ufw policies | 14:15 |
average_guy | If I firewall out the traffic, the proxy would do nothing and if I let the traffic in to be cached there would be who-knows-what on my server | 14:21 |
average_guy | think imma call it good and leave it alone a bit, It does transmission, quassel, owncloud, cups, samba, mumble and a couple other things well atm | 14:23 |
average_guy | i should quit while i'm ahead | 14:23 |
aedend | I guess I was thinking you could set up what traffic you wanted to allow and block everything else. | 14:25 |
aedend | can fail2ban jail cached stuff ? | 14:26 |
average_guy | I knew what a proxy was, I just didn't think real hard before I started tryin to put it on | 14:26 |
aedend | which proxy did you intall | 14:26 |
average_guy | squid | 14:27 |
average_guy | well squid3, but yeah, I just really don't need it | 14:28 |
average_guy | I don't worry about security much but I try not to make my, server expecially, an easy target | 14:29 |
aedend | you could monitor your squid proxy access log, if you see a lot of unwanted attempts you could filter those ip's with fail2ban? | 14:31 |
aedend | or are we just not on the same page here :/ | 14:32 |
average_guy | but what if the desired web content IS the malicious code | 14:32 |
average_guy | it would go in there and I wouldn't know till it was too late | 14:33 |
average_guy | I don't care if the windows pc's get rekt, the server backs them up, I cant lose the server | 14:34 |
average_guy | so just seems dangerous to have anything I didnt specifically order going to it | 14:35 |
aedend | I agree. And I'm learning all this as I setup my own vps. I was under the impression that fail2ban can be configured with application specific policies to jail unwanted stuff | 14:46 |
aedend | without first allowing unwanted traffic in to determine what to ban | 14:49 |
average_guy | I'm not an expert either but my problem is with it allowing port 80 traffic in for cache there would be know way to tell good from bad | 14:50 |
aedend | sample fail2ban apache policy https://paste.debian.net/314368/ | 14:52 |
average_guy | hmm, that does look nice | 14:53 |
aedend | here is another one, maybe give you some ideas. https://paste.debian.net/314370/ | 14:54 |
average_guy | I broke something :( | 15:01 |
average_guy | transmission is running but the client can't connect to it | 15:02 |
average_guy | ugh | 15:02 |
average_guy | fixed, still dunno why it suddenly broke tho | 15:10 |
average_guy | so, the fail2ban policy looks like it can monitior what I have cached and make sure it dosent do anything funny? | 15:11 |
aedend | average_guy, I'm not sure. I'm learning as I go setting up this droplet. | 15:12 |
average_guy | lol, thats cool I figuring it all out too, linux is a toy to me | 15:13 |
average_guy | I have cloud backups of everything important in case I DO rek stuff up | 15:14 |
average_guy | wife calls linux my 'nerd game" | 15:15 |
aedend | I know the feeling, It's more of a toy for me as well. I really don't have a need for anything I'm doing. I just like learning about it | 15:22 |
aedend | plus, I get sucked in when something doesn't work. It becomes personal almost lol, like I have to figure it out | 15:23 |
average_guy | it IS facinating. I have been obsessed with computers since they became commercially available | 15:24 |
average_guy | I have server hardware and fibre and all kinds of stuff, I like making big complicated SAN configs n stuff just to do it | 15:24 |
average_guy | to know how things work | 15:25 |
aedend | lol, ok, well, I'm not there yet. Once I start doing something I get caught up in knowing everything about it | 15:25 |
aedend | Which is why it takes me so long to get stuff working. | 15:26 |
average_guy | I have the plug on unlimited free hardware so I feel almost obligated to do something with it | 15:27 |
aedend | I'll start of configuring a firewall, but then I'll start reading about how ufw works, which leads to iptables, which leads to.. | 15:27 |
aedend | average_guy, you _should_ feel obligated. It is your duty :) | 15:27 |
aedend | I get sidetracked. To access my droplet I use ssh (of course). But instead of just connecting I started reading on how ssh-agent works | 15:31 |
cyberanger | aedend: you may want to look at mosh too | 19:21 |
cyberanger | average_guy: foxyproxy | 22:18 |
cyberanger | or PAC files | 22:18 |
average_guy | oh woiw, I never seen foxyproxy before cyberanger. Reading now | 22:20 |
cyberanger | It's what I use, I want a few specific URI's to go to the UK, to pass a geoip check there | 22:24 |
cyberanger | the rest stays in the US, or over tor | 22:24 |
aedend | sooo, I got this vps. What now?? If I could owncloud configured so I could not rely on icloud, that would be great | 23:42 |
aedend | *get | 23:42 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!