--- Log opened Fri Jun 08 00:00:49 2018
00:05 < paulo_> thanks for the advice catphish, i'll try in on the weekend
00:06 < Apachez> drudge`: Please enter root-password:
00:06 <+catphish> good luck
00:25 < drudge`> t00m4nys3cr3tz!!
00:25 < drudge`> ;p
01:04 < atsu> .
01:32 < ALowther> Is the maximum distance ethernet cables are rated for based upon the maximum distance it can travel while still reliably passing the correct signal along?...Is this why newer, higher, rated cables seem to support shorting lengths; because the frequency used within the wiring can't travel as far as lower frequencies while still remaining reliable?
01:32 < ALowther> shorter lengths*
01:32 < ALowther> shorter maximum lengths*
01:32 < linux_probe> cable has a limited amount of bandwidth
01:34 < linux_probe> TPI, aka TWISTS PER INCH" means a ton
01:34 < linux_probe> as well as insulation and individiual wire jacketing
01:34 < djph> ALowther: er, no?
01:34 < ALowther> Those are put into place to combat/negate interference, right?
01:34 < djph> er, no?
01:35 < linux_probe> they factoir in actual electrical theory
01:35 < ALowther> djph: I'm not sure if you're trolling or not.
01:35 < djph> the original rating was because of signal propogation over thinnet/thicknet
01:35 < djph> it stuck with UTP
01:36 < linux_probe> nothign wroing withUTP, if it has a high enough TPI and not against other cabling or anything that induces intereference
01:37 < linux_probe> ;)
01:37 < djph> and also fast-ethernet (min cat5), gige (min cat5e), 10g (min cat6 - 50m; cat6a - 100m)
01:38 < linux_probe> life induces interference
01:38 < linux_probe> :))
01:38 < djph> using cat6(a) in new installation is mainly to future-proof
01:38 < linux_probe> id s djph'sfutur e 3 years?
01:38 < VincentHoshino> using singlemode fiber is?
01:39 < linux_probe> fuckitall, install conduit large enough to pull NEW cabling/fiber
01:39 < djph> SM fibre will definitely combat interference :) (but again, mainly for future-proof)
01:39 < linux_probe> think you need conduit for 3 cables or x diameter?, instal it larger diameter to hold 6x cable oif 3x diameter
01:39 < linux_probe> future proofing
01:40 < linux_probe> REAL futur proofing
01:40 < linux_probe> then again, chinesium junk conduit/glues
01:40 < linux_probe> >_> dont bother
01:41 < linux_probe> may as well have it look like india basket case massive knots of cabling with no bandwidth
01:41 < linux_probe> :)))
01:56 < redrabbit> Anybody having glitches with he.com ipv6 tunnel?
01:57 < redrabbit> The gateway is timed out
02:08 < djph> dont' use it, sorry
02:09 < over9kturtles> hey guys I am interested in finding a router that is patched against VPNFilter
02:09 < over9kturtles> but from my research it seems like even DDWRT won't help
02:10 < over9kturtles> It appears to target the router at the Common Firmware Environment (CFE) level and leverage Busybox to write the “stage-one” code to NVRAM. The CFE loads as part of the boot process DD-WRT so all of this happen before DD-WRT is even running.
02:12 < mgolisch> how can it install itself?
02:12 < mgolisch> no routers will allow anonymous access that would allow to manipulate files on its storage devices
02:13 < djph> ^ also, firewall the shit outta your stufff
02:14 < over9kturtles> I don't know it appears to be a worm or something
02:14 < over9kturtles> cisco talos labs has confirmed over 500k infections
02:14 < djph> although, isn't "don't be a fucking moron and allow default-credentials on the network" most of the fix?
02:14 < over9kturtles> https://blog.talosintelligence.com/2018/06/vpnfilter-update.html
02:14 < over9kturtles> seems to not matter if you change default credentials or not
02:15 < over9kturtles> Even if you install DDWRT It appears to target the router at the Common Firmware Environment (CFE) level and leverage Busybox to write the “stage-one” code to NVRAM. The CFE loads as part of the boot process DD-WRT so all of this happen before DD-WRT is even running.
02:15 < mgolisch> how does it do that
02:16 < djph> where's that, since the article says nothing to that effect
02:20 < djph> everything I can find all points to "it uses default credentials for the kit ... "
02:20 < over9kturtles> https://blog.talosintelligence.com/2018/05/VPNFilter.html
02:20 < over9kturtles> goes into more detail
02:24 < djph> still doesn't say "it can get around non-default credentials / a good password / etc."
02:27 < over9kturtles> they don't know the attack vector at the moment
02:27  * djph bets it's default admin credentials ...
02:37 < mgolisch> my router runs centos on amd64
02:37 < mgolisch> iam sure its not affected
02:54 < acos> Howdy
03:44 < adhocadhoc> anyone here a TPM dealing with datacenters and specifically DWDM/dark fiber?
04:52 < spaces> linux_probe yo!
06:14 < Goop> Who here has experience with making their own yagi antenna?
06:17 < light> I made a yoda antena once but the packets arrived out of order
06:18 < Goop> light, lol.
06:24 < Mead> Shouldn't be a problem if your layer 5 is working
06:51 < dminuoso> In networking lingo, what do you call the act of "connecting two pieces of hardware with a fiber optic cable"?
06:52 < dminuoso> "coupling", "patching", "wiring", "connection/connexion"?
06:52 < dminuoso> Something else?
06:52 < Poster> crossover probably
06:53 < Poster> plugging TX of one into RX of the other and vice versa
06:55 < VincentHoshino> linking?
06:55 < rewt> magic
06:56 < Poster> I guess I was thinking of ethernet, it may be different if you're connecting up a storage system
06:56 < VincentHoshino> the real magic starts when you connect 2 switches
07:06 <+pppingme> Wait till the first time you connect two routers!
07:09 < Pretheist> What do the prefixes on network DNS names mean? For example, be-7922-ar01.saltlakecity.ut.utah.comcast.net
07:09 < Pretheist> What do the "be" and "ar" mean?
07:11 < dminuoso> VincentHoshino: Do you call it "linking" ?
07:11 < dminuoso> In our company "patching" has been established, just curious whether there was any de-facto standard
07:12 < VincentHoshino> not sure there is one
07:24 < meingtsla> Pretheist: "be" could stand for "bundle-ether", which is where multiple links are grouped together to form one logical link.  "ar" could be a particular type of router in Comcast's network.
07:25 < grawity> "ar" would be ... Arista?
07:25 < Pretheist> meingtsla: Thank you. Where would I learn about different types of link aggregation, etc?
07:29 < meingtsla> grawity: Hmm..... Possibly but then doesn't Arista refer to their bundles as port-channels? (Admittedly though I haven't worked with Arista.)
07:31 < meingtsla> Pretheist: There is https://en.wikipedia.org/wiki/Link_aggregation for a high-level overview. There may be better resources out there that aren't coming to mind at the moment
07:31 < Pretheist> I wish everyone was poor, so we could all collectively demand good, free resources for learning this stuff.
07:35 < VincentHoshino> I'm sure Cisco has some tutorials/youtubevids for this kind of stuff
07:35 < Pretheist> I'll have to look into it.
07:36 < Pretheist> How do coffee shops and similar institutions with free wifi usually keep people from tinkering with their equipment? Does client isolation prevent MITM, and then some sort of "ethernet only" vlanning protects the http config interface?
07:42 < Emperorpenguin> Pretheist: decent network gear have out of band management that's unreachable from the traffic that goes through them
07:42 < Emperorpenguin> Or, yes, just put the management ip on another vlan
07:43 < Pretheist> Emperorpenguin: from looking at the setup, it's just some cheap ARRIS cable modem that comcast puts in most houses. Do those really have VLAN intelligence? Or perhaps it's just in AP mode, and I'm an idiot.
07:45 < Emperorpenguin> What setup
07:45 < Emperorpenguin> Where
07:45 < Emperorpenguin> From what point of view
07:45 < Emperorpenguin> Or perhaps you're in a small place that just bought an internet link and set it open and does not care about security
07:46 < Emperorpenguin> I don't get why you need free WiFi when you can have 30 GB/month cellular data for peanuts
07:51 < Pretheist> Emperorpenguin: their network gear that literally just consists of what looks like a home link. I just wasn't aware you could easily configure these properly, but I don't know how it links into their captive-portal "cloudwifi" solution, either, so I was just curious. Sorry if it's irritating to ask like this; I don't know how else to, but I'm still too curious to remain silent.
07:51 < Emperorpenguin> Ahh sure don't worry
07:53 < Emperorpenguin> I don't know, businessumer public access management is a weird world
07:53 < Emperorpenguin> Could be done in so many ways
07:54 < Emperorpenguin> Creative networking is fun but gets back at you down the line
07:55 < Pretheist> Makes sense. I really need to start carrying around more network adapters. Hmm.
07:55 < Emperorpenguin> Such as?
07:56 < Emperorpenguin> Doubt they'll let you plug your serial cable into their router
07:56 < Pretheist> Emperorpenguin: Just wireless stuff. It's easier to fingerprint by WPS manufacturer info, for example
08:17 < CuriosTiger> Emperorpenguin: From pentest work, you'd be surprised how often there's nobody to stop you.
08:20 < Emperorpenguin> Oh yeah I know
09:35 < linux_probe> https://www.techrepublic.com/article/security-pros-beware-vpnfilter-malware-is-more-dangerous-than-first-thought
09:49 < regdude> it wouldn't be such a problem if people would upgrade
10:01 < myrat> hi
10:13 < pax_rhos> hello
10:14 < pax_rhos> how does 'NS' record work in DNS?
10:14 < pax_rhos> do I need to have additional NS record for a sub-domain?
10:14 < pax_rhos> or is it not necessary?
10:16 <@xand> pax_rhos: you have NS records to point sub-domains at other NS servers
10:17 < pax_rhos> okay, thanks, that's what I thought
10:19 < regdude> what are point-to-point links in RSTP? What makes them so special in RSTP setups?
10:22 < drathir> mornn/evenin...
10:26 < FatalFUUU> Nortel 5520-48T-PWR - 48 port full gigabit, full PoE (af only, not at) - but really cheap - any particular reason?
10:50 < Atro> its nortel
11:00 < endre> NOrtel
11:01 < pyro_> what is the command to send a request using curl
11:01 < endre> curl google.com
11:02 <@xand> man curl
11:18 < meowschwitz> eh
11:19 <@xand> same to you too
11:19 < meowschwitz> can 802.11 wifi frames carry vlan tag information?
11:21 < djph> I've not seen it myself (usually the AP does tagging / untagging); although I don't see why you COULDN'T have an AP not handle tagging
11:24 < ilikebeer> hi
11:24 < ilikebeer> i like beer
11:25 < potatoe> ilikebeer #homebrew
11:25 < potatoe> oh
11:25 < meowschwitz> i'm trying to figure out what is it exactly that mikrotik's wifi is doing with vlan tags
11:25 < regdude> you mean actual hardware frames or simply 802.11 packets?
11:25 < meowschwitz> regdude: in principle if it is possible to carry tagged traffic over wireless
11:26 < regdude> you probably mean Ethernet frames that are being sent over wifi, in that case yes, you can carry VLAN tags as long as MTU (the hardwre MTU) is capable of forwarding such long packets
11:26 < regdude> that is a very common setup for MikroTik, sometimes called wireless trunk ports
11:27 < regdude> here is even a configuration made that shows it is possible: https://wiki.mikrotik.com/wiki/Manual:Wireless_VLAN_Trunk
11:27 < meowschwitz> regdude: I'm actually trying to bridge the wifi interface into a tagged vlan on ether1, I must be missing something
11:28 < meowschwitz> regdude: my question about carrying tags over wifi was to exclude the possibility I misunderstand the wifi side of the configuration
11:28 < regdude> well don't add VLAN interfaces to a bridge, that will cause you issues
11:28 < regdude> use the provided link, there you will see how to use bridge VLAN filtering, which is much more suitable
11:30 < regdude> simply skip any tagging actions on the WLAN interface, let the bridge handle tags for you
11:30 < meowschwitz> brilliant, i'll try this, thanks
12:09 < meowschwitz> regdude: I did everything right *except* I forgot to set PVID on the wifi interface
12:09 < meowschwitz> it works, thanks for your help
12:10 < regdude> that can be skipped, it is more for security reasons, theoretically someone from the other side is able to access the device, but if you are running a PtP link for a WISP or something, then it might not be a large issue, though always add more security layers as possible
12:11 < meowschwitz> I'm not, all I was trying to do is bridge a tagged vlan from ether1 side to untagged wlan1 side
12:12 < meowschwitz> I'm not actually bridging segments, just replacing crap tplink CPE with microtiks
12:15 < regdude> if it is for home environment, then it isn't a  big deal, but still, Firewall, disabled services and access limited from certain IPs should be set
12:17 < meowschwitz> regdude: it's a vlan that goes straight to pfsense which only routes traffic to the WAN and cuts off everything else
12:18 < meowschwitz> i treat all wifi devices as untrustworthy so they dont get any access to internal office services
12:20 < regdude> what about someone trying to access the wifi device? It is up to you, pfsense will deal with security, but like I mentioned before, security should be in layers
12:20 < meowschwitz> regdude: the management vlan is a separate interface not reachable from wifi
12:20 < regdude> for some reasons I take very seriously the ability to access the CPU from VLAN
12:22 < meowschwitz> i should however turn off the weird proprietary management magic microtiks have
12:22 < regdude> at least turn off mac-server and winbox, apart from all regular services
12:22 < meowschwitz> yes
12:25 < meowschwitz> regdude: you are right, but I am organizing this setup as a transparent bridge, vlan 123 -> wifi, access to the router itself is over management vlan which is highly restricted
12:45 < Li> I'm wondering before purchasing this range extender, whether do I need to keep hooked to ethernet or only one 1 time setup!? Netgear EX2700 Ripetitore WiFi, Range Extender
12:45 < Li> not sure how range extenders work
12:51 < Atro> they're shit
12:51 < djph> ^
12:52 < djph> if it's a standalone AP that you can plug into your wired network, then it'll be fine.
12:52 < Atro> Li, use an AP
12:52 < djph> (well, other than "netgear")
12:52 < djph> if it's just a repeater (i.e. re-broadcasts a radio signal), ehhh ... bad news usually
12:53 < dogbert_2> hey djph
12:54 < djph> how goes dogbert_2
12:54 < TandyUK> [11:45] <Li> not sure how range extenders work  << Badly imho
12:54 < djph> heyo TandyUK
12:54 < TandyUK> +1000 for "run a cable between the 2 locations, and install a second access point, properly configured so that both new and old AP are part of the same wifi network"
12:55 < dogbert_2> just ripping some DVD's :)
12:56 < regdude> he left before we could break it all down for him
12:56 < TandyUK> oh lol
12:56 < regdude> I guess it broke his wifi
12:56 < TandyUK> yeah probably lol
12:57  * meowschwitz rages at the mention of netgear
12:57 < meowschwitz> the "DHTML" age is officially over everywhere
12:57 < meowschwitz> except, apparently, at Netgear R&D
12:58 < TandyUK> its all their devs know how to write
12:58 < TandyUK> along wiht tables instead of divs (not sure if i mean the html tag, or another word for their devs there :P)
13:00 <+catphish> hey cool, HE seem to finally have London tunnel relays
13:01 <@xand> didn't they before
13:02 < TandyUK> they used to, but im going back like 8 years
13:02 <@xand> yeah I thought they did
13:06 < dogbert_2> I could have passed my CISSP, but I got high :P
13:06 < TandyUK> CISSP?
13:06 < turtle> crazy insane salty sausage party
13:06 < TandyUK> Im doing a Yealink CIPPE course atm (Certified IP Phone Engineer)
13:06 < regdude> why would someone get high over that
13:06 < dogbert_2> I was gonna call a truce with trump but then I got high.   -kim jong un (LOLZ)
13:07 < TandyUK> potentially one of the first in the UK (if i pass) lol
13:07 < grawity> meowschwitz: wait, what's "DHTML" anyways? I thought it was just referring to the same DOM manipulations as done nowadays
13:56 < CoolerZ> hey
13:56 < CoolerZ> what does telnet do when i type o www.google.com
13:56 < CoolerZ> in the telnet console
13:57 < CoolerZ> is there a protocol or does it just establish a tcp connection to port 23?
13:58 < CoolerZ> because every time i try it just fails
13:58 < djph> it tries to open a telnet session to google.com
13:58 < CoolerZ> so is there a particular protocol that runs on top of TCP? like http
13:58 < detha> there is a protocol, see rfc854
13:59 < CoolerZ> ok
13:59 < CoolerZ> well i have a different question
13:59 < CoolerZ> i want to implement a socks server in nodejs
13:59 < regdude> you can connect to port 80 and make GET requests manually
13:59 < CoolerZ> should i look at the rfc for socks5 ?
14:00 < CoolerZ> regdude, well   o www.google.com 80  also fails
14:00 < regdude> google doesn't want you to be unsecured
14:00 < qman__> with telnet, you open the ocnnection, then GET /
14:00 < qman__> it will respond with a 301 redirect to https
14:02 < CoolerZ> o www.google.com 443<ENTER>GET /<ENTER>
14:02 < CoolerZ> just causes Press any key to continue... to display
14:02 < qman__> on 80
14:02 < qman__> 443 won't work because it expects a TLS handshake first
14:03 < CoolerZ> oh ok
14:03 < CoolerZ> ok it works
14:04 < regdude> google actually didn't redirect
14:04 < CoolerZ> how hard is it to implement a socks5 proxy server in nodejs?
14:04 < CoolerZ> i couldn't find any modules that did this, all that socks modules are for socks clients
14:05 < CoolerZ> all i found was this https://medium.com/@patrickackerman/building-a-socks-proxy-with-node-js-part-2-dd92127d7fbd
14:07 < CoolerZ> ok i found one https://github.com/mscdex/socksv5
14:18 < CoolerZ> how can i test a socks server?
14:18 < CoolerZ> running locally?
14:22 <@xand> try to use it
14:59 < networking> hi
14:59 < networking> need some non-technical professional advice
15:00 < lupine> not from the internet, you don't :/
15:01 < regdude> specialists will probably google an advice eitherway
15:01 < networking> how usual it is to record a skype video call during interview?
15:01 < networking> they have not informed me initially it is being recorded
15:01 < lupine> well, that would be illegal
15:01 < lupine> in .uk anyway
15:02 < regdude> not sure if the law applies to Skype, for phone calls yes
15:02 < lupine> I presume it's a free-for-all in .us, since everything else is
15:03 < networking> I asked to disconnect after knowing it is being recorded but not sure how usual it is
15:03 < lupine> personally, I'd fail at the first hurdle at such a company. I don't have skype :D
15:04 < networking> lupine: me too, I had to create for the interview :D
15:04 < regdude> google is the best specialist, trust the Internet: https://www.avvo.com/legal-answers/he-recorded-me-on-skype-without-permission-and-is--1675692.html
15:05 < networking> regdude: checking
15:06 < CoolerZ> hello? anyone familiar with socks5 ?
15:06 < compdoc> does that still exist?
15:06 < CoolerZ> firefox doesn't seem to follow the socks5 protocol
15:06 < networking> that seems to be a harassing etc but this was an official interview and they mentioned it's their policy or something like that, still the same law applies?
15:06 < CoolerZ> its sending my socks server this line CONNECT www.npmjs.com:443 HTTP/1.1
15:07 < CoolerZ> which is the http protocol headers
15:07 < likcoras> CoolerZ: to test socks5? just try using it with curl and see if works/what kinds of errors it spews.
15:07 < CoolerZ> instead of the socks5 headers
15:07 < CoolerZ> likcoras, no i am saying firefox is doing something weird
15:07 < CoolerZ> its sending me http headers instead of socks5 headers
15:08 < CoolerZ> and then in the browser it displays 'The proxy server is refusing connections'
15:08 < CoolerZ> because my server refuses the http headers
15:08 < CoolerZ> why is firefox doing this?
15:08 < likcoras> Are you sure you've set it as SOCKS and not just a http proxy?
15:09 < ||cw> CoolerZ: it's probably more productive to ask firefox's support/community
15:09 < CoolerZ> likcoras, https://imgur.com/l6H3aGf
15:09 < CoolerZ> ||cw, is there a firefox channel/
15:10 < ||cw>  /msg alis and see
15:10 < likcoras> CoolerZ: uncheck the "use this protocol for.."
15:10 < likcoras> and clear all lines except for socks.
15:10 <+catphish> networking: it's very country specific
15:10 < CoolerZ> likcoras, why?
15:10 <+catphish> recording is quite common in some places without consent, but illegal in other places
15:11 < networking> catphish: ok
15:11 < likcoras> catphish: otherwise it uses the given host as an http proxy instead of SOCKS.
15:11 < likcoras> CoolerZ: *
15:11 < CoolerZ> likcoras, oh wait, is http proxy a different thing?
15:11 < CoolerZ> ok i see
15:11 < likcoras> Yup. That's the CONNECT thing you're seeing.
15:12 < ||cw> networking: even in the US it's state law specific
15:12 <+catphish> networking: my attitude is that if i send someone any data, i expect them to hang onto it
15:12 <+catphish> although now in Europe GDPR puts a LOT of limits on this
15:13 < networking> ||cw: ok
15:13 < ||cw> I know in MO that only one party needs to know that it's being recorded.  so you can record someone you're participating in without telling everyone, but you can't record someone else's with informing them
15:13 < networking> catphish: you mean like not sending it others etc and keeping it to themseleves?
15:13 <+catphish> networking: yes
15:14 < CoolerZ> likcoras, thanks
15:14 < networking> catphish: ok, I am not sure that will happen, data leaks
15:15 < ||cw> yeah, you still can't publish or share it with 3rd parties without permission in the US.  US law isn't as strong as GPDR, but the basics are there for civil lawsuits when data is misused
15:19 < dunnousername> Hey, I was wondering if PoE is reasonable to use for cheap/home stuff; if I can avoid getting 5 power adapters, it makes sense, but it seems like PoE is expensive... right?
15:20 < dminuoso> dunnousername: PoE is fine, and the switches are reasonably prices.
15:20 < lupine> it's quite good in some home environments since it means less need to run cables
15:20 < redrabbit> 216.66.84.42 down for you ?
15:20 < lupine> price per unit matters much less at low scale
15:20 < redrabbit> Anybody having glitches with he.com ipv6 tunnel?
15:20 < dminuoso> We even use it in our office. :)
15:20 < compdoc> they make 8 port poe switches that dont cost a lot
15:20 < redrabbit> The gateway is timed out
15:21 < dminuoso> Our entire phone infrastructure uses PoE.
15:21 < dunnousername> Do switches normally inject PoE, or do they just switch it?
15:22 < compdoc> opu cant pass poe thru a normal switch
15:22 < compdoc> you
15:22 < dunnousername> I mean specifically PoE switches
15:22 < dunnousername> do I need to buy an injector?
15:22 < dminuoso> dunnousername: Just be sure not to skim on the hardware. I've experienced some non-spec conform hardware that can be quite sensitive.
15:23 < dminuoso> dunnousername: We once had a PoE switch that burned out because we hot-unplugged a camera.
15:23 < dminuoso> That was downright amazing.
15:24 < CoolerZ> likcoras, what was the other way to test a socks server?
15:24 < likcoras> use curl
15:24 < dminuoso> dunnousername: it depends
15:24 < dminuoso> dunnousername: you can use midspan (injectors) or endspan (PoE capable switches)
15:25 < dunnousername> those are types of switches?
15:25 < likcoras> curl --socks-5-* options
15:25 < CoolerZ> command?
15:25 < dminuoso> dunnousername: the former is usually a hub
15:25 < dminuoso> dunnousername: How many PoE ports do you need?
15:26 < dunnousername> probably at most 5
15:26 < likcoras> CoolerZ: I recommend the taking a look at the curl manpage, there are a lot of options concerning eg. debug output that can help a lot when debugging network issues.
15:26 < regdude> dunnousername: I use PoE everywhere, but all my devices support it. Some cheap PoE switches can detect a false standard and start powering up when they shouldn't, but if you use the same vendor devices, then the risk is quite low
15:27 < regdude> most switches should have an option to manually set which ports is powered and which is not
15:28 < dminuoso> dunnousername: Just a random example to show you what I mean: https://www.zyxel.com/de/de/products_services/8-10-16-24-48-port-GbE-Smart-Managed-Switch-GS1900-Series/
15:28 < dminuoso> dunnousername: Im in no way suggesting you should purchase that particular device. It just acts as an example.
15:29 < dunnousername> I think I understand, I gtg now though. I'll come back if I have m9re questions
15:29 < CoolerZ> likcoras, well i tried --verbose and curl is saying connection timed out
15:30 < CoolerZ> i can ping the domain though
15:30 < CoolerZ> is there a way to check a specific port is open on that domain?
15:30 < likcoras> CoolerZ: full output?
15:30 < CoolerZ> check if*
15:30 < likcoras> if tcp, I guess something like nc -v $ip $port
15:31 < redrabbit> nmap
15:31 < redrabbit> so, anyone having issues with he.com ipv6 tunnel
15:32 < CoolerZ> likcoras, https://paste.pound-python.org/raw/gw2WiSvAQzWRKzm2gBM7/
15:33 < qoxncyha> switches operate on MAC frames, right?
15:34 < regdude> switches check the MAC-DST address and forward to the port that has received a packet with such MAC-SRC
15:34 < regdude> unless it is a dumb switch (hub) that floods everything to everywhere
15:34 < qoxncyha> was what i said wrong? is there any reason you rephrased what i said?
15:34 < CoolerZ> PORT      STATE    SERVICE
15:34 < CoolerZ> 44649/tcp filtered unknown
15:34 < CoolerZ> using nmap
15:35 < CoolerZ> Host is up (0.13s latency)
15:35 < regdude> it is not incorrect, but a bit incomplete, a switch does a very specific function
15:35 < qoxncyha> it's a router that operates over MAC, right?
15:35 < qoxncyha> 'router'
15:35 < likcoras> CoolerZ: forward ports / open that port on the firewall on the host running the SOCKS proxy.
15:36 < regdude> no, router operates over IP if you like to classify things that way
15:36 < qoxncyha> regdude: thanks
15:36 < qoxncyha> is a switch a router that operates over MAC?
15:36 < CoolerZ> i think the server behind a reverse proxy and 44649 is probably not the port that is exposed to the public
15:36 < qoxncyha> is a switch a 'router' that operates over MAC?
15:36 < baitshell> Switch L2, Routers L3
15:36 < CoolerZ> i think the public port is 80 or 443
15:36 < regdude> how did you come up with that assumptions now
15:36 < qoxncyha> can i just get a yes or no answer? that would be great
15:36 < regdude> switch = mac, router = ip
15:37 < baitshell> correct
15:37 < CoolerZ> yup nmap says 80 is open
15:37 < qoxncyha> you're only confusing people by changing the subject from their question
15:37 < regdude> a switch is not a router if it operated over MAC
15:37 < qoxncyha> does that make sense?
15:37 < CoolerZ> and so is 443
15:37 < likcoras> CoolerZ: might just be an http(s) server and not actually a SOCKS proxy.
15:37 < regdude> I think we are not supposed to be telling the right answers to tests
15:37 < qoxncyha> someone in the office is talking about switches and i want to make sure i understand
15:38 < CoolerZ> * Received invalid version in initial SOCKS5 response.
15:38 < CoolerZ> * Closing connection 0
15:38 < CoolerZ> curl: (7) Received invalid version in initial SOCKS5 response.
15:38 < qoxncyha> which it seems like i do, but everyone in here wants to add some gem of knowledge that's tangential to the question
15:38 < CoolerZ> likcoras, how do i get curl to print even more elaborate debug messages?
15:39 < qoxncyha> one more time: is a switch basically a 'router' that operates over MAC instead of IP?
15:39 < qoxncyha> yes or no, if possible
15:39 < likcoras> CoolerZ: eh, that's pretty much it. I'm betting that the host you're trying to use as a proxy isn't running a SOCKS proxy on ports 443 or 80.
15:39 < likcoras> In this case.
15:39 < baitshell> no
15:39 < qoxncyha> baitshell: what part is wrong?
15:39 < CoolerZ> likcoras, well its a repl.it nodejs server that i made
15:40 < CoolerZ> likcoras, https://repl.it/repls/TautLongtermGoals
15:40 < regdude> baitshell: if you think that a switch looks up into hosts table to find the destination similarly to IP routing decision on routing table, then you could call it that way
15:40 < regdude> but none should every call it like that
15:40 < qoxncyha> was that intended for me?
15:41 < baitshell> because it's basic thing and every termin has it's own meaning
15:41 < regdude> no, my gems are worthless
15:41 < qoxncyha> baitshell: thanks, that's really helpful
15:41 < likcoras> CoolerZ: I guess check the repl.it docs/support. Probably a problem on their end.
15:41 < baitshell> surely some switches do L3 jobs
15:42 < baitshell> like a router but it's different sory
15:42 < regdude> actually many managed switches these days are capable of routing
15:42 < baitshell> *story
15:42 < qoxncyha> that's very smart
15:42 < qoxncyha> thanks for the wisdom
15:42 < qoxncyha> no i'm wrong, but then 'exactly what i said'
15:43 < qoxncyha> with the additional wisdom of "switches operate over L3 as well"
15:43 < likcoras> CoolerZ: from what I can see, they only do HTTP(s maybe), and allowing people to run arbitrary services on arbitrary ports wouldn't be too doable without jumping through a log of hoops on their end.
15:43 < qoxncyha> which is *not* my question. does that make sense?
15:43 < redrabbit> well, ssems like he.com ipv6 tunnel is back after half a day of downtime
15:43 < CoolerZ> likcoras, no thats fine if its only allowing port 80 and 443
15:43 < CoolerZ> but why is curl reporting invalid socks version number
15:43 < regdude> qoxncyha: you do realize that most people here are at least engineers?
15:43 < qoxncyha> this is frustrating. let me come back later.
15:44 < redrabbit> maybe someone from he reads here lol
15:44 < likcoras> That's not the issue here. I'm only guessing, but they probably route client requests to the correct repl instance by looking at the HOST header.
15:44 < qoxncyha> regdude: you act like you've never talked to a person before
15:44 < likcoras> And that only works for http.
15:44 < detha> qoxncyha: I would say that the only possible answer to your question stated like you did is "Well, it's complicated"
15:45 < qoxncyha> detha: thank you, that helps
15:45 < detha> (or just 'no')
15:45 < qoxncyha> detha: in that case, is a switch's usual purpose to route MAC frames?
15:46 < baitshell> no
15:46 < detha> no
15:46 < baitshell> Switch do switching on l2
15:46 < regdude> lol
15:46 < baitshell> no routes
15:46 < detha> Semantics, but in networking the word 'route' has a specific meaning
15:46 < qoxncyha> okay, i used the wrong term
15:46 < CoolerZ> likcoras, oh
15:46 < qoxncyha> is a switch's usual purpose to 'switch' MAC frames?
15:46 < baitshell> correct
15:46 < CoolerZ> likcoras, could i set up a http proxy then?
15:46 < detha> It is to forward MAC frames yes
15:46 < Kartagis> hi
15:47 < qoxncyha> by 'switch', i mean 'send MAC frames from source to destination'
15:47 < qoxncyha> is that correct?
15:47 < likcoras> Possibly? If they allow the 'CONNECT' method on their servers.
15:47 < likcoras> I would check their docs.
15:47 < Kartagis> why can't I create an A record 'admin' ?
15:47 < baitshell> correct
15:47 < likcoras> But it's very possible they haven't enabled this, due to obvious reasons.
15:47 < Kartagis> is that  reserved?
15:48 < skyroveRR> Kartagis: admin what?
15:48 < detha> admin password
15:48 < skyroveRR> admin 123
15:48 < regdude> I think he is talking about DNS records
15:48 < skyroveRR> We know.
15:48 < Kartagis> A record, as I just said
15:48 < qoxncyha> okay. routers 'route' IP packets, not MAC frames, between connected devices and potentially remap IP space, correct?
15:48 < skyroveRR> Kartagis: again, admin what?
15:49 < likcoras> Kartagis: you sure it isn't just whatever service you're using having reserved it for themselves?
15:49 < Kartagis> admin.foo.example.net
15:49 < skyroveRR> Kartagis: an 'A' record points to an IP.
15:49 < likcoras> It's not reserved, as far as I'm aware.
15:49 < regdude> that is a weird conversation going on over there, not a test
15:49 < skyroveRR> Kartagis: you need the full FQDN.
15:49 < likcoras> NO reason it shouldn't be valid.
15:49 < Kartagis> likcoras: it can't be resolved
15:49 < lupine> configuration languages vary
15:50 < lupine> ISTR it's normal to put the label only into bind zonefiles for instance
15:50 < detha> Kartagis: when did you create it?
15:50 < CoolerZ> https://repl.it/site/docs/http-servers
15:50 < Kartagis> detha: 5 minutes ago, and the other one I created 5 minutes ago was propagated
15:51 < qoxncyha> routers 'route' IP packets, not MAC frames, between connected devices and potentially remap IP space, correct?
15:51 < detha> did you try resolve it before you created it? In that case, you may be hitting negative TTL in some cache
15:51 < qoxncyha> why is it so hard to ask a simple yes/no question?
15:51 < detha> "It's complicated"
15:51 < Andrew_0010bit> "Better luck next time."
15:51 < qoxncyha> it's complicated, got it
15:51 < qoxncyha> Andrew_0010bit: thanks
15:52 < Andrew_0010bit> "Don't count on it."
15:52 < qoxncyha> routers 'route' IP packets, is that correct?
15:52 < detha> yes
15:52 < Andrew_0010bit> "Please try again."
15:52 < qoxncyha> but their purpose isn't fundamentally to route MAC frames, right?
15:52 < dminuoso> qoxncyha: their purpose is fundamentally to route IP.
15:53 < dminuoso> qoxncyha: IP is not required to run on ethernet.
15:53 < Andrew_0010bit> Understanding the layering is crucial here.
15:53 < dminuoso> qoxncyha: You can run IP over other layers as well (such as token ring)
15:53 < qoxncyha> i understand that IP runs over MAC
15:53 < qoxncyha> is that correct?
15:53 < dminuoso> Or IP over avian carriers.
15:53 < dminuoso> (Which has even been done)
15:53 < qman__> networking: in most of the US, it depends on whether you have "a reasonable expectation of privacy"
15:53 < dminuoso> qoxncyha: Not necessarily, that's the point.
15:54 < qoxncyha> sure, L3 runs over L2
15:54 < Andrew_0010bit> dminuoso, "It would seem your issue is that you've lost your Tolkien ring."
15:54 < qoxncyha> a part of a router's purpose is also to remap IP subnets, right?
15:54 < detha> rarely
15:54 < dminuoso> qoxncyha: a routers purpose is just to *route* IP packets.
15:54 < Kartagis> I can dig, but not nslookup
15:55 < Andrew_0010bit> http://dilbert.com/strip/1996-05-02
15:55 < detha> Kartagis: nxdomain response cached somewhere, probably
15:55 < baitshell> =)))
15:55 < Andrew_0010bit> http://galaxy.uci.agh.edu.pl/~szymon/humor/tolkienring.txt
15:55 < qoxncyha> there's also `host -t a www.whatever.com`
15:55 < qoxncyha> you can use it for things other than a records
15:55 < Kartagis> qoxncyha: me?
15:55 < dminuoso> qoxncyha: https://resources.stuff.co.nz/content/dam/images/1/a/4/g/i/v/image.related.StuffLandscapeSixteenByNine.620x349.1a4dde.png/1456944457750.jpg
15:55 < qoxncyha> Kartagis: yes
15:55 < dminuoso> qoxncyha: thats what a router is.
15:56 < dminuoso> qoxncyha: It just decides on the path a packet takes.
15:56 < dminuoso> and it operates on IP packets.
15:56 < qoxncyha> dminuoso: routers are always on IP or just L3?
15:56 < compdoc> how did they fit those little people in my router?!!
15:56 < Andrew_0010bit> compdoc ^
15:56 < Kartagis> qoxncyha: host not found
15:56 < detha> dminuoso: that's a 20-spur router, not 20-port
15:57 < Andrew_0010bit> Routers work on layers.
15:57 < Andrew_0010bit> Everything works on layers.
15:57 < qoxncyha> Kartagis: `host -t a google.com # google.com has address 172.217.4.238`
15:57 < Andrew_0010bit> Just like how a switch has a table of all the MACs it's connected to and can therefore automatically "switch" MAC frames.
15:57 < dminuoso> qoxncyha: You could say L3 is for routing yes.
15:57 < qoxncyha> Kartagis: `host -t txt google.com # google.com descriptive text "v=spf1 include:_spf.google.com ~all" ...`
15:57 < dminuoso> qoxncyha: (According to the OSI model)
15:58 < dminuoso> qoxncyha: Please do take note that the OSI model is not "that's how networking is"
15:58 < dminuoso> It's more of a "guidance"
15:58 < qoxncyha> dminuoso: sure, it's just convention
15:58 < qoxncyha> yes
15:58 < Andrew_0010bit> dminuoso, that's very helpful too.
15:58 < qoxncyha> switch, hub, bridge: these are all synonyms, correct?
15:58 <+pppingme> Its a "guidance" that very closely reflects reality
15:58 < dminuoso> qoxncyha: No.
15:58 < dminuoso> qoxncyha: there's a fundamnetal difference between switches and hubs
15:59 < Andrew_0010bit> And bridges, for that matter.
15:59 < dminuoso> qoxncyha: a switch can be thought of as a layer 2 router
15:59 <+pppingme> hubs = layer1, switches = layer2
15:59 <+pppingme> thats a bad description
15:59 < Kartagis> qoxncyha: is there a website I can query this?
15:59 < qoxncyha> dminuoso: i was just told that switches do not 'route' MAC frames for any definition of the word
15:59 < Andrew_0010bit> pppingme, I agree.
16:00 < Andrew_0010bit> qoxncyha, they "switch" MAC frames.
16:00 < qman__> networking: for example, if you went to their building for an in-person interview, they could legally record it because you do not have a reasonable expectation of privacy from them on their premisis
16:00 < qoxncyha> Kartagis: i can't recommend one personally but https://dnslookup.org/ looks good
16:00 < likcoras> Kartagis: there's also this tool drill, useful sometimes for issues like these. drill -T $addr would do the recursive lookup yourself, sometimes helpful for diagnosing problems.
16:01 < qoxncyha> pppingme: what about bridges?
16:01 <+pppingme> bridge = switch in most situations, although the term bridge is often misused
16:02 < Spice_Boy> a bridge lets you drive over water
16:02 <+pppingme> typical (and correct usage) many 2-port devices are referred to as bridges, although note that bridges are NOT limited to two ports
16:02 < compdoc> I love my Einstein-Rosen bridge
16:03 < detha> compdoc: want to add to your collection? I have another bridge to sell you
16:04 < compdoc> hey, I didnt just fall off the turnip truck ya know
16:04 < dminuoso> qoxncyha: An ethernet switch forwards frames based on MAC addresses. A router routes based on IP address. The concepts are similar on an abstract level, but fundamentally different on what they mean.
16:04 < Sout> haha compdoc had to google to get that reference :D
16:05 < compdoc> :)
16:06 < dminuoso> qoxncyha: A switch is something you can plug a bunch of devices into, and the switch will facilitate that they can all communicate with each other. They usually do so efficiently by learning MAC addresses and taking a "local" routing decision (which frame goes where)
16:06 < Kartagis> qoxncyha: dnslookup finds it, but our network can't
16:07 <+pppingme> Spice_Boy you're alive!
16:07 < Spice_Boy> of course I am
16:07 < Spice_Boy> about to go to bed though
16:07 < dminuoso> qoxncyha: http://www.practicalnetworking.net/wp-content/uploads/2016/01/packtrav-host-switch-host.gif here is a nice animation of what a switch does =)
16:08 < detha> Kartagis: what does your network use for a name server?
16:09 < winsoff> Wait a second.
16:09 < winsoff> So the suite that replaced netstat with ss is the same suite that introduced the whole "ip" command situation?
16:09 < likcoras> winsoff: what's wrong with ip?
16:09 < winsoff> I thought the "ip" command was a systemd thing. At least now I have a reason to learn it.
16:09 < qoxncyha> Kartagis: your DNS server is probably caching
16:09 < dminuoso> qoxncyha: So in all senses switches do routing on layer 2. But the routing is not to enforce policies or based on "decisions". It's just a static concept to ensure connecticvity.
16:09 < winsoff> likcoras, I thought it was some monolithic thing
16:10 < rewt> ip has been around a lot longer than systemd
16:10 < qoxncyha> Kartagis: DNS servers like to cache overzealously
16:10 < qoxncyha> some will flat-out ignore your TTL
16:10 < dminuoso> qoxncyha: and there's things like flooding going on, so the routing is more of an efficiency thing to avoid the problems that hubs bring
16:10 < qoxncyha> dminuoso: sorry, i had to step away for a second. let me read through what you've said.
16:11 < rewt> there was some blog post recently that implied it was part of systemd, and that was very misleading
16:11 < likcoras> ifconfig has been limited by the amount of scripts that depend on it, thus it was hard to update it to accurately convey the actual network situation without breaking all the scripts.
16:11 < winsoff> also, how do I traceroute in linux without getting completely dogged by big boy network firewalls?
16:11 < dminuoso> qoxncyha: If you take the postal analogy http://www.dailyherald.com/storyimage/DA/20110419/news/704199921/AR/0/AR-704199921.jpg&updated=201104191145&MaxW=800&maxH=800&noborder
16:11 < rewt> and some scripts want to be cross-platform, so they use ifconfig for that reason
16:11 < qoxncyha> Kartagis: you can also try using a different DNS server other than the default one you're configured with
16:11 < qoxncyha> Kartagis: i like 1.1.1.1
16:11 < winsoff> I guess the question is "how do I get windows-like reliability out of traceroute"
16:12 < likcoras> I thought the ip transitionw was being done by the kernel people?
16:12 < rewt> winsoff, that question makes no sesnse
16:12 < rewt> traceroute is traceroute
16:12 < winsoff> rewt, when I use tracert on windows, I usually get a full set of datapoints (from point to point)
16:12 < rewt> your os has no bearing on what routers along the route do
16:13 < winsoff> but traceroute on linux, even with -I, usually only gives me up to the edge router of the current net
16:13 < dminuoso> qoxncyha: actually screw it, this analogy - as nice as it may be - is not so helpful to understand networking from =)
16:13 < qoxncyha> dminuoso: that practicalnetworking gif is great
16:13 < qoxncyha> still reading
16:14 < qoxncyha> what happens if a MAC device is disconnected?
16:14 < qoxncyha> is there an ACK for MAC?
16:14 < detha> winsoff: --U
16:14 < grawity> depends on the specific MAC layer, some have ACKs, some don'
16:15 < qoxncyha> what happens in the former case when a MAC device is disconnected?
16:15 < regdude> if a host is disconnected, then it will trigger a link state change (if connected directly to a switch), which will flush the MAC addresses on the port that have been learned by the switch
16:15 < dminuoso> qoxncyha: so switches are the solution "64 devices connected to network device. how do we a) let them all talk to each other, while b) avoid each broadcasting their traffic to everyone
16:15 < jvwjgames_> Hello
16:15 < qoxncyha> regdude: so they 'feel' the jack in the connection so to speak, right?
16:16 < winsoff> detha, interesting. I'll try it.
16:16 < dminuoso> qoxncyha: (they offer some other things too, but that shall be irrelevant)
16:16 < jvwjgames_> how do i find the ipv6 gateway of my ipv6 address
16:16 < regdude> if a host is disconnected indirectly, then the switch will have to wait until the entry times out, at this point the same computer will not receive packets if connected on a different port (indirectly)
16:16 < qoxncyha> just a yes or no
16:16 < Dagger> if you meant "how do I find the IPs of routers on my network", use `rdisc6`
16:17 < qoxncyha> switches 'feel' the jack in the connection so to speak, right?
16:17 < Dagger> although if you have autoconf enabled then you can probably just look at your routing table
16:17 < regdude> you asked what happens
16:17 < qoxncyha> regdude: i'm asking too many questions
16:17 < regdude> what do you mean "feel"?
16:17 < dminuoso> qoxncyha: you can even observe this on some network devices.
16:17 < qoxncyha> they can tell if the jack is plugged or unplugged
16:17 < dminuoso> qoxncyha: many network devices have some `LNK` and `ACT` leds
16:18 < dminuoso> qoxncyha: the `LNK` led denotes whether there's an active ethernet link
16:18 < regdude> directly they can (if they are diffrectly connected to the switch)
16:18 < qoxncyha> using electrical resistance, presumably?
16:18 < regdude> indirectly there is RSTP that can help sometimes
16:18 < regdude> no, just  voltage
16:18 < qoxncyha> okay
16:18 < qoxncyha> thanks :)
16:19 < regdude> 1 = 5V, 0 = something a lot less. No volts = no signals = no cable
16:19 < dminuoso> qoxncyha: ethernet in its specification has a kind of handshake
16:19 < regdude> and then the initiate the linking protocol
16:20 < dminuoso> qoxncyha: in this phase they do autonegotation these days to figure out what both devices can do (can they do 10BASE-T, or maybe 100BASE-TX), simplex or duplex, etc..
16:22 < dminuoso> qoxncyha: So regarding the difference with router. A router otoh makes path decisions. It's the solution to "I have a package for 12.34.56.78 but I have no clue how to get it there"
16:22 < dminuoso> (Because that address is not in your network)
16:23 < dminuoso> qoxncyha: So the first router you have is usually inside your own OS. It's the systems routing tables.
16:23 < dminuoso> It makes the first decision "given this IP address, where should we put it? where should we send it?"
16:24 < qoxncyha> i'll have more questions later, i have to work now :)
17:10 < wallbroken> hello
17:10 < wallbroken> does somebody kknow how bluetooth works?
17:11 < wallbroken> when i enable bluetooth on a device, what happens? this device looks for available devices and connects to already paired ones?
17:11 < djph> wallbroken: magic. and radio
17:12 < wallbroken> djph, yes, but what about my question?
17:12 < djph> I answered it.  You asked how it works.
17:12 < djph> Your secondary question, "well it depends".  Most devices will only talk to those that they're already paired for.
17:13 < djph> similarly to wifi (not not the same)
17:13 < wallbroken> djph, can you be more specific?
17:14 < wallbroken> i have two ends: a smartphone and an auricolar
17:14 < djph> OK
17:14 <@xand> a what
17:14 < wallbroken> what happens when i enable each of them?
17:14 < djph> they turn on.
17:14 < wallbroken> xand, i'm not native english, i mean "in ear audio"
17:14 <@xand> earphones?
17:14 < wallbroken> we call it "auricolari"
17:15 < wallbroken> yes right
17:15 < wallbroken> earphones
17:15 < wallbroken> i have a bluetooth earphones and a smartphone connected via bluetooth to it
17:16 < wallbroken> in my case, there is a problem: if i do enable my earphones before enabling bluetooth on smartphone, it won't automatically connect
17:16 < wallbroken> and i need to go smartphone settings to connect it
17:16 <@xand> don't disable bluetooth on the phone
17:16 < djph> because the headphones only look for a device to pair with when they turn on.
17:17 < wallbroken> djph, the earphones how look for device to pair?
17:17 < wallbroken> it listens for other device's presence messages?
17:18 < djph> what do you mean "how". You tell them "hey you're paired with these devices"
17:18 < wallbroken> let me clarify that my goal is "understand how the mechanism works"
17:18 < Meta> That's a rabbit hole.
17:18 < djph> ^^^^^^^^^^^^^^^^^^^^^^^
17:19 < wallbroken> by "how" i mean, ie: the earphones sends a broadcast message to say: "who is alive?"
17:19 < djph> and a lot of it will come down to "implementation".  It might be as simple as "here's the list of MAC addresses you know, on boot run through it once"
17:19 < wallbroken> expecting some answer
17:20 < djph> you're going to have to read *A LOT* of the technical stuff
17:20 < wallbroken> djph, i guess now it's clear what kind of answer i'm looking fore
17:20 < Meta> Headphones tend to be dumb devices.
17:21 < djph> the datasheets, whitepapers, etc ... it's not going to be easy by any means; and more than a small portion of that is going to be locked up as "corporate secrets" (etc.)
17:21 < Meta> They'll connect to a smarter device just coz they're told to.
17:22 < wallbroken> djph, and smartphone side is symmetric? it searchs for paired devices to connect?
17:22 < djph> no
17:22 < djph> the smartphone doesn't necessarily care
17:22 < wallbroken> if i do use my other smartphone, it behaves differently
17:22 < wallbroken> it connects automatically even if i enable bluetooth after turning on the earphones
17:23 < djph> I mean, yes it MAY act like a client (e.g. with a laptop); but in general, it's gonna be "i'm the master"
17:23 < Meta> That's probably a setting in the phone itself
17:23 < Meta> I can connect automatically to my headphones on my phone, or I can tell it not to
17:23 < wallbroken> my iphone: if i do enable bt after the earphones, i need to connect it manually
17:24 < wallbroken> my android phone: if i do enable bt afte the earphones, it connects automatically the same
17:24 < Meta> Different implementations. *shrug*
17:26 < wallbroken> djph, told, smartphone is the "master"
17:26 < wallbroken> not sure of what does it mean
17:26 < wallbroken> *he
17:26 < djph> you're holding the iDevice wrong.
17:26 < djph> (that's never gonna get old)
17:30 < wallbroken> djph, it could simply be that when you enable bluetooth on some smartphones,it automatically search for paired devices and automatically connect to it?
17:31 < djph> perhaps.  read the documentation.
17:32 <@xand> not really a networking question anyway >.>
18:06 < skyroveRR> .
18:46 < CoolerZ> likcoras, yeah you were right
18:47 < CoolerZ> repl.it does use the HOST http header to find out which webapp you are trying to access
18:48 < CoolerZ> is there a SOCKS5 over HTTP protocol?
18:48 < CoolerZ> https://github.com/jpillora/chisel
18:48 < CoolerZ> ?
18:57 < scratchfury> as a Cisco shop that might be forced into using Extreme, is it worth trying to fight for using Cisco or even reason "why not HP?" to new upper management?
18:59 < ||cw> scratchfury: it's always worth voicing legitimate concerns, especially if you'll lose access to features that you can assign a ROI to
19:00 < ||cw> but even lacking that, you can assign a dollar amount to training and lost productivity during the transition, which ALWAYS takes longer than the sames guy says.
19:01 < ||cw> sames/sales/
19:01 < scratchfury> this is true
19:25 < mcavendish> hello
19:26 < mcavendish> anyone familiar with netiron os?
20:12 < Apachez> nope
20:12 < Apachez> brocade gear?
20:12 < Apachez> arent they extreme networks nowadays?
20:13 < scratchfury> I'm pretty sure they bought that particular part of Brocade
20:14 < scratchfury> Ruckus bought the FastIron part
20:14 < scratchfury> err... Arris
20:18 < sidco> Howdy folks. I am working on a shared front end. I opened port 80 to point at the firewall (pfsense, fresh install), enabled HA proxy, setup 3 front ends (2 domain + sub domain) and 3 backends. I am able to access the servers internally but not externally, like HAproxy took over DNS. https://pastebin.com/dnCKpLde
20:18 < TheSameNow2> I've followed the tutorial here: https://mullvad.net/en/guides/bittorrent/ but the SOCKS5 proxy thing doesn't work.. the torrents won't download.. what's the matter?
20:19 < sidco> Do you have DHT enabled?
20:24 < TheSameNow2> it's only possible to enable that when the proxy servers are set to none. but the downloads work without having DHT enabled when the proxy server is disabled
20:24 < TheSameNow2> so no
20:25 < sidco> Are you using qbittorrent?
20:26 < TheSameNow2> yes
20:26 < TheSameNow2> downloaded it specifically to follow their tutorial
20:27 < TheSameNow2> I used uTorrent before, which is still installed
21:16 < TheSameNow2> soo.. to repeat myself: I've followed the tutorial here: https://mullvad.net/en/guides/bittorrent/ but the SOCKS5 proxy thing doesn't work.. the torrents won't download.. what's the matter?
21:24 < pressure679> You probably need an ID verification, passphrase, hash, to be trusted by the torrent server.
21:24 < sidco> I would follow up with mullvad. Follow instructions on a second computer, see if you have the same results. I can enable DHT when proxy server is set to SOCKS5. Reinstall utorrent (4.1.1)
21:25 < pressure679> Oh, wait, bittorrent, I do not know your answer TheSameNow2
21:33 < ALowther> Any suggestions for a router, at least 2 gigabit ports and 5 fast ethernet ports? No wifi needed or wanted.
21:33 < ALowther> Consumer, 2 computers and 3 VoIP lines
21:36 < djph> No such thing.
21:36 < djph> Edgerouter plus a switch.
21:37 < kottt> what's your budget? and no matter what your budget is, the answer is an EdgeRouter =)
21:38 < ALowther> Okay, why is there no such thing? Why is the answer an EdgeRouter? :)
21:38 < ALowther> Budget is < $100
21:38 < djph> because no one makes a router with a 5 port switch.
21:38 < djph> (for starters)
21:39 < ALowther> Well that is why I said, at least.
21:40 < ALowther> I've found some very affordable 5 port routers w gigabit, but I need a few more ports.
21:40 < kottt> the best, most affordable answer to your need for more ports, is a switch
21:41 < kottt> an external, unmanaged gigabit switch, you can get an 8-port for about $40
21:41 < RustyJ> 8-port edge.....
21:41 < kottt> and an EdgeMax router for another $50
21:41 < djph> RustyJ: is not a switch.
21:42 < djph> kottt: he'll probably need a little more than an el-cheapo switch (although, I *ASSUME* he wants PoE for those phones)
21:42 < RustyJ> djph, i'm confused by the usecase so i'll return to lurking
21:42 < djph> RustyJ: minimum six ports -- internet plus two computers and three phones.
21:43 < djph> (barring obvious "phones have passthru ports")
21:43 < detha> I shall start calling those 'wired tethering ports'
21:44 < djph> detha: "a mistake" ?
21:44 < djph> ALowther: probably best to lay out the exact port requirements, since we're all making some guesses here ...
21:46 < ALowther> 300Mbps from ISP, so gigabit needed for PC & laptop so speed isn't lost via fast ethernet, then 3 VoIP phones, each with a power adapter, so PoE isn't necessary.
21:46 < RustyJ> i'm confused still cause in my goofy mind.... router _>>>>>> POEswitch----Switch
21:46 < ALowther> I would assume VoIP doesn't need more than 100Mbps, but maybe it does
21:47 < detha> phones work perfectly well on 100Mb/s
21:47 < nosmelc> I have a router that is vulnerable to that VPNFilter malware.  Is there a way to determine if it's already infected?
21:47 < djph> RustyJ: that's the right way to do it.
21:48 < josuah> is there any convention about how to represent network stuff in ascii?
21:48 < djph> nosmelc: did you leave it with default credentials?
21:48 < djph> josuah: not really no
21:48 < josuah> like router, serial lines, ethernet, interfaces, bridges...
21:48 < nosmelc> djph, you mean the admin user and password?
21:48 < djph> nosmelc: correct
21:48 < josuah> djph: thanks.  Well we're free then ;)
21:48 < nosmelc> djph, ohh i changed the password
21:48 < kottt> all-in-one consumer routers are hot trash
21:49 < kottt> get something where the first step of troubleshooting isn't "turn it off and back on again"
21:49 < djph> nosmelc: then, at least given what I've read, your chances of "already being infected" are low.  But, there's still a lot of "we don't know how it works" out there
21:49 < kottt> bc if that's the first step it means the device is running too many services and they're poorly optimized >_>;
21:49 < djph> kottt: errr, an etch-a-sketch?
21:49 < kottt> pretty sure the first step of troubleshooting an etch a sketch is to shake the damn thing so nah
21:50 < kottt> that's functionally a reboot
21:50 < nosmelc> djph, according to Mikrotik I need to be at a newer version RouterOS to fix the vulnerability
21:50 < djph> kottt: bahhahahaha
21:50 < djph> nosmelc: so then do that
21:50 < RustyJ> kottt, the first step it to use a bleach wipe.... kids touch those things and we all know kids are DIRTY
21:50 < nosmelc> djph, I will, but I was just wondering if I can determine if it's already infected?  will a RouterOS upgrade wipe an infection?
21:50 < djph> RustyJ: I prefer the spray - gets under the knobs.
21:51 < kottt> anyway, EdgeRouters are winning big points for me right now for not being on the list of VPNFilter infections
21:51 < djph> nosmelc: "maybe".  I don't 'tik.  However, I know most firmwares wipe the entirety of NVRAM
21:51 < kottt> glad i put my RT-N66u behind an EdgeRouter approx 2 weeks before VPNFilter landed
21:51 < djph> kottt: so it got infected by your windows PC then, amirite? :D
21:52 < kottt> well-
21:52 < kottt> i'm not actually clear on how VPNFilter spreads, tbh
21:52 < kottt> is it an actual virus or is it just portscanning and default credentials?
21:52 < RustyJ> i thought photobucket
21:52 < djph> kottt: not entirely sure myself, but it was funny :)
21:53 < kottt> =) technically speaking the only machines that should have direct access to my RT-N66u are running Linux
21:53 < Perme8> is there a different irc for networking career discussion, im looking for direction
21:53 < djph> I don't know how stage1 gets on the router.  stage2/3 are photobucket, etc.  Something about the payload being hidden in the exif data
21:54 < kottt> it's serving as a wireless repeater because it's a better option than ethernet over powerline adapter
21:54 <@xand> djph: default credentials mostly
21:54 <@xand> according to wikipedia, source of all knowledge :P
21:55 < djph> xand: yeah, but the specifics was "default credentials from .... where" (as in an infected computer, or IoT thing, or driveby on the wan side)
21:55 <@xand> ah
21:55 <@xand> yeah would be surprised if all those things allowed WAN access to the management interface by default
21:56 < djph> it's mostly consumer garbage, I wouldn't be :)
21:56 < nosmelc> So the malware connects to the router's management interface over the Internet?
21:56 <@xand> probably CSRF exploits to go with
21:56 < RustyJ> Perme8, since most/all peeps here are netadmins/enginerds/installers and what not...this is a good place to discuss edu/career options
21:57 < sidco> djph: because no one makes a router with a 5 port switch. > Qotom does, https://www.amazon.com/Firewall-Appliance-Gigabit-Celeron-Barebone/dp/B0741F634J I dont have this unit but two other ones by wotom that are working great.
21:57 < djph> nosmelc: one would imagine "no" (what because even halfway decent things are on there) -- but it doesn't preclude dumbasses doing dumb things :)
21:58 <+catphish> sidco, djph, pretty sure most mikrotik routers contain a 5 port switch
21:58 <+catphish> in fact, almost every soho router does under the hood
21:59 < djph> sidco: by the thing, it sounds more like a barebones PC with half a dozen ports
21:59 < djph> sidco: but hey, if it routes ...
21:59 <+catphish> mikrotuk def does
21:59 < djph> catphish: yeah, but they're not "1x routed plus 5x switched" (most of the time)
22:00 <+catphish> what?
22:00 < djph> catphish: he needed a router with 5x lan ports
22:00 <+catphish> oh, you mean 6 ports rater than 5
22:00 <+catphish> yeah no
22:01 < detha> most are a 4-port switch plus one interface
22:01 < djph> yeah, I thought I said "they don't have 5x switchports" (of course they have 1x "WAN" plus 4x "switched LAN" -- although now that I think about it, and ER-X-SFP ... )
22:01 < djph> *an ER-X-SFP
22:01 <+catphish> they're either 4+1 or just 5
22:03 < detha> mikrotik at some stage made 5-port things implemented with something like an 8-port asic, one port connected to the CPU, and vlan-tagged all other ports to the CPU
22:05 < ALowther> Thanks, I'm looking into things.]
22:21 < nosmelc> If I upgrade the RouterOS and firmware on a Mikrotik device, that won't wipe the existing configuration, right?
22:24 < detha> Normally it won't. That doesn't mean you do not have to make a backup of the configuration before upgrading.
22:24 < nosmelc> detha, yep I got a backup just now
22:28 < nosmelc> Although I'm a bit confused about the difference between a .backup binary backup and a .rsc text backup
23:00 < Johnjay> fun networking fact
23:00 < Johnjay> i used rsync to make a backup of my hard drive to a usb stick. i used the options -zyvv thinking that would use compression
23:01 < Johnjay> but the resulting files were not compressed. turns out that -z only compresses the *transmission* of files for networking purposes
23:01 < mawk> indeed
23:02 < Johnjay> i'm debating whether to wipe the partition and restore it just to see if restoring the rsync files is sufficient for a backup or if i need to use gparted or dd or something
23:02 < Johnjay> dd would be bad since i filled the hard drive with random 0's and 1's just yesterday
23:04 < mawk> why did you do that ?
23:04 < mawk> well it doesn't matter much
23:04 < mawk> use dd in sparse mode
23:06 < Johnjay> well i read somewhere if you just wipe your drive with zeros that's not good enough
23:06 < Johnjay> if some super secret gov machines are used to recover data
23:07 < Johnjay> so i did dd if=/dev/urandom of=/dev/sda bs=4096
23:07 < Johnjay> not realizing that makes it hard to compress a dd copy of the drive
23:10 < Johnjay> i don't really get what the man page is saying
23:10 < Johnjay> sparse means that dd just skips zero blocks/
23:19 <+pppingme> Johnjay ideally, you'll want to change every bit on the drive 4 times I think..  that should, in theory, make it unrecoverable
23:20 < Johnjay> pppingme: i'd like a source for that number if it's not too much trouble
23:20 < Johnjay> is that the gutman 35 rule?
23:20 < Johnjay> but like, more sane?
23:22 <+pppingme> this says 3 times:  https://cdrglobal.com/what-is-a-dod-multiple-pass-hard-drive-wipe/
23:26 <+pppingme> there's also this, 7 pass:  https://www.blancco.com/blog-dod-5220-22-m-wiping-standard-method/
23:26 < Johnjay> ok thanks
23:27 < Johnjay> is that negated if i rewipe it with 0's after doing all of that do you think?
23:27 < mawk> gutman is obsolete
23:28 < mawk> some also say it's harmful
23:28 < mawk> compared to 3/7 passes
23:28 < mawk> no it's not negated, you can do whatever you want
23:28 < mawk> after
23:28 < mawk> I think
23:28 < Johnjay> that's cool
23:30 <+pppingme> Johnjay you old enough to know what a cassette tape is?
23:30 < Johnjay> i guess so
23:30 < Johnjay> i've seen them . :D
23:30 <+pppingme> then you may not understand this example
23:31 <+pppingme> if you take a cassette, with a good recording, then record over it, and play it back, if you turn it way way up, and listen to the background hiss, you could still make out the original recording..
23:31 <+pppingme> record over it multiple times, and that goes away (although you now hear remnants of the newer recordings)..
23:31 <+pppingme> the concept is the same with drives..
23:32 <+pppingme> in fact, the tech isn't really that different..
23:44 < Johnjay> weird
23:44 < Johnjay> oh yeah
23:44 < Johnjay> i guess that makes sense. it's still some kind of magnetic storage
23:44 < Johnjay> i wonder where dd gets its random seed from
23:45 < Johnjay> because doing the command dd if=/dev/urandom might lead to the same sequence of 1s and 0s each time
23:45 < sidco> I am working on a shared front end for HAProxy. I opened port 80 to point at the firewall (maybe this was my mistake), enabled HA proxy, setup 3 front ends (2 domain + sub domain) and 3 backends. I am able to access the servers internally but not externally, like HAproxy took over DNS for those domains. https://pastebin.com/dnCKpLde
23:47 < ska> Anyone know what happened with Comcast+Att network problems?
23:57 <+catphish> Johnjay: dd doesn't generate random data, you're just reading from a file (/dev/urandom)
23:58 < Johnjay> right. i googled and i can't tell if urandom will change with different boots with minimal user interaction
23:58 < Johnjay> but my guess is it does
23:58 <+catphish> Johnjay: that file contains a pseudorandom string of data
23:58 < Johnjay> keep in mind i'm booting from a ubuntu cd in this scenario
23:58 <+catphish> it's seeded by /dev/random, which contains real random data
23:59 < Johnjay> i see
23:59 <+catphish> that real random data is generated from user interaction and other things considered sufficiently random to be secure
--- Log closed Sat Jun 09 00:00:42 2018