--- Log opened Mon May 07 00:00:11 2018 00:24 < spaces> how is this possible ? * ChanServ sets mode: +v imMute^ 00:24 < spaces> he is Mute :P 00:25 <+catphish> lol 00:25 < spaces> catphish like #mysql and #httpd ? 00:25 <+catphish> it's a miracle 00:25 < spaces> yes they exist! 00:27 < spaces> seriously I messed up my day/nightschedule 00:27 < ^7heo> so you're 21 00:28 < ^7heo> welcometo your twenties 00:28 < ^7heo> you're gonna discover lots of new emotions as well 00:29 < ^7heo> and drinking alone at home at night in front of the tv 00:29 < spaces> ^7heo no sorry I'm not in your group of age, find someone else ;) 00:30 < ^7heo> and lots of crying because you don't have your mommy to do everything for you anymore 00:30 < ^7heo> but do not fear 00:30 < ^7heo> it gets better 00:30 < ^7heo> if you play your cards right, by 30.you can actually get good moneys 00:31 < spaces> ^7heo wtf are you drunk or on drugs ? Find yourself a life maybe 00:31 < spaces> next ignore here 00:31 < ^7heo> and by 40 you can get a family 00:31 < turtle> if you were smart you'd start smoking crack rocks 00:31 < ^7heo> indeed 00:31 < turtle> get a head start to adulthood 00:32 <+catphish> but they're so expensive :( 00:32 < ^7heo> the only thing worth anything is drugs 00:32 < spaces> catphish who said you needed to pay for whatever what's expensive 00:32 < ^7heo> they are much more reliable than humans 00:33 < ^7heo> turtle: apparently you've been ignored too 00:33 < ^7heo> kids these days 00:33 < ^7heo> so web addicted 00:33 < ^7heo> they can't even IRC. 00:33 <+catphish> spaces: i don't think that sentence makes sense 00:33 < turtle> :-( 00:33 < ^7heo> catphish: dude, what do you know about English anyway? 00:34 < spaces> catphish you said something is expensive, who said you needed to pay for them ? 00:34 <+catphish> ^7heo: i only know british english, not proper english :( 00:34 < ^7heo> everybody knows the frenchs invented english 00:34 < ^7heo> that's why the wars 00:34 <+catphish> spaces: i was talking about crack rocks, you know somewhere i can get them for free? 00:34 < ^7heo> catphish: duuuh obviously he does 00:35 < spaces> catphish dunno but don't people rip each other off in that world on a daily base ? so just pick someone :P 00:35 < ^7heo> catphish: why else would he write such uncomprehensible stuff? 00:35 <+catphish> spaces: that's on my list of "unwise courses of action" 00:36 < spaces> catphish you second bucketlist when you become a total failure of the bucketlist everyone should say you must have ? 00:36 < ^7heo> bbl, the person I locked in my basement is making too much noise 00:36 < spaces> indeed, doesn't matter in that case anymore what you do... :P 00:36 < ^7heo> gotta sedate them before the cops show up 00:36 <+catphish> anyway, bach to work 00:36 < ^7heo> indeed 00:37 < ^7heo> o/ 00:39 < spaces> catphish back created a great piece of work! 00:39 < spaces> bach 00:39 < SporkWitch> catphish: this is what i get for trying to help someone: http://termbin.com/g9t5 (his output here: https://pastebin.com/knc8adgV) 03:37 < cheers> im replacing my spinal cord with an infiniband cable 04:03 < hanna> Are there any good programs for debugging DHCPv6? Say I want to send my DHCPv6 server a specially crafted packet (containing a custom DUID, MAC etc.) and print out what reply I get 04:03 < hanna> I tried using dhclient's -n (“no op”) mode but apparently it doesn't even work, running dhclient -6 -1 -d -n -w just removed my interface's existing IPv6 and thus broke networking for me 04:04 < hanna> And in either case, dhclient doesn't allow passing your own DUID 04:04 < hanna> I could in principle write my own tool from scratch by implementing the DHCPv6 RFC but that's going to be much more time consuming than using any existing tool 04:13 < hanna> Oh actually I don't even need to generate my own DUID 04:37 < hanna> I think ideally what I want is an IPv6 version of `dhcping` 06:47 < pabed> hi guys , I run arpwatch but I dont know why it is listening on virbr0 instead of ens160 while I command 06:48 < pabed> hi guys , I run arpwatch but I dont know why it is listening on virbr0 instead of ens160 while I command 06:48 < pabed> "arpwatch -i ens160"? 06:53 < precise> pabed: What's the host OS? 06:53 < pabed> centos 7 06:54 < precise> Does it need root to access the physical NIC? 06:54 < pabed> I gave it root access 06:55 < precise> pabed: It may sound stupid, but take root access away, see if that helps... 06:56 < CuriousMind> Hello, I have many questions about networking and Wireshark 06:56 < CuriousMind> I am relatively new to networking. I am a student and I don't understand a lot 06:58 < SporkWitch> Curioismind the wireshark Wiki is very good and has sample pcaps of different types of traffic that you can download and analyse. While we can and will certainly help beginners as well as other experts, you do need to have a reasonably specific query for us to help. 06:59 < SporkWitch> Pardon the typos, stupid phone 07:00 < CuriousMind> SporkWitch: Hi, I was thinking of a questio 07:00 < pabed> precise: I took root access , It says arpwatch: lookup_device: no suitable interface found after this command $ arpwatch -i ifcfg-ens160 07:00 < light> ifcfg-ens160 isn't an interface 07:01 < precise> light: ++ 07:01 < precise> I was just thinking that 07:01 < precise> I forget where to find the interface name tho 07:01 < CuriousMind> SporkWitch: Ok, I got one now. You said the Wireshark wiki has sample pcaps. What is a pcap? From what I just read on a Quora page, pcap is an API that Wireshark uses 07:01 < light> ip a 07:01 < CuriousMind> Am I somewhat right? 07:01 < light> A pcap file is a dump of captured traffic. 07:02 < CuriousMind> light: It's not an API? 07:02 < precise> No 07:02 < pabed> light: ens160 is not interface? 07:02 < light> it is 07:03 < CuriousMind> light: It is or it isn't? 07:03 < light> that wasn't to you 07:03 < precise> CuriousMind: He was talking to pabed 07:03 < CuriousMind> precise: Ok thanks 07:04 < CuriousMind> https://goo.gl/QxvJUm I'm reading this Quora page and the last sentence of the first answer said that Wireshark uses an API. So this guy is wrong? 07:05 < SporkWitch> Curiousmind "what is a pcap" is a google question, not one you need a human for. 07:05 < CuriousMind> SporkWitch: You are right. I'll google it 07:06 < pabed> precise: it is listening to ens160 but not my network (192.168.0.0/24) and it listen to 169.254.231.18 07:06 < precise> CuriousMind: I'm sure the Wireshark wiki that was mentioned earlier would have the answers you are looking for. 07:06 < SporkWitch> Someone else already answered it, but your sequence should always be google/documentation first, and then if you don't find anything or don't understand something, ask the specific thing you don't understand here. 07:07 < precise> pabed: 169.254 is an APIPA range, means the interface it is listening on doesn't have an IP and automatically assigned one from that range. 07:08 < SporkWitch> Curiousmind the more specific the question, the easier it is to help with; broad stuff is really difficult, because we have no way to know what you actually need. 07:08 < CuriousMind> precise: I will check that out now, thank you 07:09 < CuriousMind> SporkWitch: Yes I see. Ok I will google first, thank you 07:10 < SporkWitch> Not trying to turn you away, mind you, just trying to help you build good questions that will get you good answers. 07:10 < precise> SporkWitch: ++ 07:11 < SporkWitch> We like good questions, because that's how we learn too 07:11 < precise> CuriousMind: ^ 07:11 < pabed> precise: https://paste.debian.net/1023637/ 07:12 < precise> pabed: checking now 07:12 < CuriousMind> You guys are right. I will try my best to think of good concise intelligent questions to ask and not vague. I appreciate you explaining to me 07:12 < precise> pabed: Can you post the output of the arpwatch command? 07:14 < SporkWitch> (I've learned far more over the years from answering questions than asking them lol) 07:15 < SporkWitch> Curiousmind can't think of anything for true "I know nothing and want to start" but once you get to a point of being able to play with things and experiment, cisco's packet tracer is free now. It lets you simulate a network and traffic. Really great tool 07:16 < pabed> IPV6_PEERROUTES=yes 07:16 < pabed> DNS2=8.8.8.8 07:16 < pabed> PEERROUTES=yes 07:16 < pabed> DNS1=4.2.2.4 07:16 < pabed> UUID=338a8645-9e32-4f73-afaa-39127edb4328 07:16 < pabed> NAME=ens160 07:16 < pabed> BOOTPROTO=static 07:16 < pabed> NM_CONTROLLED=no 07:16 < pabed> IPV6_FAILURE_FATAL=no 07:16 < pabed> TYPE=Ethernet 07:16 < pabed> DEVICE=ens160 07:16 < pabed> IPV6_AUTOCONF=yes 07:16 < pabed> NETMASK=255.255.255.0 07:16 < pabed> IPV6_DEFROUTE=yes 07:16 < SporkWitch> I used it a bunch in uni when I didn't feel like driving to campus to use the physical lab (to be clear, I already had enough experience and knowledge I didn't need to learn the physical hookups and cable requirements) 07:16 < pabed> DEFROUTE=yes 07:16 < pabed> IPADDR=192.168.0.244 07:16 < pabed> IPV4_FAILURE_FATAL=no 07:17 < pabed> ONBOOT=yes 07:17 < pabed> IPV6_PEERDNS=yes 07:17 < SporkWitch> Pabed use pastebin, Holy fuck 07:17 < pabed> ah sorry 07:17 < pabed> https://paste.debian.net/1023638/ 07:17 < precise> damn son 07:17 < SporkWitch> More than 4 lines: pastebin 07:17 < precise> lol 07:17 < CuriousMind> SporkWitch: Right. I seen this software before, it's good. I understand what you're saying 07:18 < SporkWitch> I half joked earlier about being lucky not to get a kline, what client is he using? I almost want to ban it for throttling it's floods to avoid autokline 07:18 < pabed> precise: https://paste.debian.net/1023639/ 07:19 < SporkWitch> Stupid auto-incorrect, *its 07:19 < precise> pabed: run "ip a" in terminal, find the interface with the same IP address, use that label 07:19 < precise> It should be eth0 or eth1 07:20 < precise> Or something of the like 07:20 < SporkWitch> Should be a persistent name *grumbles* 07:20 < precise> SporkWitch: rite? 07:21 < pabed> precise: https://paste.debian.net/1023640/ 07:22 < SporkWitch> While we're on the topic, repos need to purge net-tools; shit's been abandoned and deprecated for what, a decade now? 07:22 * precise clicks 07:22 < precise> lol 07:22 < precise> huh 07:23 < precise> pabed: I'm just curious, can you cat /etc/network/interfaces and verify if it is called ens160 there as well? 07:23 < precise> No need to paste 07:23 < precise> Just let me know :P 07:24 < SporkWitch> That poor enter key; your comma and period keys are lonely 07:24 < precise> SporkWitch: \n masterrace 07:25 < pabed> precise: https://paste.debian.net/1023641/ 07:25 < precise> Oh, ok 07:25 * SporkWitch glares 07:26 < precise> Aight, so I'm beginning to wonder if it is a driver issue. Does arpwatch require promiscuous mode? Does your NIC support it? 07:26 < precise> pabed: ^ 07:29 < realbadhorse> okay so something weird has been happening since yesterday midnight... all of the sudden, all the ports on my tplink router have stopped forwarding 07:29 < precise> realbadhorse: Have you checked the configs and rebooted the router?/ 07:29 < realbadhorse> not a single one is working, not even the new ones i added this morning for testing 07:29 < realbadhorse> rebooted the router with both the webclient dashboard and the wallsocket 07:30 < pabed> precise: it worked 07:30 < precise> pabed: Yay! watchudo? 07:30 < precise> realbadhorse: What model? 07:30 < realbadhorse> canyouseeme.org returns `no route to host` 07:30 < realbadhorse> Model No. TL-WR840N / TL-WR840ND 07:31 < precise> realbadhorse: You verified it worked before? 07:31 < pabed> but I dont know what is happend to it righ now 07:31 < realbadhorse> yes, for atleast an year 07:31 < precise> pabed: Keep us informed :) 07:31 < realbadhorse> all my devices have static ips, but ive doublechecked those too 07:32 < realbadhorse> kinda going crazy.. 07:32 < SporkWitch> Random problems on dirt brand hardware? Colour me surprised 07:32 < precise> lol 07:32 < precise> realbadhorse: Backup config and do a factory reset 07:32 < realbadhorse> wew 07:32 < precise> Check for firmware upadte while ur at it 07:33 < precise> Out of curiosity, what ports? 07:33 < SporkWitch> Joking aside, it may well just be crazy. It's not exactly a great brand. You're talking about people that make stuff that sells for 20 bucks at a brick and mortar 07:34 < realbadhorse> irc 6667+ssl,80,81,minecraft(unironically),ssh 07:34 < SporkWitch> That's also a good question, some ISPs are evil, they might have started blocking 07:34 < realbadhorse> and a few random ones for my listeners 07:34 < precise> SporkWitch: My thoughts exactly 07:35 < precise> realbadhorse: You run an IRC server? 07:35 < realbadhorse> my isp is a small local company who cant even cap p2p speeds properly 07:35 < realbadhorse> i doubt thats a problem 07:35 < realbadhorse> yes precise 07:35 < precise> ok 07:35 < precise> Just making sure you weren't forwarding 6667 for your IRC client 07:35 < precise> lol 07:35 < realbadhorse> wew 07:36 < precise> realbadhorse: Yeah, I can't' tell without more info. I'd suggest backing up config and factory reset + firmware upgrade and check back 07:36 < realbadhorse> alright.. thanks for trying guys 07:36 < precise> realbadhorse: I speak for myself 07:36 < precise> realbadhorse: Someone else may be able to help :) 07:37 < realbadhorse> well theres 2 options, one for restoring default configs and other for factry reset.. ill try the factory config first 07:37 * precise waits for realbadhorse to ping timeout 07:41 < precise> there we go 07:45 < SporkWitch> No, on tplink or any other bargain brand, that's a good first step 07:46 < SporkWitch> Hell, it's a good first step on juniper; never anything but problems with their garbage 08:03 < winsoff_> Alright, why can't I vnc my machine half the time I try to 08:03 < winsoff_> I'm literally on the same networ--Oh wait. 08:04 < winsoff_> Okay, that's weird as hell, and interesting. 08:04 <+pppingme> are you on the same network/ 08:04 < winsoff_> Yeah, theoretically. So the asuswrt vpn client is at 192.168.10.2, and I'm on 192.168.1.1/24, i suppose 08:05 < winsoff_> And I couldn't vnc into my machine (which is the vpn client_ 08:05 < winsoff_> )** 08:05 < winsoff_> But then I just connected to this network's vpn (lol?) and it lets me vnc in. 08:05 < winsoff_> let me dc from the vpn and see if it's still a problem. I didn't think I had this problem before, though. 08:12 < toxync19> [0ff0c4@tox] hello. 08:13 < toxync19> [0ff0c4@tox] how to avoid connect trough tor to LAN address? 08:55 < koops> I need to forward all traffic through a SOCKS5 proxy running on LAN using pfSense. Search did not help. 08:57 < mAniAk-_-> koops: source and destination NAT 08:58 < koops> @mAniAk-_- Can you explain in more detail? 09:00 < mAniAk-_-> use source and destination nat 09:03 < koops> That's not very helpful. 09:03 < koops> What source, what destination? 09:08 < mAniAk-_-> PF, proxy server 09:20 < koops> And will it automatically add SOCKS headers to requests or will it simply forward the packets to the server? 09:21 < koops> Since if they are simply forwarded to the server it will most likely forward them back to PF. 09:50 < mAniAk-_-> koops: nope, youll have to use a webproxy 10:22 < winsoff_> pppingme: Did we already discuss good resources for preparing for a networking job? I can't remember if you were here. 10:26 <+pppingme> winsoff_ nope, doesn't sound familiar, at least not recently 10:27 < winsoff_> pppingme: Damn. Do you have any recommendations? 10:33 <+pppingme> know the job, and know the company.. 10:48 < winsoff_> pppingme: The hard part is the steps to completing those two items, though. 10:55 < CuriousMind> Hi, I am trying to establish a Telnet connection from my windows computer to my mac 10:55 < CuriousMind> I installed telnet on my mac using Homebrew and I enabled Telnet on my windows computer 10:55 < CuriousMind> I tried connecting to my mac but it isn't letting me 10:56 < CuriousMind> According to a video that I am watching, it seems to me that I need to enter the router's IP and configure but I cannot do that because it isn't my internet 10:59 < djph> if they're in the same place (e.g. your apartment), the router doesn't come into play at all. 10:59 < djph> if they're not in the same place (e.g. you're at work, mac's at home) - telnet is fucking stupid. 11:03 < CuriousMind> djph: They are in the same place 11:03 < CuriousMind> Trying to access my mac 11:04 < djph> then it's just 'telnet ip.of.mac' (assuming, of course, the mac is running a telnet *server*) -- although, ssh is still probably the better choice. 11:06 < CuriousMind> Ah ok so I have to set up a telnet server on my mac. That won't be hard right? 11:07 < djph> no idea 11:07 < CuriousMind> djph: ok no problem, thanks 11:07 < djph> but telnet is pretty well a bad idea, ever since about 1998 11:10 < CuriousMind> djph: Doing a project real quick 11:18 < E1ephant> yeah so use ssh 11:20 < CuriousMind> E1ephant: Hi, I have a problem 11:20 < CuriousMind> E1ephant: I try to start telnet by doing "brew services start telnet". Everything was looking ok until I got an error which says "Error: Formula `telnet` has not implemented #plist or installed a locatable .plist file" 11:20 < E1ephant> use ssh 11:21 < CuriousMind> E1ephant: Ok one second 11:24 < CuriousMind> E1ephant: I am trying to use telnet because I am trying to capture packets. I am doing a project 11:24 < E1ephant> use netcat instead then 11:24 < E1ephant> probably better suited to the task in general 11:24 < E1ephant> if not just wireshark/tshark 11:24 < CuriousMind> E1ephant: Can you help me with this please? You said netcat? 11:25 < E1ephant> yeah netcat is a cool little tool that will read/write to sockets 11:25 < E1ephant> probably easily found in bew 11:25 < E1ephant> brew even 11:25 < CuriousMind> E1ephant: I already did this. https://medium.com/ayuth/bring-telnet-back-on-macos-high-sierra-11de98de1544 11:26 < CuriousMind> Should I uninstall this? 11:26 < E1ephant> wireshark and tshark will greatly help in analyzing traffic 11:26 < CuriousMind> E1ephant: Yes. :) 11:26 < E1ephant> lol, that article mentions that nc is built into macos now :) 11:27 < E1ephant> cool beans 11:28 < CuriousMind> E1ephant: ok so uninstall telnet and instal netcat? 11:28 < E1ephant> I mean it sounds like nc should be there already 11:28 < E1ephant> not much harm in having the telnet client installed 11:28 < CuriousMind> E1ephant: I see. Ok what do I do next to get this server running 11:28 < E1ephant> it's the telnet server or "telnet daemon" you don't want anything to do with 11:29 < CuriousMind> E1ephant: Oh why? 11:29 < E1ephant> because everything, passwords included is plaintext 11:29 < CuriousMind> E1ephant: That is exactly what I want! :) 11:29 < CuriousMind> I am doing a project on this exactly bahaha 11:30 < CuriousMind> I already changed my computer password to a trival password then I will change it back 11:30 < djph> a project on "yes, really, telnet is fucking stupid in 2018" ? 11:30 < E1ephant> yeah 11:30 < E1ephant> really stretching the brain on this one? 11:30 < CuriousMind> I'm trying pass my class, please. I wanna get this done, I wanna go to sleep 11:31 < E1ephant> one sentence powerpoints are cool 11:31 < E1ephant> just get some cat gifs 11:31 < E1ephant> and write " 11:31 < E1ephant> PLAINTEXT == BAD" 11:31 < djph> ohh, so this is homework? Why didn't you *say* it was a homework project? 11:31 < djph> and then, the *requirements* of the project 11:31 < djph> rather than ... whatever limited info you've given us thusfar 11:32 < CuriousMind> djph: I said this like many times 11:32 < CuriousMind> ok sorry 11:32 < E1ephant> example presentation: https://ripe65.ripe.net/presentations/105-RIPE65_NLNOG_RING_Job_Snijders.pdf 11:32 < djph> < CuriousMind> Hi, I am trying to establish a Telnet connection [...] 11:32 < djph> < CuriousMind> According to a video that I am watching, 11:32 < E1ephant> this is doing it right ^ 11:32 < djph> < CuriousMind> djph: Doing a project real quick 11:33 < CuriousMind> djph: Ok sorry. Now you know it is a project 11:33 < djph> "a project" could mean many different things 11:33 < djph> e.g. I have a "project" right now to turn this pile of LEDs into an art project. 11:33 < CuriousMind> djph: You are right, I understand 11:33 < djph> *art piece ... ffs 11:34 < djph> what is the *requirement* of the homework? 11:35 < CuriousMind> The requirement that I am on is writing the steps on how to do this connection 11:35 < MrLawrence> Hello, I have programmed this server and this client in C using TCP sockets - however I have always ran both in the same computer so I just set the IP to loopback - if I have the server running in a computer in my LAN, and I run the client in another computer in the LAN, what IP should I give the server? 11:36 < E1ephant> is this a trick question? 11:36 < djph> MrLawrence: one in your LAN 11:36 < E1ephant> the other IP? 11:36 < E1ephant> whichever one isn't local, would be the destination 11:36 < E1ephant> I think I need some sleep 11:37 < MrLawrence> Thing is I am doing this demonstration for someone else and it is the first time I am running both in different computers across a a network, and I am not sure what IP to give it. 11:37 < MrLawrence> It's a university network so I doubt I can just pick a random IP address and it'll work 11:37 < djph> MrLawrence: any valid IP for the network in question. 11:37 < djph> as long as it's not already used, ofc. 11:38 < djph> CuriousMind: "write the steps to telnet to a server" is the requirement? Answer -> you don't telnet is fucking stupid. WTF prof, are you retarded? 11:38 < djph> s/don't/don't,/ 11:40 < CuriousMind> djph: The purpose of telnet to a server is to retrieve packets which contain the password when logging in 11:40 < CuriousMind> I'm working on the steps so if someone else wanted to do it then they could 11:41 < CuriousMind> It's a computer security class 11:41 < djph> For the fourth or fifth time now, what is the homework requirement. I.e. what did the professor tell you to do? 11:42 < E1ephant> you can't do some image steno or something actually cool? 11:43 < CuriousMind> djph: The professor wasn't specific, he told us to pick a subject. I picked Wireshark. He wants to know whatever we can find about it. The requirement that I am working on is the connection with two computers and retrieve packets via telnet connection. I also must list steps 11:44 < djph> I mean, it kinda sounds like a "I told you in class it's bad, but you probably don't believe me; so now go see for yourself that it's bad" type assignment. 11:44 < CuriousMind> djph: Are you able to help me or not? 11:45 < djph> ahh, so instead of doing something "easy" like "view packets traversing the network" and then (as we said), using netcat or ssh (or hell, http, ftp, etc.) for the proof-of-concept... you decided on telnet. 11:46 < djph> see, now that's what we needed to know, so we wouldn't just tell you you're a dumbass for wanting to run telnet. Install a telnet server on one box or the other. Connect to it while running wireshark. capture the packets, have a good day. 11:47 < CuriousMind> djph: lmao thanks a lot I appreciate your help 11:49 < djph> note that it might be hard to actually *find* a telnet server, because, well, it's a bad idea. You *may* end up having to install *nix somewhere (so you can avoid the "hand-holdy" nature of mac / windows stopping you from doing it) 11:51 < CuriousMind> djph: I'm trying to run my mac as a telnet server. 11:51 < CuriousMind> My windows computer is the client 11:52 < djph> CuriousMind: and, given that macOS is hand-holdy, it may not include a server (dunno, I'm not a mac guy at all, and only know win because of work...) 11:52 < djph> assuming it does have a server, you fire up the server, then from win, telent ip_of_mac 11:53 < CuriousMind> djph: How 11:53 < CuriousMind> What commands 11:53 < CuriousMind> You say you don't know though so I understand 11:54 < djph> I would assume "telnetd" on the mac box (or whatever the executable of the telnet server is) 11:54 < djph> then from windows, telnet ip.of.mac 11:55 < CuriousMind> telnetd: command not found djph 11:55 < CuriousMind> djph: I already did that for my windows but I couldn't establish the connection 11:55 < djph> CuriousMind: was the telnet server running on the mac? 11:56 < CuriousMind> djph: No, I am trying to run it 11:56 < CuriousMind> I did this command 11:56 < djph> well, with no server running on the mac, you're not going to establish a connection ... 11:56 < CuriousMind> djph: Yes I know. I did this "brew services start telnet" 11:57 < CuriousMind> And I got an error which says "Formula `telnet` has not implemented #plist or installed a locatable .plist file" 11:58 < djph> sounds like a mac problem then, whatever #plist is 11:58 < CuriousMind> djph: Then someone said to use netcat in order to make this happen. I don't know about netcat 11:59 < audia5> how much money you spend on candies 11:59 < djph> netcat would be a potentially better approach 11:59 < CuriousMind> djph: Ok great. How can I get started using netca 11:59 < CuriousMind> netcat* 12:00 < djph> man netcat 12:00 < CuriousMind> djph: ok thanks 12:00 < CuriousMind> djph: No manual entry for netcat 12:01 < CuriousMind> I just got this macbook like last week 12:01 < djph> should be like 'nc -l' on the mac, then 'nc ip.of.mac' from the win box. NOTE that you may need to FIND a netcat client for win 12:01 < djph> ugh, wtf, no manpages :( 12:01 < CuriousMind> djph: I got it, I did man nc. It's good 12:02 < djph> ah 12:02 < CuriousMind> So my windows has to have netcat too right? 12:02 < djph> annoying they didn't link 'man netcat' to 'man nc' 12:02 < djph> yes 12:03 < CuriousMind> ok np 12:04 < djph> anyway, cygwin or nmap projects would probably be the easiest options for getting nc over on win 12:04 < CuriousMind> djph: I see 12:10 < cluelessperson> CuriousMind: what exactly are you trying to do? 12:11 * cluelessperson checked scrollback but is confused still 12:11 < CuriousMind> cluelessperson: Hi 12:12 < cluelessperson> sup 12:12 < CuriousMind> cluelessperson: I am trying to run a telnet server on my macbook. I will connect to it using my windows computer 12:12 < cluelessperson> CuriousMind: okay, with what goal 12:12 < cluelessperson> or just start a telnet server and that's all 12:13 < CuriousMind> Get telnet server running on my macbook then successfully connect to it with my windows computer 12:13 < CuriousMind> if I can do that, I will praise jesus 12:15 < CuriousMind> cluelessperson: Someone recommended I use netcat and that's what I am trying to do now 12:15 < cluelessperson> CuriousMind: netcat is usually used for port scanning, checking if ports are even open 12:16 < cluelessperson> CuriousMind: but looks like netcat CAN be used to open a socket. 12:16 < cluelessperson> CuriousMind: so, keep in mind that telnet is very basic. Literally all it does is open a port and wait for connections/data to come in. 12:17 < cluelessperson> CuriousMind: To use netcat, you should probably start by running, 12:17 < cluelessperson> netcat --help 12:17 < cluelessperson> (I'm not familiar with Mac, but it's based on linux, so some things are similar/same) 12:17 < CuriousMind> cluelessperson: I got man netcat open, but I don't know how to use commands 12:18 < CuriousMind> I think it's nc -l ? 12:18 < CuriousMind> I was watching a video couple minutes ago 12:18 * cluelessperson tries it out 12:18 < ^7heo> depending on the netcat versions, it's either nc -l $port; or nc -l -p $port 12:18 < cluelessperson> -l Used to specify that nc should listen for an incoming connection rather than initiate a connection to a remote host. 12:19 < cluelessperson> It is an error to use this option in conjunction with the -p, -s, or -z 12:19 < cluelessperson> CuriousMind: so, looks like. nc -l sure 12:19 < CuriousMind> ^7heo: Thank you 12:19 < CuriousMind> cluelessperson: Ok grea 12:19 < cluelessperson> CuriousMind: works for me 12:20 < cluelessperson> nc -l 8000 and then telnet localhost 8000 12:20 < cluelessperson> in another window 12:20 < CuriousMind> nc for mac and telnet for windows right? 12:21 < cluelessperson> CuriousMind: on my machine, both commands work for me. 12:22 < cluelessperson> CuriousMind: windows, you might have to install telnet 12:22 < cluelessperson> CuriousMind: try it just on the one machine first. 12:22 < cluelessperson> two shell/command windows. 12:22 < CuriousMind> cluelessperson: I install telnet already :) 12:22 < cluelessperson> create the "server"/"listener", then in the other window, attempt to connect to self on that port 12:22 < mAniAk-_-> CuriousMind: whats the point of this? 12:22 < CuriousMind> mAniAk-_-: school project 12:22 < cluelessperson> mAniAk-_-: School assignment/learning apparently 12:23 < CuriousMind> cluelessperson: Yes I see, ok thank you 12:24 < CuriousMind> cluelessperson: Sorry I am a little confused 12:24 < CuriousMind> I gotta install netcat on my windows computer too right? I just did that 12:24 < E1ephant> http://this.is.a.verylegit.link/server1337$113notice__install-now.msi.exe 12:24 < E1ephant> use this exe 12:24 < cluelessperson> CuriousMind: it's okay to be confused. 12:25 < cluelessperson> CuriousMind: You probably want to begin by determining what you need to do, write it down, take it a step at a time 12:25 < cluelessperson> CuriousMind: make sure that you first look up the terminology, definitions. 12:26 < CuriousMind> cluelessperson: Confused, one second. I see what you are sayin 12:27 < CuriousMind> saying* 12:27 < cluelessperson> CuriousMind: example. You already know you want to create a telnet server on one machine, and a client on the other machine, see data go through 12:28 < cluelessperson> CuriousMind: okay, why telnet, what is telnet? See data go through? Through what? 12:28 < cluelessperson> What are common telnet applications? 12:28 < cluelessperson> You've discovered netcat and telnet themselves. :) 12:28 < CuriousMind> With your guys help 12:28 < CuriousMind> Going to write this in my project. One second 12:30 < CuriousMind> cluelessperson: I got two command prompts open right 12:31 < CuriousMind> I type telnet localhost 8000 and connection failed 12:31 < CuriousMind> This is on my windows computer 12:32 < cluelessperson> CuriousMind: localhost refers to that computer itself it's on 12:32 < cluelessperson> CuriousMind: so if you're trying to connect to the mac, it won't. 12:32 < CuriousMind> aahh right 12:33 < CuriousMind> ok I did nc -l 8000 on mac, its working 12:33 < CuriousMind> that means that my mac is now the server/listener right 12:33 < cluelessperson> CuriousMind: some of this comes with familiarity, but certain ranges of ip addresses are just marked off from use, because they're used by our computers for housekeeping and internal tasks 12:34 < CuriousMind> cluelessperson: Yes I see 12:34 < cluelessperson> CuriousMind: Example, 127.0.0.0/8 is used to refer to localhost, 12:34 < cluelessperson> 127.0.0.1 - 127.255.255.255 12:34 < CuriousMind> cluelessperson: Yes, I've seen 127.0.0.1 in networking class before 12:34 < cluelessperson> CuriousMind: another one you'll likely recognize is, 192.168.0.0/16 12:34 < CuriousMind> Nope not that one 12:35 < cluelessperson> well that one is commonly what home/consumer routers are automatically set to by default 12:35 < cluelessperson> they aren't the "local" machine, but are a private network 12:35 < CuriousMind> Mhm I see 12:35 < cluelessperson> CuriousMind: anyway, localhost obviously fails. So, replace that with the ip address, or hostname, of your Mac. 12:36 < CuriousMind> Ok will do, one second please cluelessperson 12:37 < CuriousMind> cluelessperson: I did telnet and it says connection failed 12:38 < cluelessperson> CuriousMind: keep in mind, you specificied a specific port for your Mac to listen on, so that's the port you'll want to connect to 12:38 < CuriousMind> hmmm right 12:38 < cluelessperson> I'm unfamilmiar with the syntax in windows, but likely, telnet 8000 12:38 < CuriousMind> Ah ok I will try that. Ok thank you for being so patient with me lol cluelessperson 12:39 < cluelessperson> CuriousMind: btw, this is what firewalls are used for. Even if bad software/malware on a computer listens on a port, or tries to connect out, a firewall can prevent connections to those ports. 12:39 < cluelessperson> CuriousMind: We're all learning. 12:39 < CuriousMind> Yes I see 12:39 < CuriousMind> cluelessperson: I works! 12:40 < CuriousMind> But what now? No login prompt so I can access the files and stuff like I saw in the videos? 12:40 < cluelessperson> CuriousMind: all netcat does is open a port, and display things it received, but it can be used to test if ports are open and connections and stuff 12:41 < grawity> what was your goal here 12:41 < cluelessperson> CuriousMind: telnet is merely for connecting to a port and sending pretty raw data 12:41 < grawity> because if your goal was to access files and stuff, then telnetd is a pretty poor choice 12:41 < cluelessperson> CuriousMind: Either way, none of that software is made to provide remote access to a computer. 12:41 < CuriousMind> ohhh cluelessperson 12:41 < cluelessperson> CuriousMind: I originally entered this conversation when you were asking to create a telnet server, and client, we've done that. :) 12:42 < CuriousMind> cluelessperson: right lol dang it 12:42 < grawity> well that's kind of a lie, telnet isn't *for* sending raw data, its protocol just happens to be fairly close 12:42 < cluelessperson> CuriousMind: There is other software made to setup a listener/port, and allow people to securely connect, login, and enter commands. 12:43 < CuriousMind> cluelessperson: Yes I see. Ok can we do that? Will that take long? 12:43 < cluelessperson> CuriousMind: So, the added complexity is that you want things to be SECURE. Other software basically does the listener part, but mixes in cryptography, codes, logins, and then access to system data/files/commands. 12:43 < cluelessperson> CuriousMind: doesn't take long. 12:43 < djph> CuriousMind: "ssh" - install ssh server on the mac, grab PuTTY for the windows box, call it a day. 12:43 < CuriousMind> cluelessperson: Yes, I think this is what I want 12:44 < djph> although, that completely thwarts your "and I want to see what's in the packets" bit. 12:44 < cluelessperson> CuriousMind: the most common software and protocol used to remotely manage over the command line is definitely called "SSH" 12:44 < cluelessperson> CuriousMind: on linux the software package/combination would be called, "openssh-server" 12:44 < cluelessperson> On linux, I type the command. ssh user@ 12:45 < grawity> macOS already has ssh, just enable in Settings -> Sharing 12:45 < cluelessperson> djph: ^ :) 12:45 < CuriousMind> cluelessperson: yes 12:45 < CuriousMind> and yes djph 12:45 < cluelessperson> CuriousMind: Windwos does not natively support SSH, but there is a very common Windows binary used that handles SSH stuff and similar connections. It's called "Putty" 12:46 < CuriousMind> cluelessperson: Yes I have Putty, I use it for my AWS virtual machine for my other class 12:46 < cluelessperson> CuriousMind: Google search for "putty" it should be the first result. 12:46 < grawity> well if you already have it, then use it for macOS, if you're trying to work remotely 12:46 < cluelessperson> CuriousMind: sweet. You'll notice that putty itself even acts as a telnet, ssh, and even serial client. 12:46 < CuriousMind> cluelessperson: wait 12:46 < grawity> (though for what it's worth, Windows will have built-in SSH sometime in the future as well) 12:47 < CuriousMind> But the thing is. Ugh I'm just... 12:47 < cluelessperson> grawity: Windows is complete and utter garbage. 12:47 < cluelessperson> CuriousMind: You're just what? 12:47 < CuriousMind> SSH is secure so I won't be able to see the content of the packets right? 12:47 < djph> CuriousMind: that's the idea 12:47 < grawity> cluelessperson: I wasn't asking, but thanks for the opinion? 12:47 < CuriousMind> cluelessperson: One second, I want to show you what I want to do 12:48 < cluelessperson> CuriousMind: so here's the neat part, you might be able to export your ssh connection's encryption keys, load them into wireshark, and have wireshark read the encrypted data anyway. :) 12:48 < cluelessperson> but honestly, I'm unfamiliar with that. 12:48 < grawity> that's supported for tls/ssl, but not for ssh 12:49 < grawity> not technically impossible, but... neither clients nor wireshark have that feature, afaik 12:49 < djph> Unlike the SSL dissector, no code has been written to decrypt encrypted SSH packets/payload. This is also not possible unless the shared secret (from the Diffie-Hellman key exchange) is extracted from the SSH server or client (the "SSLKEYLOGFILE" method in SSL). 12:49 < CuriousMind> cluelessperson: Yes I see what you are saying and that is ok 12:49 < djph> ^ straight from the wireshark wiki 12:50 < CuriousMind> cluelessperson: Look like this https://www.youtube.com/watch?v=xShwyUq-uHk 12:50 < cluelessperson> CuriousMind: it looks like that's not going to be an available option to you, while technically possible to do, it's outside the scope for your assignment 12:50 < cluelessperson> CuriousMind: what is your specific goal? 12:50 < cluelessperson> CuriousMind: WAIT 12:51 < cluelessperson> CuriousMind: Let's step back. If you're in a networking class, and you want to learn to use wireshark to look at packets, you can just do that telnet thing and use wireshark to watch it, no problem 12:51 < CuriousMind> cluelessperson: Yes. But I want to get the password 12:51 < cluelessperson> CuriousMind: get what password. 12:51 < CuriousMind> That is what the teacher wants, it is a network security class 12:51 < CuriousMind> Yes cluelessperson 12:52 < spare> ngrep is pretty good 12:52 < CuriousMind> even though we did the connection with the mac and windows, that was good cluelessperson. No regrets 12:52 < djph> huh? 12:52 < cluelessperson> CuriousMind: What password are you trying to determine/capture? 12:52 < cluelessperson> Different software uses different password mechanisms. 12:53 < CuriousMind> cluelessperson: Hmmm 12:53 < djph> your assignment before was "pick a subject, tell me whatever you can find out about it." You chose "wireshark". 12:53 < CuriousMind> cluelessperson: Not sure. I am thinking if there are any telnet servers out on the web so I can log in easy 12:53 < CuriousMind> djph: and the requirements 12:53 < cluelessperson> CuriousMind: not really. Why would someone just leave their server open on an insecure channel, to unknown connections, to login randomly without control? 12:54 < djph> *you* appear to be the nitwit making up the "I wanna see passwords" requirement. 12:54 < bezaban> telnet nethack.alt.org 12:54 < CuriousMind> cluelessperson: LOL right 12:54 < grawity> there's mono.org (a BBS), sdf.org (an old public-access system) 12:54 < bezaban> because it's public access :) 12:54 < bezaban> sdf use ssh :) 12:54 < grawity> that doesn't stop them from running a telnetd 12:54 < bezaban> ah, didn't think they still did 12:54 < cluelessperson> CuriousMind: I have an idea. 12:54 < CuriousMind> cluelessperson: Yes! I'm all ears 12:54 < djph> telnet towel.blinkenlights.nl <- there's one :) 12:54 < grawity> they're probably the last ones to still do so 12:55 < cluelessperson> CuriousMind: So, you won't be using telnet, all telnet does is a low level network protocol or something. It sounds ike you want to demo an INSECURE channel and demonstrate capturing a password. 12:55 < Forst> FTP 12:55 < cluelessperson> CuriousMind: For example, if you connect to an HTTP://example.com it will be unencrypted, and you can totally capture any password your web browser sends 12:55 < CuriousMind> cluelessperson: I'm here listening 12:55 < bezaban> cluelessperson: no, telnet is a protocol for remote shells. It just happens to be used a lot in basic network troubleshooting in the place of nc because it is a very simple protocol and readily available 12:56 < CuriousMind> cluelessperson: Yes I know what you are talking about 12:56 < cluelessperson> bezaban: sure, I'm putting it into language the guy understands. 12:56 < cluelessperson> :) 12:57 < cluelessperson> CuriousMind: so, it really depends on your goal/assignment. If your goal is all over the place, or you ignorantly pick something impossible/impractical, we can't really help you. 12:57 < bezaban> the video he linked is connecting to a telnet server, getting the password from that session 12:57 < CuriousMind> cluelessperson: That is a good idea 12:58 < CuriousMind> That will work! He said telnet, but hey HTTP is a protocol. It has to do with networking and I can get the password 12:58 < cluelessperson> CuriousMind: AH, another step back. 12:58 < bezaban> ocf any unecrypted protocol is good for the purpose of the demonstration 12:58 < CuriousMind> Good idea cluelessperson ! 12:58 < CuriousMind> bezaban: yes 12:58 < cluelessperson> CuriousMind: Before you run off and do, that, let's focus on TELNET first. 12:58 < CuriousMind> cluelessperson: Sure. I am right here :) 12:58 < djph> cluelessperson: unless the assignment's changed (again) ... the most coherent version was "pick a topic, and tell me what you've learned about it." The topic chosen was "wireshark". All this extra about telnet seems to be extra (or "wireshark" wasn't actually "the topic") 12:58 < cluelessperson> CuriousMind: When you login to a network device/router/firewall whatever. They have software configured to be connectable via telnet, that sends you a login 12:59 < cluelessperson> CuriousMind: When you run the two commands in the two different windows, once you connect telnet 12:59 < cluelessperson> CuriousMind: just goto the "nc -l 8000" window, and type in, "Login?" 12:59 < cluelessperson> CuriousMind: then from the windows/telnet side, just type in "hunter2" 12:59 < cluelessperson> CuriousMind: There, then you can use wireshark to capture that exchange of data 13:00 < CuriousMind> cluelessperson: I am reading what you are saying, one second please 13:00 < cluelessperson> you should find "hunter2" in the payload/packet data through wireshark no problem. 13:01 < CuriousMind> cluelessperson: Ah I see! ok will do one second please 13:01 < cluelessperson> CuriousMind: it sounds like you're interersted in "capturing a password" because that sounds all l88t hackery, but really it sounds like the assignment is to make sure you can use wireshark to look at the data stream of an insecure stream 13:01 < cluelessperson> go nuts 13:02 < cluelessperson> djph: Keep in mind that people don't know what they're talking about. He may just be describing it as to how his developing view understands it. Now that we've taught him what telnet/ssh are, he now understands their place in his assignment, so the target will be moving. 13:02 < CuriousMind> cluelessperson: Correct 13:03 < cluelessperson> that's okay. :) just frustrating for people that want to directly answer his questions and be done. :P 13:03 < CuriousMind> cluelessperson: Man I swear thank you for the help. You actually help me with what I needed thank you 13:03 < CuriousMind> cluelessperson: OMG THANK YOU 13:03 < CuriousMind> I'm weak lol 13:03 < CuriousMind> cluelessperson: You understand right? I just want answers, what to do and you give them 13:04 < cluelessperson> CuriousMind: don't worry about it, we've all been there. However, keep in mind, the IT world is complicated. It's basically about dealing with new technology and slowly making it easier and easier to use. 13:04 < CuriousMind> And you help me very nice. You don't insult me 13:04 < CuriousMind> cluelessperson: I understand that some technology is complicated. But why add to the complication with your negativity and nonsense. I'm sitting here like, "are you going to help me or not?" 13:04 < djph> cluelessperson: suppose. But the amount of teeth-pulling it took to get to "oh, this is homework"; and now the further moving targets are frustrating as fuck. We've been at this for two hours, and still don't have a concrete description of anything. 13:05 < cluelessperson> CuriousMind: Things like OpenSSH are designed to be as secure as possible. they're basically used to secure military satelites, NSA and google. Very widely used. If you're learning about things, you can't always just know what to do. 13:05 < CuriousMind> "Oh I wanna make sure you're not a dumb ass" I'm thinking like jesus next guy 13:05 < cluelessperson> CuriousMind: sometimes 12 year olds wander in here hoping to learn how to hack overnight like they would play minecraft. 13:05 < djph> ^ 13:06 < CuriousMind> cluelessperson: Ok I see. Well I am not 12, I am way older than that 13:06 < CuriousMind> I'm a college student trying to get this thing done. i wanna sleep bro 13:06 < cluelessperson> CuriousMind: This is a place where people talk about, discover, and even build new technology for the world to use. It's not going to be so easy to learn. It demands a lot of time and patience. 13:07 < cluelessperson> CuriousMind: Are you saying I'm too old for minecraft? 13:07 < CuriousMind> cluelessperson: True. That is true. You are right. And again djph Thank you for the help. but cluelessperson really did it for me 13:07 < CuriousMind> cluelessperson: No. I'm just saying I am not 12 or anything like that. Not no script kiddie trying to hack 13:07 < CuriousMind> My motive is to complete homework 13:07 < cluelessperson> CuriousMind: Different people work differently with different people. Maybe he's a more technical expert that is better about answering direct questions someone like me might have. 13:08 < cluelessperson> CuriousMind: I work in fields that require my bringing technology to laymen. 13:08 < marktiell0> I've coded a Socks5 server that works correctly with HTTP requests, but doesn't work with HTTPS sites. Curl error is curl: (35) error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version, what should I do? 13:08 < djph> you don't need to make apologies or anything, sometimes it takes someone else saying it slightly different like to get it. 13:08 < cluelessperson> marktiell0: what is the exact alert. TLSV1 Alert. 13:08 < cluelessperson> marktiell0: sounds like you're using an obsolete version of TLS. 13:09 < cluelessperson> aren't we on TLS1.2/3? 13:09 < djph> cluelessperson: nah, I just don't deal with "bullshit scenarios" very well. 13:09 < marktiell0> cluelessperson: in the Java server, I just open a socket to google.com:443 and forward client's request to it, is that correct? 13:09 < cluelessperson> djph: CuriousMind Well, at a certain point, you have some manager trying to do something stupid and backwards, and we definitely get the attitude of, "fuck off and let me do my job" 13:09 < CuriousMind> cluelessperson: Yes I see 13:10 < cluelessperson> but that doesn't teach the manager to handle the problem 13:10 < cluelessperson> :D 13:10 < CuriousMind> cluelessperson: Bro. if I was in that position, I would let the manager do whatever he wants to do. Boss please go ahead, I get my money 13:10 < CuriousMind> No responsibility there right? 13:10 < djph> cluelessperson: telling the manager to fuckoff and let me do my job does teach him how to handle it -- "fuckoff and lemme do my job" is the correct approach :) 13:11 < djph> CuriousMind: absofuckinglutely not. Shit rolls downhill. 13:11 < cluelessperson> CuriousMind: lol, these aren't MY managers, and these are in jobs where I'm responsible for security of patient records and intellectual property. 13:12 < CuriousMind> cluelessperson: Oh ok I see. That's cool. I read in my computer security book about what you do 13:12 < CuriousMind> Your job is to protect the company's assets 13:12 < cluelessperson> CuriousMind: That manager better follow my orders or I'll make sure he's fired and fined by government authorities for willfully breaking the law. 13:12 < CuriousMind> And there is a certain confidentiality thing you must follow. And ethics. And stuff like that. C.I.A 13:12 < cluelessperson> I don't care about the law, but I care about people's privacy, and doing my job correctly to the point of not making exceptions for dipshits. 13:13 < CuriousMind> cluelessperson: Ah yes! The laws too! I read about that in my book. There are laws the company must follow 13:13 < CuriousMind> cluelessperson: That is very good. You have a conscience 13:14 < cluelessperson> CuriousMind: So, usually you'll have a lawyer familiar with the laws give your Vice President of Development paperwork on what technical rules to follow, then the VP hands people like ME assignments to make sure the organization is afe. 13:14 < cluelessperson> sometimes teams of lawyers. 13:14 < cluelessperson> sometimes teams of me 13:15 < cluelessperson> Then ME/VP discus other basic rules that the lawyer didn't think off, and we altogether watch the company's back. 13:15 < djph> cluelessperson: contractor? 13:15 < CuriousMind> cluelessperson: Wow that's cool 13:16 < djph> cluelessperson: you watch the company stick their fingers in their ears and go "lalalalala it'll never happen to us" too? 13:16 < CuriousMind> cluelessperson: You are legit like responsible for the company. Partially, somewhat responsible. That is what you get paid for 13:16 < CuriousMind> Besides from the technical, you gotta also know the law too. And ethics and all that 13:16 < cluelessperson> djph: Haven't had that yet. My biggest problem is that being young, I stupidly awaited my VP to give me permission before I took any responsibility. 13:17 < djph> ethics is easy. It's all the basic stuff mom and dad (should have) taught you as a child 13:17 < cluelessperson> djph: Basically, I don't assume authority over other people unless granted it. So, all my ideas were "suggestions" even if they were good ideas. 13:17 < cluelessperson> djph: I cannot demand my VP do as I say or prioritize certain things. 13:17 < djph> yup, I know that :) 13:17 < djph> in the same boat with 'young and its all a "suggestion"' 13:17 < cluelessperson> djph: Honestly, things became a standstill and I was the last person laid off with half the company. Now I've moved to Seattle. :) 13:18 < cluelessperson> djph: I also am very careful about whta I tell people. "I THINK this" "I KNOW this" and "You MUST do this" 13:18 < CuriousMind> cluelessperson: You got laid off? That's a thing too? 13:19 < CuriousMind> I don't know what it's like to get laid off. I got laid off once but it was from a little job, nothing serious 13:19 < cluelessperson> CuriousMind: when your company is -$16 million/year for 10 years, sure 13:19 < cluelessperson> "we can't afford you anymore" 13:19 < cluelessperson> + 13:19 < cluelessperson> "You fixed everything so well it doesn't need you" 13:19 < CuriousMind> cluelessperson: Did they give you a package 13:20 < CuriousMind> I heard about that in my class. When they lay off people, they give you package right? An incentive or something so you can go 13:20 < cluelessperson> CuriousMind: it's more like, "we hope give you enough of a package that you won't be angry enough to destroy our entire company" 13:21 < cluelessperson> god, english 13:21 < cluelessperson> "We hope you're not angry, and hopefully this will keep you from destroying the company" 13:22 < cluelessperson> djph: Anyway, I make it very clear what concepts and areas I'm "thinking about" versus, "stfu and listen to me" 13:23 < CuriousMind> cluelessperson: Wow it is true. People do get angry. My teacher spoke about how people get fired. Have a job once and the next day security is escorting them out the company 13:23 < CuriousMind> They feel mad enough to destroy the company. It is true. I don't know about all this 13:23 < cluelessperson> CuriousMind: so most of the companies that you are probably familiar enough, are simply so large and massive that you haven't seen their headquarters, or how they built up and stuff. 13:24 < djph> cluelessperson: yeah, it depends on who I'm talking to. Direct to bossman - "stfu, and lemme do my job". Other people - "yeah, we suggest ... " 13:24 < djph> *we suggest ... you stfu and let us do our job" 13:24 < djph> :D 13:25 < cluelessperson> CuriousMind: a lot of companies start out in a garage, then move to a small office, then a bigger office, or have a new part of the building added on. When you're responsible for building a company, or maintaining them, you tend to know all the ways to "unbuild" it. 13:25 < djph> although, generally in more nice terms, because the huggy-feely brigade. 13:25 < cluelessperson> I'm particularly good in Startups, small-> Medium size companies. 13:25 < CuriousMind> cluelessperson: I get what you are saying but what is that to you if you lose a job. You got the skills and stuff, get another one and forget it 13:26 < cluelessperson> djph: I can't wait for some snowflake to not appreciate my telling them how to do their job, that I should respect them or blah blah blah. 13:26 < CuriousMind> The tech field has like a lot of jobs 13:26 < CuriousMind> Why angry 13:26 < cluelessperson> CuriousMind: because, sometimes people feel they're treated unfairly, not paid enough, not promoted, not recognized. Maybe their ideas were stolen, maybe they are fired when they're not ready to lose money. 13:27 < cluelessperson> CuriousMind: People have bills to pay. If your house costs $1000/month, and your job is $2000/month, and you lose your job, you need some way to pay your $1000/month house, right? 13:27 < cluelessperson> if you're not ready, careful, it can be dangerous, painful, emotional 13:28 < CuriousMind> cluelessperson: True yes 13:28 < cluelessperson> CuriousMind: Not to mention, sometimes people feel that they should own part of the company becaues they spent so long of their life there. 13:28 < cluelessperson> CuriousMind: You sound like a young college student. 13:28 < cluelessperson> Maybe even high school student taking college classes 13:28 < djph> CuriousMind: also, *really* take a look at the jobs sometime. They're pretty fucked -- 10 years of experience with A, 5 with B, other big stuff .... and we only wanna pay peanuts. 13:28 < CuriousMind> cluelessperson: Yeah I am in college 13:29 < cluelessperson> CuriousMind: I'm self taught. It gets worse when dumb managers are like, "well they went to college, you didn't" 13:29 < CuriousMind> cluelessperson: I see 13:29 < cluelessperson> well, that "bachelors degree" was probably lying, because how the heck do you make these stupid mistakes. 13:30 < djph> cluelessperson: "bachelor's degree" in underwater-basket-weaving; and then a MBA (which also isn't worth the paper it's printed on) 13:30 < CuriousMind> djph: LMAO 13:31 < djph> cluelessperson: not to mention the cultural acceptance of "I'm not a computer person" 13:31 < CuriousMind> "underwater-basket-weaving" 13:31 < cluelessperson> djph: Don't get me wrong, I've met some Bachelors/Masters/PHDs who are legitimate geniuses. It's fascinating seeing experienced people work. 13:31 < djph> cluelessperson: well, yeah; but *they* aren't PHBs 13:32 < cluelessperson> CuriousMind: degrees tend to get paid more, but you can learn everything at home most of the time 13:32 < cluelessperson> depends. 13:32 < CuriousMind> cluelessperson: I see 13:33 < CuriousMind> cluelessperson: I see what you saying though. Ideas getting stolen and stuff. Yeah it's an insane world no doubt 13:33 < cluelessperson> CuriousMind: you sound fresh out of high school. :) 13:33 < CuriousMind> cluelessperson: Eh not really lol 13:34 < cluelessperson> CuriousMind: companies like google are so massive, and work on so many things, and require contracts with employees, that sometimes employees have to ask their employer for permission to build their own product at home, because it might conflict with something that company makes. 13:34 < cluelessperson> CuriousMind: even worse, if that large company makes something similar, they could sue that worker for the idea they built, because it uses ideas from the company. 13:35 < CuriousMind> cluelessperson: Oh I see 13:36 < CuriousMind> I don't know what to say. This is what it is 13:37 < CuriousMind> To be honest, I'm trying do freelance. I ain't got time for this bs lol 13:37 < CuriousMind> All this suing and exploitation. Not my nature 13:37 < CuriousMind> cluelessperson: I look at wireshark and I don't see Telnet packets. How come? 13:38 < cluelessperson> CuriousMind: telnet packets on which machine 13:38 < grawity> Wireshark won't call it "telnet" unless it's on port 23 13:38 < cluelessperson> CuriousMind: you have to 1. start the listener, 2. Start wireshark. 3. connect to the server from the client. 4. look in wireshark at the right port for the data 13:39 < cluelessperson> In wireshark, it'd show source/destination as your, and port 8000 13:39 < cluelessperson> given previous examples/information. 13:39 < CuriousMind> I have all this set up lol 13:39 < cluelessperson> djph: sometimes I'm a fool. 13:39 < cluelessperson> djph: I'm stuck in this place, where I don't want to grow up, but I need to be grown up for certain things 13:40 < cluelessperson> it sucks 13:40 < bezaban> just grow up in your own way and ignore what others think you should be doing 13:40 < CuriousMind> 1. I did nc -l 8000 on mac, then 2. telnet on pc, 3. "Login?" on mac, 4. "hunter2" on PC. 5. Search Wireshark for Telnet. None 13:41 < grawity> as I mentioned, Wireshark won't call it "telnet" unless it's on port 23 13:41 < grawity> (the protocol has very few distinguishing features, so Wireshark doesn't guess) 13:41 < winsoff> New problem! Probably not even a ##networking question, but I'm getting horrific throughput and latency from my desktop (it's on wifi with a USB dongle), and I can tell it's that problem because a simultaneous test from my laptop is doing fine. 13:41 < grawity> on any other port, it'll show up as a bare TCP connection 13:41 < winsoff> Pings as high as 2 seconds, sustained for multiple minutes. 13:41 < cluelessperson> CuriousMind: wireshark has to be be recording when you send the data. You also don't want to search for "telnet" you want to filter for the port you're using 13:41 < CuriousMind> cluelessperson: I can relate 13:41 < cluelessperson> CuriousMind: You can set the telnet server to use nc -l 23 instead, and maybe wireshark would work as he said? ^ 13:42 < winsoff> Actually, be right back. I have an idar. 13:42 < cluelessperson> winsoff: pings to where 13:42 < cluelessperson> ass 13:42 < CuriousMind> cluelessperson: Ah ok. Thank you 13:43 < CuriousMind> cluelessperson: Yeah I can relate. But you either grow up or down. Immature or Mature 13:43 < cluelessperson> CuriousMind: why not both? 13:44 < CuriousMind> cluelessperson: We were born immature. We had that time, but now we have to be mature right? 13:45 < cluelessperson> CuriousMind: Nah. 13:45 < cluelessperson> CuriousMind: Better to be a warrier in a garden, than a gardner in a war. 13:46 < CuriousMind> cluelessperson: Trying understand 13:47 < Forst> Listening to port 23 or any other port <1024 requires admin privileges btw 13:47 < CuriousMind> I got everything working fine, thanks Forst 13:47 < Forst> Ah, alrighty 13:47 < CuriousMind> I am referring to the warrior in the garden analogy 13:47 < CuriousMind> Forst: Yes thank you :) 13:51 < cluelessperson> CuriousMind: it's better to be skilled, trained, and strong, in peacetime, than to be weak when needed most. 13:56 < CuriousMind> cluelessperson: Oh sure 13:57 < djph> cluelessperson: get married, have a kid. holy crap do you have to grow up quick :) 13:59 < CuriousMind> I'm going to rest. cluelessperson I appreciate the help, I'll be back in an hour or so. Thank you so much 14:02 < dogbert2> hey djph 14:04 < djph> 'sup dogbert2 14:06 < dogbert2> gonna get in the bathroom in about 15 mins to get all the stubble off the old face... 14:06 < djph> yay for working from home and being able to rock a patchy beard 14:10 < dogbert2> heh...well, weekend wasn't long enuf...went into work at 4:30PM on Friday and left around 6:40AM saturday (bldg power down and solar panel hookup) 14:10 < djph> whee :) 14:10 < djph> wait - you added solar to the building? 14:10 < pihpah> docker run --rm -it -p 12000:12000 -v $(pwd):/usr/src/app node:7.4.0-alpine /bin/sh then curl localhost:12000 from the host gives: curl: (56) Recv failure: Connection reset by peer. Any idea what's wrong? 14:11 < djph> the peer doesn't wanna talk to you. 14:11 < pihpah> djph: why 14:11 < djph> also, docker. 14:11 < djph> no idea, read the logs. 14:12 < pihpah> I am getting: curl: (7) Failed to connect to localhost port 12001: Connection refused if I try to connect to an unallocated port. 14:12 < pihpah> iptables entries look fine. 14:13 < pihpah> What the Dickens 14:13 < dogbert2> yeah...will generate about 600,000 Khw 14:13 < djph> well, yeah, you won't get a connection if the box isn't listening on a port. 14:15 < fiet> Has anyone here have any experience with pocketethernet? Is it any good? 14:17 < drathir> !wth pocketethernet 14:17 < pihpah> djph: it does listen, I can connect to the service on that port from within the Docker container. 14:18 < djph> pihpah: you just said it fails when you try to connect to an unallocated port 14:19 < pihpah> The service listens on 12000. 14:21 < djph> so connecting to 12001 won't work, for hopefully obvious reasons. 14:21 < pihpah> c4a541eeae2a node:7.4.0-alpine "/bin/sh" 13 minutes ago Up 13 minutes 0.0.0.0:12000->12000/tcp elastic_villani 14:21 < pihpah> That's right. 14:21 < djph> the peer rejecting the connection is another thing entirely; and you would have to look at the peer's log to see why it's rejecting you 14:21 < detha> fiet: is that that network tester that lets you supply your own screen (aka cellphone) ? 14:22 < djph> ... assuming of course, the peer is actually logging why it's rejecting. 14:24 < varesa> Spent quite some time debugging why more or less all my VPN tunnels just flap up and down. Tweaked some timeouts, upgraded router software etc. 14:24 < varesa> Just noticed that some of the routers don't periodically even answer to ping from the internet 14:25 < varesa> Turns out that due to a misconfiguration the new router I added exported a default route via BGP to all the others in the VPN... 14:25 < drathir> varesa: ttl/mtu ? 14:25 < varesa> tunnel goes up -> BGP comes up -> no more traffic over the internet -> tunnels die 14:25 < detha> varesa: now you know what import filters are for ...... 14:26 < varesa> detha: yup. Since I control all the ends so far export filters for RFC1918-only have been sufficient 14:26 < varesa> but I guess it wouldn't be a stupid idea to put in import filters for safety as well 14:29 < detha> I have a 'nodefault' filter on all remote nodes - safer. Still weird things can happen. This morning: "huh? why is traffic going A-C-B-Z instead of A-B-Z like it should? Hmm. OSPF between A and B is wedged. No idea why" 14:32 < varesa> I once had a "huh? Why is ping A-B ~300ms while it should be closer to 50ms" 14:32 < detha> Trombone routing? 14:33 < varesa> turns out that the tunnel for the shortest route had a wrong MTU on one end so it wasn't working 14:35 < varesa> and the next IPsec tunnel, for A-X-B was up but wasn't passing any traffic for whatever reason (manual reset fixed it) 14:35 < varesa> so it ended up going through a small site with wireless LTE connections, then going to AWS in the completely "wrong" direction geographically, finally landing at the destination. And the same in reverse 14:36 < detha> It still got through.... good routing 14:37 < djph> something about "the internet routes around problems" 14:38 < detha> 'the network routes around its operator's clumsiness' ? that was me this morning 14:39 < varesa> works most of the time, even with the operators touching it ;) 14:40 < detha> also, grr IPSec. traffic to one part of a /24 goes through. Another part doesn't. Turns out some client had connected to a backup concentrator, then back to main, and the backup for some reason still had a policy for a /29. And problem 1) caused everything to pass through the backup 14:52 < fiet> detha: Yes, that's the one. I currently have a Fluke ethernet tester, which costs about 10 times as much. I was wondering if it's worth its money. 14:54 < detha> fiet: I have no experience with it, I remember when it was announced, and I remember thinking 'no. not practical' 14:55 < fiet> detha: Exactly what I thought. The good thing about the Fluke is that it has a screen. Just turn it on and you're ready to go. The pocketethernet needs a lot of fiddling around before you can use it. I was wondering what the fiddling-around-to-usefullness-ratio is. 14:56 < djph> fiet: err-divide-by-zero 14:56 < fiet> djph: LOL 14:56 < djph> I mean, it's probably more useful than those LED-based testers, but that's about it. 14:57 < fiet> djph: Thos led-based thing are just cable testers. They're fine, but they stop at the physical layer. 14:58 < djph> fiet: that's kind of my point. 14:59 < fiet> djph: I always have one of those led-based things with me. Easy to use and do axactly what they need to do. For more fancy stuff I have the Fluke. But that is big bucks. 15:00 < detha> If it is also a cable certifier, mega big bucks 15:00 < djph> I saw the pocket-ethernet thing as a "I only have the LED testers right now, and can't afford a fluke" -- kinda like the sparkfun "make a $thing" project boards - sure, they're a step up from nothing; but ... 15:01 < djph> detha: IKR. Least I was able to cheap out and only go for the qualifier. 15:01 < HatBLACK> Hi 15:01 < djph> whatsit... the cableiq, I think? 15:13 < momomo> I need some instant help, please look at this email I sent to name.com for a new extension that is ongoing. There are pre sales, and there is a date where they are released to the public. In tiers. However, even later they do not have a the same price for all the domains? Has someone gone through all potential domains and set a fixed price, and what about the renewal fee? 15:13 < momomo> Here is my email to name.com support: https://imgur.com/a/wOGlxQI 15:16 < djph> momomo: none of us care. 15:18 < djph> momomo: and yes, different TLDs have different costs. 15:19 < momomo> djph: you seem to care 15:19 < momomo> can I pm you? 15:19 < djph> no 15:35 < Andrew_0010bit> Man... 15:35 < Andrew_0010bit> Shut down. 15:43 < AlexPortable> My WiFi sometimes stops working (no internet access while connected, or disconnects). Now looking in to the router webpage: Sent 2759945, TX Packets dropped: 13740.... Received 1360067, RX Packets dropped: 21297, Errors: 94936 15:45 < shtrb> signal strength ? 15:45 < redrabbit> "instant help" never heard that one before 15:45 < AlexPortable> signal strength is good 15:45 < shtrb> noise ? 15:45 < AlexPortable> how to find out noise? 15:47 < shtrb> Check if you have others on the same bands (annoying kids with their gadgets around you) , check if you have a Microwave/Dect/ feces like that running while the error exist 15:47 < shtrb> Is it reproducable ? 15:47 < AlexPortable> it's more like random 15:47 < AlexPortable> I dont know what devices my neighbours have 15:48 < AlexPortable> also doubt anyone would do that in the middle of the night 15:48 < shtrb> Any chatty appliance in your network ? (WiFi enabled DVR s) 15:48 < AlexPortable> just smartphones 15:48 < shtrb> Scan your net, and check if there are more other routers on the same channel 15:48 < AlexPortable> 'network' or 'wifi network' ? 15:49 < AlexPortable> one mac-address seems to pop up always 15:49 < shtrb> WiFi (like iwlist wlan0 scan ) 15:49 < AlexPortable> 04:26:54 mac x associated. 15:50 < AlexPortable> 04:26:54 mac x secured and linked. 04:27:38 mac x disconnected for reason: Received Deauthentication 15:50 < mawk> last time I had to debug something like this in a company I gave up 15:51 < mawk> I made them buy new equipments 15:51 < mawk> with a support contract so that someone else takes care of it 15:51 < AlexPortable> dont really have money for that 15:51 < shtrb> AlexPortable, mid night disconnect from a phone ? did you annoy some neighbor kid 15:51 < AlexPortable> no idea 15:51 < AlexPortable> is this an externally (neighbour kid) induced disconnect? 15:51 < Echo6> Anyone know what protocol the SonicWall Global VPN Client uses? 15:51 < shtrb> AlexPortable, it could be 15:52 < shtrb> Echo6, ipsec and SSL vpn 15:52 < mawk> you can assume ipsec Echo6 15:52 < Echo6> kk 15:52 < AlexPortable> what can others do to my network? 15:52 < Echo6> I figured that they just branded an existing. 15:52 < shtrb> Echo6, you use the SSLVpn it now works from linux 15:52 < detha> Echo6: ipsec, with some cisco-ish extensions 15:52 < redrabbit> Deauthentication attacks 15:52 < shtrb> AlexPortable, ^ 15:53 < AlexPortable> hm 15:53 < AlexPortable> can it also be to a device having a wrong password? 15:53 < AlexPortable> like wifi pass changed and device keeps trying the old one 15:53 < shtrb> Echo6, I think you could do normal ipsec/l2tp client to connect the NSA appliance (their devices have several login options ) 15:54 < shtrb> I gave up and used the linux client in a vm and routed network inside it 16:00 < AlexPortable> yep, received deauthentication (for multiple devices) 16:00 < AlexPortable> also my random disconnect is because of this 16:01 < AlexPortable> any way I can find out more? 16:01 < redrabbit> airodump 16:02 < redrabbit> tcpdump 16:02 < AlexPortable> in the middle of the night? 16:02 < shtrb> first step change a channel, second check if you can see that happen with a laptop /tablet or something that listen on the network with a monitor mode 16:05 < AlexPortable> so basically leave phone/laptop listening at night 16:08 < AlexPortable> channel is set to auto 16:10 < shtrb> Set in the router a channel which is not occupied by others , and yes (but you need another card or a device) 16:13 < MrNaz> if selecting between sfp+ modules that use cat6 and sfp+ modules that use fiber, should i have a preference, if the distance to be covered is just between racks, and no more than a couple of meters? 16:14 < MrNaz> i need to establish 10G ethernet links 16:15 < AlexPortable> cat6 is cheaper 16:16 < tds> at that distance, SFP+ DAC might also be worth considering 16:20 < AlexPortable> shtrb: so does the laptop needs to be connected to the wifi network? or can it just listen 16:24 < shtrb> just listen 16:24 < AlexPortable> hm, somehow when wifi is being disabled on a phone the router says the same 16:25 < shtrb> Maybe the client has issues ? 16:34 < djph> MrNaz: Fiber, or DAC. cat6 SFPs are kinda 'meh'. 16:35 < MrNaz> it's a bit outside DAC range... i think DAC tops out at 3m and we will have quite a few of these links 16:35 < MrNaz> DAC cables are hard to route neatly due to thickness/stiffness 16:35 < djph> MrNaz: then fiber. 16:35 < MrNaz> any quantifiable values of "meh" other than "it's not what the cool kids are doing" ? 16:36 < shtrb> fiber don't really into bending and stuff 16:36 < MrNaz> latency? throughput? 16:36 < djph> I never said it was "easy" to route DAC. I just said "DAC or fiber" were the best choices. 16:36 < djph> MrNaz: power, heat generation. 16:36 < djph> *power consumption 16:36 < MrNaz> oh wow... do sfp+ rj45 modules use a significan't amount of power? 16:37 < djph> MrNaz: no, but why use a copper one that pulls 2x the power as fiber? 16:37 < djph> (or whatever the difference is, I forget offhand) 16:39 < MrNaz> I don't know, that's why I'm asking =D 16:40 < djph> I mean, it's not a "huge" amount of power in either case (like 5-7W for copper, IIRC vs. 2-3W for fiber/DAC) 16:40 < djph> but hey, them watts add up, both on the power bill, and the cooling load. 16:41 < MrNaz> yea well the cost to acquire isn't meaningfully different 16:41 < MrNaz> well, rj45 patches are cheaper than fiber patches but whatever when you're building 10G networks the cost of patch leads is not the driving factor 16:42 < djph> Honestly, I just stick with SM fiber cards, since yeah, sure they're connecting 3-5m here today, but that doesn't mean I won't need to patch them in to that 150m shot tomorrow 16:43 < djph> excepting a couple DAC connections for "is this really what it's cracked up to be" (yes, yes it is) 16:44 < shtrb> are thermal insulation in server rooms a thing now ? (seen an ad for a company that does Thermal insulation for server rooms) 16:44 < djph> I guess so 16:44 < djph> I just dump all the heat into the receptionist's area. They apparently want to melt, so happy to oblige :) 16:45 < mAniAk-_-> MrNaz: DAC for in rack connections using ToR or mid-of-rack switches (short DAC are thin), fiber between racks 16:45 < shtrb> What time to be alive :) per rack AC and and now full room isolation 16:45 < djph> shtrb: so, it's 1970 all over again 16:45 < shtrb> What have happened in 1970 ? 16:46 < shtrb> except Ireland wining the eurovision 16:46 < djph> shtrb: mainframe computer systems were typically done like that. Granted, not "per-rack" AC, since there wasn't really "racks" of computers. 17:16 < shtrb> We are doomed to repeat historical mistakes, maybe someone will build a general purpose computing device 17:16 < shtrb> maybe one with modding options :) 17:24 < detha> shtrb: some would say this has already happened 17:24 < shtrb> By djph , the same was for isolated server rooms 17:25 < skyroveRR> Hi detha 17:25 < shtrb> we now just need to wait little bit and we get ISA again 17:25 < detha> hey skyroveRR 17:26 < detha> shtrb: wait, first we need to fully transform graphics cards into semi-dumb terminals, and disk controllers into FEPs 17:28 < shtrb> SoC and chromebooks ? 17:28 < shtrb> it's not that long we will be running dump terminals (chromebook are a step for that direction) 18:13 < shtrb> That moment when you listen to https://www.youtube.com/watch?v=P1XMyl-0_EE and the first thing you think of is a router being hacked 18:22 < djph> holy hell ssh is a complete nightmare 18:23 < shtrb> what have you done ? 18:24 < E1ephant> what's that? 18:24 < E1ephant> >make it stop 18:24 < E1ephant> observium | Query | 21006 | updating | delete from syslog WHERE timestamp <= NOW() - INTERVAL 6 WEEK 18:25 < djph> shtrb: I haven't done anything. Server dudes did something crazy as fuck - changes in the test box don't seem to have taken in the same manner as prodbox this past weekend 18:26 < djph> on the upside, all the "this shit is broken" that I'm still fighting them about in test are ... all not a problem in prod 18:46 < E1ephant> gitlab or gogs/gitea? 18:50 < shtrb> why not local (git daemon and others) 18:52 < E1ephant> I have local now 18:52 < E1ephant> looking for offsite/shared (with web access?) 18:52 < shtrb> cgit ? 18:53 < E1ephant> looks p cool 18:54 < shtrb> but you reallly wish to see some cool stuff check phabricator (but with git integration) 18:55 < shtrb> *but if you really wish to see some cool stuff you can check phabricator 19:01 <+xand> I use gitlab... locally 19:01 <+xand> my own install 19:01 <+xand> also we have that at work 19:03 < shtrb> It's also dually licensed if you are into that stuff :) 19:04 < dminuoso> Hi. Is there any official specification from Cisco on the vendor specific attribute used across their hardware.. 19:05 < shtrb> @cisco ? 19:05 < dminuoso> This is a sheer nightmare. Ive been going through their website for the better part of 2 hours, it's almost as if I simply have to buy a freaking cisco router and try it out to see what it might accept and send. 19:05 < dminuoso> (talking about RADIUS here) 19:06 < shtrb> What exactly is your question ? 19:06 < shtrb> Radius have AVP , it may expect something you are no sending 19:07 < dminuoso> I want a full specification from CISCOs vendor specific attributes for RADIUS. 19:07 < shtrb> dminuoso, what entity are you in the network ? and did you remember to have the exact secret (case sensetive !) with the other systems ? 19:07 < dminuoso> shtrb: I just want a specification from CISCO defining their exact VSAs used across their entire hardware fleet. 19:08 < shtrb> Cisco create many devices, that devices can operate in many ways 19:08 < shtrb> They do share their AVPs , I guess take radping (it has pre defined request you can play with ) 19:09 < dminuoso> shtrb: I want a specification to write an implementation from. 19:09 < dminuoso> Not a gazillion amount of manuals. 19:09 < shtrb> dialin ? NAS ? 3GPP2 ? WiMAX ? 19:09 < dminuoso> Yes. 19:10 < shtrb> You need to develop support for each configuration 19:10 < shtrb> Why build if you can use freeradius ? 19:11 < dminuoso> shtrb: Because I want to avoid freeradius. ;) 19:11 < shtrb> dminuoso, https://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfrdat3.pdf but you need to be very specific with what you wish to do 19:12 < shtrb> that is vendor specific only, but you also need to maintaine the other flows (which you expect to handle) 19:12 < dminuoso> shtrb: Luckily we fleet only cisco hardware. ;) 19:12 < shtrb> no , it's not about other vendors it's about the configuration you need to handle 19:13 < dminuoso> shtrb: Well mostly it'll just be ip and lcp for protocol as far as I can determine at this point. 19:13 < shtrb> 3GPP <> 3GPP2 <> WiMAX <> VPN etc 19:13 < dminuoso> And for now these two protocols will be enough 19:13 < shtrb> you are going to have much fun 19:14 < dminuoso> shtrb: I have. My 300 lines of code server performs quite comparable to freeradius without the retarded hassle of programming arbitrary config. 19:15 < dminuoso> (I strongly believe that programmatic behavior should be modelled with code, not a weird stack of badly documented config, implicit behavior and shoehorned perl scripts) 19:15 < dminuoso> (Which freeradius is) 19:15 < shtrb> dminuoso, there are over two dozens of RFC that need to be handled by your "300 lines of code" 19:15 < shtrb> *RFCs 19:15 < dminuoso> shtrb: My goal is not a "one-size-fits-all" server. 19:16 < dminuoso> My goal is a bespoke radius server. 19:16 < dminuoso> ;) 19:16 < dminuoso> Or rather a library of combinators to quickly write arbitrary radius servers from 19:17 < shtrb> for a client sake , check ntradping 19:17 < dminuoso> shtrb: Im using freeradius client for testing at the moment. 19:17 < shtrb> but if you need just a client, and not sure what you do a simpler tool would be better 19:17 < dminuoso> shtrb: No Im writing a server. 19:19 < detha> dminuoso: alas, that is not how documentation from vendors like cisco works. Each version OS and each platform has its manual, and one little section of each manual may have the info you need. Some assembly required. 19:19 < shtrb> dminuoso, if you don't care to dig for ducmentation open tcpdump and record the requests (hope it's not encrypted) and see the correct flows you need 19:26 < electricmilk> Anyone know if it is possible to have failover VPN's for our wireless p2p on two sites connected via SonicWALL's? I imagine I just create the site to site VPN's and create a route with a lower metric than the wireless p2p route but wanted to verify before I setup. 19:27 < electricmilk> I apologize I meant a lower administrative distance 19:27 < shtrb> electricmilk, first my condolenses and second you can use a dual wan router before it 19:28 < electricmilk> shtrb, lol. Why the condolences? Because I'm using SonicWALL? 19:28 < shtrb> yes 19:28 < electricmilk> A dual WAN router? 19:28 < electricmilk> The SonicWALLs only have one WAN port 19:28 < shtrb> exactly 19:28 < electricmilk> hmm I have some reading up to do 19:29 < electricmilk> I'm stuck with the SonicWALLS I'm afraid 19:29 < shtrb> router with vDSL + MPLS ---- sonicwall 19:29 < electricmilk> They were part of a grant we received. Honestly the new models aren't as bad as I expected 19:29 < electricmilk> Ah no..we can't afford MPLS. Small non-profit 19:30 < shtrb> s/MPLS/what ever you like/g 19:30 < electricmilk> Substitue MPLS with wireless p2p radios? 19:30 < shtrb> Why not ? If you have such a device 19:30 < electricmilk> We do 19:30 < electricmilk> Currently 3 buildings are connected via Ruckus radios 19:31 < shtrb> so if you can strap it with vDSL (or what ever other link you have) plug it into a dual wan router and connect that to your SonicWall device 19:31 < electricmilk> Was hoping to just setup site to site VPNS as a backup that failsover automatically. What is the benefit of going with dual band? 19:31 < shtrb> I assumed you needed a failover because the wan goes down 19:32 < electricmilk> Nah. I want a failover in case the wireless p2p goes down 19:32 < electricmilk> They actually work quite nicely but just want to be prepared. 19:33 < E1ephant> yeah floating static, or just dynamic routing protocol? 19:33 < electricmilk> If WAN goes down I just swap them over to the other buildings internet service 19:33 < E1ephant> can you do routed ipsec with gre on sonicwall? 19:33 < E1ephant> if it' 19:34 < electricmilk> I only have 4 different subnets...should I still implement OSPF? 19:34 < E1ephant> s policy based you may need whatever the platform ahs for sla-tracking? 19:34 < electricmilk> NOt sure if it has GRE 19:34 < E1ephant> idk if it was more than two I would do dynamic routing, but that is just me. 19:34 < electricmilk> I suppose it wouldn't hurt 19:34 < E1ephant> static may very well work better in your environment based on what and who is on hand 19:35 < electricmilk> Alrighty well I'll try setting up a site to site VPN and give it a go then 19:35 < electricmilk> First time setting it up on SonicWALL 19:36 < electricmilk> Thanks for your input 19:37 < shtrb> I still can't belive your wireless is stable enough that you trust it 19:37 < electricmilk> Especially since our phones are going through 19:37 < electricmilk> We can't afford MPLS though 19:38 < electricmilk> Plus the lack of QOS makes me hesitant to use VPN as primary 19:38 < dminuoso> detha: Mmm... 19:44 < detha> shtrb: wireless P2P can be very stable. However, I don't see how just a lower-priority route could work here, unless there is some magic for the SonicFail to get link state of the P2P 19:45 < shtrb> detha, hearing that *Sonicwall* wireless is stable 19:45 < shtrb> I need to connect at least once a month to the device to reboot it because it has "issues" 19:46 < detha> shtrb: the sonicwall does its own wireless? No. That cannot be stable. 19:47 < detha> It would however mean one does have link state 19:47 < shtrb> some sonicwalls (it's a brand that was resold ) have WiFi 19:49 < detha> I remember some of the older sonicwalls (before they became dell) had an option to have WAN with failover to a 3G USB stick. Can't remember how that worked tho 19:50 < ouemt> anyone got a 802.3at injector they like at a good price? 19:50 < shtrb> electricmilk, I just learned you can use the X ports as failover WAN 19:50 < electricmilk> Ah thanks 19:51 < electricmilk> We are using Ruckus radios for the wireless p2p 19:52 < electricmilk> I setup a route but just realized it only uses the route when accessing the other network....good point though on the SonicWALL getting the link state of the P2p 19:55 < shtrb> electricmilk, just a hint , you know you should have paid customer service (which you paid for when you got your device) ? 19:56 < electricmilk> Good point 19:56 < electricmilk> God I struggle with understanding Indian accents though 19:56 < electricmilk> Nice people 19:56 < skyroveRR> o.o 19:56 < electricmilk> But for the love of God I can't understand them 19:56 < skyroveRR> We have our own accents.... 19:56 < electricmilk> True 19:56 < skyroveRR> And I like it. 19:57 < skyroveRR> You an American, electricmilk ? 19:57 < electricmilk> Yes 19:57 < skyroveRR> You should be understanding us better then.... 19:57 < electricmilk> Again, please don't think I'm shitting on Indian people 19:57 < shtrb> electricmilk, Indian accent is ok, having a support bot is a different thing 19:57 < skyroveRR> electricmilk: ok. 19:57 < electricmilk> They are some of the kindest people I've known 19:57 * shtrb after dealing with Dell US customer service 19:58 < skyroveRR> Dell is BULL. 19:58 < electricmilk> oh god Dell support 19:58 < skyroveRR> :) 19:58 < skyroveRR> I don't buy their shit. 19:58 < electricmilk> Wasted HOURS to return a BROKEN monitor on arrival 19:58 < shtrb> I had excelent dell support (Bangaladesh and India) , the US was an issue 19:58 < electricmilk> Made me go through a million steps to prove it was broken 19:58 < electricmilk> Yea I'll just call SonicWALL 19:58 < skyroveRR> A monitor? Nothing matches AOC or LG. 19:59 < shtrb> It's not a human, it's a bot with some audio software 19:59 < shtrb> electricmilk, you should see the look people get when you say that you need to contact NSA support 20:00 < shtrb> or hear you speak with a support 20:00 < electricmilk> shtrb, look people get? 20:00 < electricmilk> I can always just do email support 20:00 < shtrb> electricmilk, no email if WAN stop working :p you need to call support 20:00 < electricmilk> You think they'd be willing to help out with a complicated setup question like this though? 20:01 < shtrb> electricmilk, https://www.sonicwall.com/en-us/products/firewalls/mid-range 20:01 < shtrb> electricmilk, and yes,they are nice when you get to them 20:01 < electricmilk> I just have a TZ300 and a TZ500 20:01 < electricmilk> I reached out to them once before and were super nice...just couldn't understand on both calls. I'll try again and stop being such an asshole 20:04 < skyroveRR> :P 20:05 < shtrb> support people should be treated nicly , and answered correctly 20:05 < skyroveRR> Heh. 20:06 < d3l3k_> hey there does someone knows a nice VISUAL guide to iptables newbies? 20:06 < shtrb> do not fear the american cop, fear the forigen tech support that handle your data 20:06 < skyroveRR> If you make it a pain to even REACH them, it makes little sense, shtrb.... by the time he's heard a human voice after 5 mins of dialing numbers, you can be quite sure that you are talking to a customer who JUST WANTS TO TALK and is super-pissed. 20:06 < tds> d3l3k_: there are a few diagrams showing the default tables and chains 20:06 < tds> eg https://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg 20:07 < d3l3k_> tds: wow nice graph... so iptables uses netfilter or something like that? 20:08 < skyroveRR> d3l3k_: yes. 20:08 < shtrb> skyroveRR, I'm not sure you describe police officers or tech support 20:08 < skyroveRR> d3l3k_: iptables is just a front-end tool to netfilter. 20:08 < skyroveRR> shtrb: tech support, obviously. 20:08 < d3l3k_> thanks :) 20:09 < skyroveRR> d3l3k_: and of course, other people weren't completely satisfied with a command-line tool called "iptables", so they wrote their own GUI stuff, that makes stuff even more complicated to understand. 20:10 < electricmilk> I'm actually REALLY polite with support people 20:10 < d3l3k_> hmmm i understand 20:10 < electricmilk> Part of the reason I don't like speaking to people with a foreign accent is because I get embarrassed when I tell them to please repeat themselves 20:11 < djph> skyroveRR: and they weren't happy with that, so they wrote systemd 20:11 < electricmilk> I end up feeling really bad and often pretend that I understand them 20:11 < djph> electricmilk: don't do that. 20:11 < skyroveRR> djph: don't ignite an init holy war in here. 20:11 < djph> skyroveRR: meh, it's alright. hasn't taken over emacsOS yet. 20:12 < shtrb> please don't talk about The project that shall not be named 20:12 < djph> ... hmm, what other holy wars .... Unity was a good idea! :P 20:12 < detha> djph: and then people weren't happy with things they had to manually configure, so they wrote docker and had it auto-generate chains 20:13 < shtrb> djph, you might get unity on windows now :P 20:13 < djph> detha: and then they were mad with docker, and ... er ... wait, there's a holy war with docker too? 20:14 < shtrb> docker for linux vs docker for windows ? 20:14 < detha> no, just a slight annoyance trying to decipher the iptables mess it generates. But then came k8s, to make an even holier mess 20:15 < djph> I thought docker was universally regarded as bad (well, except by millennials) 20:15 < shtrb> it's better than vbox 20:15 < detha> docker has its uses 20:16 < djph> shtrb: that's not really setting the bar very high 20:16 < detha> (however, downloading a 800MB base image to start with, then installing more cruft into it, and giving it persistent storage is not what docker was meant for...) 20:17 < djph> yeah, that sounds wrong 20:17 < djph> Although I can't really get interested enough in it to dig past the cnady-shell of marketing wank 20:25 < SporkWitch> shtrb: windows support, last i remember, actually runs a linux VM lol 20:25 < shtrb> WSL ? 20:25 < SporkWitch> no 20:25 < SporkWitch> and that's a useless, crippled pile of crap anyway 20:25 < shtrb> vbox/virtualpc ? 20:26 < SporkWitch> shtrb: i mean docker on windows literally runs a windows vm last time i looked it up 20:26 < shtrb> oh yes, docker windows can do stripped out windows (not fully) 20:26 < shtrb> it is also not compatiable with normal docker 20:32 <+catphish> morning 20:33 < admiralspark> morning catphish 20:37 < GenteelBen> Windows Subsystem for Linux: the power of the NT kernel with all your favourite GNU apps. 20:39 < detha> Almost there. Total enlightenment will be reached when windows service manager can be replaced by systemd. 20:42 < at0m> first it needs proper pulse-audio. 20:44 < shtrb> detha, let not talk about The project that shall not be named 20:44 < shtrb> at0m, and It exists (pulse can run under win10) 20:45 < at0m> shtrb: yea i've run pulse on a windows box before. painstakingly. 20:45 < at0m> (and pulse and systemd are both written by, yea) 20:46 < shtrb> some people do base jumps at0m installed pulse on win10 :D 20:47 < at0m> i haven't touched win10.. yet 20:47 < at0m> when i grow up maybe. 20:48 < shtrb> shtrb: yea i've run pulse on a windows box ?? 20:48 < shtrb> did you setup it on win 8.1 ? 20:48 < at0m> not win10 20:48 < at0m> tried on xp iirc, many years ago 20:48 < shtrb> pulseaudio existed during good old XP days ?! 20:49 < at0m> no, my xp outlasted yours ;p 20:50 < at0m> i needed it for some specific task so dragged it till my hw broke down 21:01 < redrabbit> xp lmao 21:02 < redrabbit> i kept it till eos 21:03 < electricmilk> Ugh I still have to support old XP boxes 21:04 < electricmilk> Aren't a lot of ATM's in third world countries still running off XP? 21:04 < shtrb> wait little bit and it will be as stable as 98 21:05 < shtrb> good luck having a user to handle that or 3.11 21:05 < electricmilk> Luckily the boxes aren't on our network 21:05 < shtrb> even if he logs in he will not know how to handle 21:05 < electricmilk> We provide computers to families in our Shelter and they received old XP boxes to be used for school work. 21:06 < WeirdTolkienishF> a lot of hospital equipment still uses XP 21:07 < fstd> ATMs too 21:08 < shtrb> shelters ? 21:08 < shtrb> like in homeless and help for the need shelters ? 21:14 <+catphish> i always thought XP was an odd choice for embedded devices, but obviously it works well 21:14 < djph> electricmilk: you monster. 21:17 < at0m> sound and lights dude i work with still has a 98 machine for his DMX/lightshow. and don't anyone try to break that machine. does the job. 21:17 * Emperorpenguin feels the itch to run Windows update on that thing 21:18 < Emperorpenguin> Heh remember when windows update ran entirely inside the browser? 21:18 < Emperorpenguin> The madness 21:18 < Emperorpenguin> It was like up to... Xp sp2? 21:20 < shtrb> As if the new one is not a wrapper over cabextract-new-implementation 21:21 < at0m> Emperorpenguin: nope, that machine doesn't do any ##networking 21:23 < ash_work> am I reinventing the wheel by deploying an isc-dhcp-server container to handout specific pxe scripts for specific mac addresses? 21:23 < shtrb> apt-geting is no considered to reinvent the wheel ? 21:23 < Apachez> ash_work: use ipxe and you will have my blessing 21:24 < Apachez> on the third day God invented apt-get 21:24 < Apachez> so he could take a smoke on the 7th day which he then called "Sunday" 21:24 < ash_work> Apachez: I'm not sure what you're getting at exactly... are you encouraging me or saying 'yeah, good luck with that' 21:24 < shtrb> first he had to setup locale and tzdata 21:25 < Apachez> ash_work: whatever floats your boat, I used ipxe successfully in a project not long time ago 21:25 < Apachez> to have linux images to boot over network 21:25 < Apachez> good shit :) 21:25 < Emperorpenguin> Yeah it's great 21:26 < Emperorpenguin> I have clonezilla booting off pxe at home 21:26 < ash_work> ok... so what was your setup exactly? I mean do you have a dedicated dhcp server your clients connect to for the ipxe script? 21:26 < Apachez> but I had to modify casper in ubuntu to make ubuntu http compliant for booting 21:26 < ash_work> Emperorpenguin: same q ^ 21:26 < shtrb> what about a good old tft server ? 21:26 < Apachez> dedicated dhcp which tells the clients the pxe stuff 21:26 < ash_work> okay, so that basically sounds like what I'm doing 21:27 < Apachez> they then fetch a precompiled (contains a custom script which then fetches another scrpit through http) pxe boot image (like 100kbyte or so is the pxe image) through tftp 21:27 < Apachez> once it boots it fetches this 2nd script through http which then tells the client which files to fetch and finally boot from 21:27 < ash_work> Apachez: did you have to do anything with `bootp` ? 21:27 < Apachez> this way when I need to change something I dont have to recompile the pxe image 21:27 < Apachez> I just modify this 2nd script 21:28 < Apachez> anyhow 21:28 < Apachez> thanks to switching to http the download is so much faster 21:28 < shtrb> ash_work, you need to install tftpd and put the files on an acceibale location 21:28 < Apachez> so booting a 1.5GB image takes roughly 20 seconds or so 21:28 < Apachez> from poweron of the client until the client have a ubuntu desktop ready to be used 21:29 < ash_work> shtrb: same q ^ 21:29 < Apachez> 1) client gets dhcp, through this the client is also informed about pxeboot options 21:29 < Apachez> 2) client fetches pxeboot image from the tftp server (100kbyte or so) 21:29 < Apachez> 3) client then fetches (instructed in pxeboot image) a script from a http server 21:29 < ash_work> Apachez: I'm aware of the logistics, it's the actual conf I am more asking about 21:30 < Apachez> 4) client then fetches whatever files this http based script tells it to and then finally boots it 21:30 < electricmilk> shtrb, yes. I work for a non-profit that assists the homeless and poor. 21:31 < ash_work> hmm 21:33 < shtrb> electricmilk, there where some LUGs in the past the assisted such projects so you could get some extra help(and hardware) from there as well 21:33 < Apachez> ash_work: enjoy! https://pastebin.com/xdN25Aca 21:33 < ash_work> Apachez: thanks 21:33 < Apachez> the instructions is for ubuntu 16.10 21:33 < Apachez> but you can probably alter them to whatever linuxdistro you wish to run 21:33 < electricmilk> shtrb, LUGs? 21:34 < shtrb> linux user group 21:34 < Apachez> I havent verified if casper in 18.04 is fixed yet but since my bugreport is still open I guess ubuntu crew still (2 years later) didnt fix it 21:35 < electricmilk> shtrb, yea?? Sadly we're all Microsoft based. Microsoft has been really generous though..and I've had success with some grants from organizations for hardware. Do you know which groups might help? 21:37 < shtrb> That depend on your area, there also hackathons and install parties , depending on your area you might find something (local to you) 21:39 < electricmilk> Thanks for the tip 21:39 < shtrb> great https://www.linux.org/xfa-groups-home/ give me a 404 21:45 < Apachez> ash_work: was it of any help? 21:46 < ash_work> some what... I'm mapping out a topology right now so I haven't scrutinized it... I'll mainly be using alpine containers on rancherOS 21:46 < ash_work> (for both clients and the server) 21:53 < ash_work> Apachez: I'm thinking about this: http://g.jk.gs/Gp.png 21:54 < Apachez> sidenode: was that graphviz? 21:54 < ash_work> Apachez: yes 21:54 < ash_work> http://g.jk.gs 21:56 < ash_work> Apachez: or possibly this http://g.jk.gs/Gq.png 21:57 < ash_work> with DHCP off on the router 21:57 < ash_work> I guess 22:01 < ash_work> any input on topology would be helpful 22:17 < nojeffrey> Trying to switch over to MST from PVST, when I do I get a few ports put into blocking mode, but I lose connectivity to a 2nd switch, checcking the cables I can only see one link going across to this 2nd switch, any way I can find out what port it thinks it's using to get to this 2nd switch? 22:20 < myth0d> hey guys, can i hot plug an SFP+ adapter? 22:24 < fstd> do you have a spare one at hand to look at? 22:24 < shtrb> Isn't SFP+ like any other cable ? 22:25 < Apachez> depends on the device you are plugging into 22:25 < Apachez> most are hotpluggable 22:25 < Apachez> but some requires reboot 22:26 < Apachez> and even fewer requires you to switch off your device before plugging the module in 22:26 < shtrb> oh nice to know 22:27 < Apachez> so read the manual first before you are burning up modules :P 22:27 < shtrb> What I meant with like any cable is , do not unlplug any cable that could hold a load 22:28 < Apachez> yeah unplug the cable first before you unplug the module 22:29 < Apachez> many modules have like a ehm 22:29 < Apachez> u formed metal piece 22:29 < Apachez> which you pull down before you can unplug the module 22:29 < Apachez> this way you have something to hold onto 22:29 < Apachez> and pulling it down will detach the modules like 2-3mm from the device 22:30 < Apachez> but many highspeed modules have a separate pullthingy 22:30 < Apachez> becuase it turned out to be shitty if that small metal piece broke because you were too violent 22:31 < Rom3oCrash> noobtwork is back: if i have the subnet bla.bla.bla.bla/24 and a firewall rule that allow me to go to an other network. If the subnet become a /23 i need to change the firewall rule or i'm steel able to reach the other network ? 22:34 < Forst> you'll only be able to reach the part that fits into the original x.x.x.x/24 22:35 < Rom3oCrash> I suspected it, thanks 23:04 < luxio> how do games like pubg/fortnite handle 50 concurrent players in the same match? 23:05 < E1ephant> luxio: what resource contraint do you think they would run into first? 23:07 < luxio> I don't know but I'd imagine with more connections there would be more latency 23:07 < WeirdTolkienishF> most processing occurs locally i would guess 23:07 < WeirdTolkienishF> which is why hacks exist 23:07 < WeirdTolkienishF> just the minimum information is exchanged with the central server 23:27 < Apachez> why would it? 23:27 < Apachez> most realtime games have an internal tickcounter 23:27 < Apachez> often around 100 cals/sec 23:27 < Apachez> calcs 23:27 < Apachez> so each user movement is calculated 100 times/sec 23:27 < Apachez> with 50 concurrent users thats 5000 times/sec in total 23:28 < Apachez> sure there is collission detection and objects to interact with etc 23:28 < Apachez> but this isnt really anything hard for a modern cpu 23:28 < Apachez> note that the server doesnt have to render the graphics, only the game engine stuff 23:29 < cluelessperson> Apachez: it's calld a "tick rate" :) 23:29 < Apachez> whatever floats your boat 23:29 < Apachez> in cs its called cmdrate 23:30 < Apachez> anyhow 23:30 < Apachez> latency only increases if the server have too much to do 23:30 < Apachez> like if you have a quad core cpu and runs like more than 8 concurrent servers on this cpu 23:30 < Apachez> with 50 users each 23:31 < Apachez> each user will consume roughly 100kbps 23:31 < Apachez> thats including voip 23:31 < ||cw> back when i ran a UT99 server it took about 16 players to max out a T1 connection, then latency would increase. the P3 450 didn't stress much over that though 23:31 < Apachez> and then you want some bps for when users downloads maps from the server unless you run with standard maps 23:31 < OmNomDeBonBon> Damn, UT99. 23:31 < Apachez> those were the days :P 23:32 < OmNomDeBonBon> ||cw: I watched a video of UT2k4 yesterday and to me it looked like how I remember UT99 looking. 23:32 < Apachez> back in ut99 you didnt have voip and shit I think? 23:32 < OmNomDeBonBon> So UT99 must look much much worse than I remember it. 23:32 < OmNomDeBonBon> We used to play UT99 in the office. 23:32 < OmNomDeBonBon> I used to follow my boss around on the map and keep killing him over and over. 23:32 < ||cw> great game, protocol was all wordy text based, which was easy to parse but not very efficient 23:32 < Apachez> glfx :) 23:32 < Apachez> voodoo2 cards were amazing 23:32 < Apachez> already voodoo1 was amazing 23:32 < Apachez> with glquake 23:32 < Apachez> and that formula 1 game 23:32 < OmNomDeBonBon> This was on really basic ATI cards made for multi-monitor. 23:32 < Apachez> it was like jawdropping 23:33 < OmNomDeBonBon> They had just enough GPU horsepower to run UT99 at low quality. 23:33 < ||cw> yeah, the first Unreal on a Voodoo2 or better looked amazing for the time. 23:34 < GenteelBen> I recently saw a video of some guy who 3D printed (I think? Unless he soldered everything on an enormous PCB) the Bitchin' Fast GPU from the 90s. 23:34 < GenteelBen> https://www.youtube.com/watch?v=ZmCEXbspWuI 23:34 < GenteelBen> "Testing the BitchinFast 3D 2000!!!" 23:34 < Apachez> bitchin fast? 23:34 < Apachez> like the bitboys vapourware? :) 23:34 < GenteelBen> That famous magazine advert joke. 23:34 < ||cw> it was one of the first to do scripted real time engine rendered cut scenes 23:34 < GenteelBen> This thing: http://vgamuseum.ru/wp-content/gallery/bitching-fast/bitchin.jpg 23:35 < GenteelBen> If it wasn't for miners, I'd be livin' la vida loca with a 1080 Ti right now. 23:36 < GenteelBen> My first real GPU was some integrated laptop GPU. 2MB frame buffer, I forget what the OEM was. 23:36 < GenteelBen> This was the mid-90s so probably ATI? 23:36 < GenteelBen> And no sound card, so I gamed like a deaf person. 23:39 < aaa__> lol --- Log closed Tue May 08 00:00:12 2018