=== aeden__d is now known as aedend
[01:53] <aedend> I think I have znc setup correctly now
[02:29] <cyberanger> aedend: ssl?
[02:29] <aedend> cyberanger, I think so...
[02:32] <aedend> are you talking about the settings for znc?
[02:39]  * Unit193 shrugs.
[02:41] <cyberanger> aedend: Both how you connect to znc, and how znc connects to irc
[02:42] <aedend> cyberanger, It says I'm using a secure connection
[02:43] <Unit193> cyberanger: Guessing not first.
[02:44] <aedend> I use ssl to connect to znc and znc connects to chat.freenode.net 6697
[02:45]  * Unit193 is wrong. \o/
[02:46] <aedend> cyberanger, are you seeing something that would suggest I have it configured wrong?
[02:49] <cyberanger> No, Just bringing it up
[02:49] <cyberanger> You mentioned having it setup, thought it was something you'd want
[02:54] <aedend> I've got all this setup but I don't understand the benefit
[02:55] <Unit193> IRC addicts.
[02:55] <aedend> If I close this client, since I have znc setup I'll still be connected?
[02:55] <Unit193> And you'll see backlog, right.
[02:56] <aedend> ok.
[02:57] <aedend> to test this I just joined ##linux (its pretty busy). If I close this client and come back in 10 minutes
[02:57] <aedend> I should see everything that took place while I was gone
[03:06] <aedend> yeah... I've got something setup wrong. That didn't work
[03:34] <aedend> decided to destroy my droplet and start over...
[03:37] <Unit193> 0_o
[03:39] <aedend> just easier than trying to backtrack hours of configs
[04:17] <cyberanger> Hrm
[04:18]  * cyberanger just fixed his tts issue on android
[04:18] <cyberanger> Read it to me pro seems to no longer work, SpeakMe does
[04:19] <cyberanger> No to set pushbullet back up fully
[04:21] <cyberanger> aedend: do you know which version your running?
[04:32] <aedend> cyberanger, version of what?
[04:32] <cyberanger> znc
[04:32] <aedend> I deleted the droplet... configuring it again atm
[04:32] <cyberanger> Oh right
=== aeden__d is now known as aedend
[14:06] <average_guy> after playing with squid config a bit realized I really don't want all my web traffic flowing through my server seems dangerous
[14:11] <aedend> as opposed to flowing through what?
[14:12] <average_guy> residential gateway (comcast router)
[14:13] <average_guy> the proxy sends traffic thru sever to get cached and on to the client, I dont wanna rek my server
[14:15] <aedend> I'm new to networking but can yo not set up ufw policies
[14:21] <average_guy> If I firewall out the traffic, the proxy would do nothing and if I let the traffic in to be cached there would be who-knows-what on my server
[14:23] <average_guy> think imma call it good and leave it alone a bit, It does transmission, quassel, owncloud, cups, samba, mumble and a couple other things well atm
[14:23] <average_guy> i should quit while i'm ahead
[14:25] <aedend> I guess I was thinking you could set up what traffic you wanted to allow and block everything else.
[14:26] <aedend> can fail2ban jail cached stuff ?
[14:26] <average_guy> I knew what a proxy was, I just didn't think real hard before I started tryin to put it on
[14:26] <aedend> which proxy did you intall
[14:27] <average_guy> squid
[14:28] <average_guy> well squid3, but yeah, I just really don't need it
[14:29] <average_guy> I don't worry about security much but I try not to make my, server expecially, an easy target
[14:31] <aedend> you could monitor your squid proxy access log, if you see a lot of unwanted attempts you could filter those ip's with fail2ban?
[14:32] <aedend> or are we just not on the same page here :/
[14:32] <average_guy> but what if the desired web content IS the malicious code
[14:33] <average_guy> it would go in there and I wouldn't know till it was too late
[14:34] <average_guy> I don't care if the windows pc's get rekt, the server backs them up, I cant lose the server
[14:35] <average_guy> so just seems dangerous to have anything I didnt specifically order going to it
[14:46] <aedend> I agree. And I'm learning all this as I setup my own vps. I was under the impression that fail2ban can be configured with application specific policies to jail unwanted stuff
[14:49] <aedend> without first allowing unwanted traffic in to determine what to ban
[14:50] <average_guy> I'm not an expert either but my problem is with it allowing port 80 traffic in for cache there would be know way to tell good from bad
[14:52] <aedend> sample fail2ban apache policy  https://paste.debian.net/314368/
[14:53] <average_guy> hmm, that does look nice
[14:54] <aedend> here is another one, maybe give you some ideas.  https://paste.debian.net/314370/
[15:01] <average_guy> I broke something :(
[15:02] <average_guy> transmission is running but the client can't connect to it
[15:02] <average_guy> ugh
[15:10] <average_guy> fixed, still dunno why it suddenly broke tho
[15:11] <average_guy> so, the fail2ban policy looks like it can monitior what I have cached and make sure it dosent do anything funny?
[15:12] <aedend> average_guy, I'm not sure. I'm learning as I go setting up this droplet.
[15:13] <average_guy> lol, thats cool I figuring it all out too, linux is a toy to me
[15:14] <average_guy> I have cloud backups of everything important in case I DO rek stuff up
[15:15] <average_guy> wife calls linux my 'nerd game"
[15:22] <aedend> I know the feeling, It's more of a toy for me as well. I really don't have a need for anything I'm doing. I just like learning about it
[15:23] <aedend> plus, I get sucked in when something doesn't work. It becomes personal almost lol, like I have to figure it out
[15:24] <average_guy> it IS facinating. I have been obsessed with computers since they became commercially available
[15:24] <average_guy> I have server hardware and fibre and all kinds of stuff, I like making big complicated SAN configs n stuff just to do it
[15:25] <average_guy> to know how things work
[15:25] <aedend> lol, ok, well, I'm not there yet. Once I start doing something I get caught up in knowing everything about it
[15:26] <aedend> Which is why it takes me so long to get stuff working.
[15:27] <average_guy> I have the plug on unlimited free hardware so I feel almost obligated to do something with it
[15:27] <aedend> I'll start of configuring a firewall, but then I'll start reading about how ufw works, which leads to iptables, which leads to..
[15:27] <aedend> average_guy, you _should_ feel obligated. It is your duty :)
[15:31] <aedend> I get sidetracked. To access my droplet I use ssh (of course). But instead of just connecting I started reading on how ssh-agent works
[19:21] <cyberanger> aedend: you may want to look at mosh too
[22:18] <cyberanger> average_guy: foxyproxy
[22:18] <cyberanger> or PAC files
[22:20] <average_guy> oh woiw, I never seen foxyproxy before cyberanger. Reading now
[22:24] <cyberanger> It's what I use, I want a few specific URI's to go to the UK, to pass a geoip check there
[22:24] <cyberanger> the rest stays in the US, or over tor
[23:42] <aedend> sooo, I got this vps. What now?? If I could owncloud configured so I could not rely on icloud, that would be great
[23:42] <aedend> *get