--- Log opened Tue Jun 12 00:00:54 2018 00:02 < xe0n> astalavista.box.sk 00:04 < genr8_> nice 00:04 < genr8_> what was the other one? 00:04 < xe0n> i haven't been there in 20 years lol 00:09 < xe0n> cracks.am 00:09 < xe0n> LOL 00:12 < MillerBOSS> http://fakeupdate.net/wnc/ 00:13 < MillerBOSS> I should make some of those full screen some how on https://trollme.xyz/ 00:13 <+layer-eight> * MillerBOSS → Trolololololol's Я Us! 00:13 < MillerBOSS> My first email account was through http://www.excite.com 00:14 <+layer-eight> * MillerBOSS → My Excite 00:14 < MillerBOSS> 1999 00:14 < MillerBOSS> I doubt they keep account alive like Google does. 00:15 < Sousapro> Has anyone used Windows Storage Replica? 00:15 * MillerBOSS points to hunterkll 00:16 < MillerBOSS> And A-KO 00:16 < MillerBOSS> They try everything Windows 00:16 < Sousapro> I need to replicate a couple of SMB shares across a few sites and everyone got pissy when I said DFS lol 00:17 < Sousapro> Nevermind that my domain controllers use it regularly and have no issues lol 00:17 < MillerBOSS> Why get pissy over DFS? 00:17 < Sousapro> MillerBOSS: they've worked at places with shitty windows admins that let DFS break and stop syncing 00:18 < zerocool> Sousapro: im still there 00:19 < MillerBOSS> Oh. Well thats not your fault of course. 00:21 < Sousapro> zerocool: with crappy DFS shares? 00:23 < MillerBOSS> https://twitter.com/tonyromm/status/1005970277342306304 00:23 <+layer-eight> * MillerBOSS → Tony Romm on Twitter: "NEW: I spoke with FCC Chairman Ajit Pai, the rest of the commission, members of Congress and others before the end of net neutrality rules tmw. Advocates fear the worst with an AT&T ruling due Tuesday. Pai said he's heard a dif... 00:24 < zerocool> Sousapro: ya, other admins project, never worked right, i looked for 1 minute and found problem 00:24 < zerocool> was like -_- 00:24 < Sousapro> DFS is so damn easy 00:25 < zerocool> can't read like 5 options 00:25 < zerocool> yeah that's what i mean 00:25 < Sousapro> Event viewer is so tough 00:25 < zerocool> some people man 00:25 < Sousapro> So is splunk or nagios core 00:25 < zerocool> elk 00:25 < Sousapro> Yeah, we're using elk here 00:25 < Sousapro> Not bad 00:25 < Sousapro> Not splunk but acceptable 00:26 < Sousapro> I got to this job and both of the domains had failed sysvol replication 00:27 < Sousapro> I noticed it pretty quickly lol 00:27 < Sousapro> People talking about how unreliable the DCs were 00:27 < Sousapro> Took me like 1 day to completely iron out both domains 00:29 < zerocool> we picked up a site that never used scavaging, has like 12 dc's not parted properly, every computer has a unique host file 00:30 < zerocool> http only to the mail server touching the internet, and sql 00:30 < zerocool> custom routes 00:30 < zerocool> for workstations 00:31 < zerocool> they have a 32core server... AS A WEB SERVER 00:31 < zerocool> bare metal, webserver 00:33 < MillerBOSS> The fuck $30 for this thing. https://www.wyzecam.com/ 00:33 <+layer-eight> * MillerBOSS → Wyze Cam Pan 00:33 < MillerBOSS> 1080p Full HD | 110°/sec Rotation | Pan ScanTM 00:34 <+NinjaStyle> ayyy 00:34 <+NinjaStyle> cool guy is here people 00:34 * NinjaStyle kicks the jukebox 00:36 < MillerBOSS> >Free rolling 14 days of alert videos stored in the AWS Cloud 00:36 < MillerBOSS> Wow that is slick for $30 00:37 < MillerBOSS> 2 way audio 00:39 <+NinjaStyle> cryptic1: AY 00:41 < Casteil> ayyyy 00:41 <+NinjaStyle> Casteil: sup 00:41 <+NinjaStyle> sup de tosacana 00:41 < m4221> Two coworkers were laid off today and another passed away last Saturday:( 00:42 < Casteil> damn 00:42 < silentfury-s4pro> people are dying today, who have never died before... 00:43 < m4221> I just had a CT scan today 00:43 < m4221> Where I had a bad reaction to the contrast agent 00:44 < silentfury-s4pro> have you had barium before? 00:45 < nojeffrey> Whats everyone set the Sec event log size to on a DC? 00:46 < nojeffrey> Ours is set to 200MB, but can only last ~3 days, much bigger and it struggles to load events 00:46 <+NinjaStyle> you should ship them to central logging imo 00:46 < nojeffrey> Trying out this: https://www.reddit.com/r/usefulscripts/comments/8q0p7d/pswinreporting_monitoring_active_directory_events/ 00:46 <+layer-eight> * nojeffrey → PSWinReporting - Monitoring Active Directory Events : usefulscripts 00:47 < nojeffrey> We do, but I want to try the above script 00:47 <+NinjaStyle> then what difference does it make? 00:49 < nojeffrey> this script uses ps and looks into the event log and send intresting stuff(people added to security groups, password resets, etc) 00:49 <+NinjaStyle> just create those queries in your central logging 00:49 < nojeffrey> cant it's linux 00:49 <+NinjaStyle> ? 00:49 <+NinjaStyle> so 00:50 < nojeffrey> so recreate the functionallity in python/awk/grep, etc? 00:50 < nojeffrey> would take a bit 00:51 < nojeffrey> 230k of ~300k events are logon/logoff events 00:51 <+NinjaStyle> oh, so you arent using anything like kibana? 00:52 < nojeffrey> well I have a elk server going, but these DC sec logs are just getting sent to syslog server 00:52 <+NinjaStyle> well pull them in to the elk stack imo, that way you can just build those queries in there, and the local log retention doesnt matter 00:53 < nojeffrey> i was originally 00:54 < DLSteve> we just have Splunk ingest everything. 00:55 <+NinjaStyle> yeah splunk or elk 00:55 <+NinjaStyle> that way you dont gotta fuck with it locally 00:55 <+NinjaStyle> just let it rotate 00:55 < nojeffrey> there was a plugin I was using that shipped event logs to elk, cant remember the name, but from memory I couldnt trim majority of log before shipping 00:59 < nojeffrey> +NinjaStyle yeah OK I should revist event logs to ELK 01:02 < MillerBOSS> https://www.potcoin.com/ 01:02 <+layer-eight> * MillerBOSS → Banking For The Cannabis Industry - Digital Currency | PotCoin.com 01:02 < MillerBOSS> Of course. 01:03 < xe0n> loll 01:03 < xe0n> nice 01:03 < MillerBOSS> Per https://twitter.com/twitter/statuses/1006263432604258309 01:03 <+layer-eight> * MillerBOSS → ⚓ https://twitter.com/TIME/status/1006252224941469696 → TIME on Twitter: "Dennis Rodman came to the Trump-Kim Summit for more 'basketball diplomacy' https://t.co/nbtwSJQnHb… " 01:03 < MillerBOSS> T shirt 01:03 < nojeffrey> gahh but that script was so good, formatted everything interesting in 1 email 01:06 < MillerBOSS> Even a look a like, Un there. 01:25 < jay-ros> Good morning everyone 01:28 < JollyRgrs> jay-ros: go to bed, ur drunk :P 01:30 < jay-ros> JollyRgrs, WELCOME TO THE WORLD OF (literally) TOMORROW! 01:30 < jay-ros> (it's tuesday 9.30am here) 01:30 < JollyRgrs> NO WAI! HOW U DO THAT! 01:30 < JollyRgrs> j/j 01:30 < JollyRgrs> j/k 01:30 < JollyRgrs> i'm off work now, i don't wanna be back that soon 01:31 < jay-ros> We had a public holiday yesterday, so I'm fresh as a daisy, and coming off an exceptionally successful week last week 01:31 < JollyRgrs> nice 01:31 < hug> Anyone here manage any Windows servers with over 4 million files in a single directory? 01:31 < genr8_> thats a lot 01:32 < jay-ros> hug - not in a single directory, but a root folder 01:32 < jay-ros> what's the situation? 01:32 < genr8_> more files = moar slowdown 01:32 < hug> There's a company I support that has a braindead system that we're replacing. 01:33 < jay-ros> indexing bloats 01:33 < hug> The webserver has a photo gallery, the photo gallery generates thumbnails and dumps them all in the same location. 01:33 < misspwn> sup 01:33 < jay-ros> yeah, that's awful 01:33 < hug> Over 4 million thumbnails and the generation fails. 01:33 < jay-ros> hi misspwn 01:33 < jay-ros> hug - I'm guessing you can't archive, and need to rebuild? 01:34 < hug> "A generic error occured in GDI+" is the error message. 01:34 < misspwn> hey jay-ros 01:34 < hug> Well I've done the "dumb fix" and just archived a shitton of photos, which means if anyone goes back over 18 months in the gallery all the thumbnails are missing. 01:34 < hug> (Which is better than thumbnails missing for the photos for *today*) 01:34 < genr8_> you could try to consolidate the MFT . it could be heavily fragmented and it needs to be traversed to read the dir every time 01:34 < misspwn> today was rough at work. i had to wear my sunglasses indoors the whole time because the flourecent lights were bugging me after getting lasik on friday. i think i will order those computer glasses maybe that will help 01:34 < hug> Already done. 01:35 < hug> contig run against the MFT and against the folder itself. 01:35 < hug> I defragged too (lol) and disabled 8.3 01:35 < genr8_> you just gotta deal with it then. or split up the directories 01:35 < genr8_> you had 8.3 on? that could be a big slowdown 01:36 < hug> Slowdown, sure, but shouldn't just destroy the ability to save to that directory. 01:36 < genr8_> its probably a bug in the thumbnail program? 01:37 < hug> No. The thumbnail program is dirt simple. 01:37 < genr8_> GDI+ is the graphics subsystem 01:37 < jay-ros> misspwn - you're expected to have a week of discomfort. Have the area verbally approve having the electrician rotate the flouros till they switch off but stay in place 01:37 < hug> I have the source. It's boring ol' C#. It reads a big image to a memorystream, resizes that buffer to 100x100, and then dumps it out with the save method. 01:38 < hug> It's like 12 lines of source. 01:38 < genr8_> https://stackoverflow.com/questions/2291415/creating-thumbnail-of-all-the-images-inside-a-folder?rq=1 01:38 <+layer-eight> * genr8_ → c# - Creating thumbnail of all the images inside a folder - Stack Overflow 01:38 < genr8_> its probably an out of memory error 01:38 < hug> .... 01:38 < hug> No. 01:38 < hug> Stop. 01:38 < hug> It is not an out of memory error. 01:38 < jay-ros> hahaha 01:38 < hug> It's not the C#. 01:38 < jay-ros> it's a 'four million hits and counting!' error 01:38 < hug> It's nothing but "if there are over 4 million items, saving fails" 01:38 < jay-ros> it should be reprogrammed hug 01:38 < jay-ros> by month, rewrite the script to create subfolders 01:38 < hug> If I move one file out, the app will save one more file. 01:39 < jay-ros> if you can* 01:39 < genr8_> its either a bug in the C# or the GDI API and im more likely to believe its the C# 01:39 < hug> Mate, I don't give a fuck what you believe. 01:40 < hug> I'm going to go with "the direct evidence I have on my screen" rather than the opinion of some rando on IRC who hasn't actually seen any of this first hand. 01:40 < jay-ros> hahahh genr8_ he's already tested removing one file and counted four million files in the folder, 01:41 < jay-ros> hug - was the number Maximum number of files on disk: 4,294,967,295 01:41 < jay-ros> uurgh, ignore that, it's a billion 01:41 < hug> That's 4 *billion*. 01:41 < hug> Yeah. 01:41 < ekaj_> layer 1 is the highest IT support layer, right? or is it 3 01:42 < ekaj_> level 1 i mean 01:42 < genr8_> try catching the exceptions instead of just letting it error, i guarantee you its an OutOfMemoryException 01:42 < silentfury-s4pro> level 8 01:42 < hug> ... 01:42 < ekaj_> nvm i fucking googled it 01:42 < hug> You mong. 01:42 < silentfury-s4pro> or as we call it, layer 8 01:42 < silentfury-s4pro> :D 01:42 < Sousapro> https://www.amazon.com/Aimto-Step-Snek-Flag-3x5/dp/B076LXCK1X 01:42 < hug> The exception is "A generic error occurred in in GDI+" 01:43 < hug> I stated this earlier. 01:43 < genr8_> thats just a bad error message masking the real problem 01:43 < hug> And no, it's not that there are locked files. And it's not that I haven't properly disposed the object. 01:44 < hug> Yes, it's a bad error message. I've already told you what the cause is. 01:44 < genr8_> its a leaky abstraction and you would do well to improve the C# code 01:45 < genr8_> anyone else has free reign to prove me wrong 01:46 < hug> I have free reign to prove you wrong you idiot. 01:47 * MillerBOSS slaps hug around a bit with a large trout 01:47 < hug> I have the fucking source. Right here. 01:48 < genr8_> so step through it. 01:48 < hug> ...Is anyone else of the opinion that this guy is braindead? 01:49 < hug> I have stepped through it. I have done everything possible with the whole 12 lines of C# that generate the thumbnails. I have tried using GDI+ to generate a file from a test project that has nothing to do with the original app. 01:49 < genr8_> so after 4 million files, GDI just gives up ? 01:49 < hug> Here is the whole problem, outlined in full: If I attempt to use GDI+ to save an image to a folder with 4 million items, it fails. 3,999,999 items, it succeeds. 01:49 < genr8_> File a bug report with microsoft then 01:50 < hug> (I have said this about 4 times now.) 01:50 < genr8_> its a bit hard to believe mate 01:50 < genr8_> will OTHER things write to that folder ? 01:51 < hug> Yes. 01:51 < genr8_> after the 4 mil 01:52 < hug> Anything that doesn't choke on trying to index a folder of 4 million files can. 01:52 < hug> (Anything with a "save as..." dialog will just fail trying to display the contents of the folder, for example, but that is because it is trying to build an array of 4 million items to show.) 01:54 < hug> [system.io.directory]::findfiles() chokes because it tries to build an array too. 01:55 < JollyRgrs> use a cmd prompt to save a file, no populating the contents of teh folder :P 01:55 < hug> [system.io.directory]::enumeratefiles() does not, but then I have to iterate over. 01:55 < hug> JollyRgrs: Yeah, Powershell new-item works. 01:55 < JollyRgrs> or even use powershell and pop open 01:55 < JollyRgrs> yeah 01:55 < hug> (But trying to use GDI in powershell fails!) 01:55 < JollyRgrs> you can even make ti a GUI if you want it to ask for filename 01:55 < JollyRgrs> just only check if file exists... don't populate all of em 01:55 < hug> get-childitem also fails. 01:55 < hug> Well when I say "fails" I closed powershell once it hit 6GB of RAM used and no output. :) 01:56 < JollyRgrs> well duh 01:56 < JollyRgrs> don't gci it 01:56 < JollyRgrs> just new-item it 01:56 < hug> get-childitem -outbuffer 1000 works 01:56 * JollyRgrs doesn't even know what this whole conversation is about 01:56 < hug> tl:dr; C# app tries to create thumbnail in folder with 4mil+ thumbnails, fails. 01:56 < hug> If it's under 4mil items in folder, it works. 01:56 < JollyRgrs> lol 01:56 < JollyRgrs> REKT 01:57 < genr8_> i want to see you debug this live, on twitch 01:57 * NinjaStyle tunes in 01:57 < hug> At this point i'm just going to tell the company involved to hurry up and launch the replacement. 01:58 < genr8_> i want it to be a mess of undocumented registry tweaks and pinvoke native methods in the C# code 01:58 < hug> (Believe it or not this is not the dumbest problem I've had with this steaming pile of shit.) 01:58 < genr8_> and stepping through stack traces and memory dumps 01:58 < hug> Not paid enough for that. 01:59 <+NinjaStyle> how much would it take? 01:59 < genr8_> "just make the thumbnails" 01:59 < genr8_> but but..... you've got me coding in assembly.... 01:59 < hug> That would be out of scope for our support agrement, so somewhere around $300/hr 02:00 < genr8_> the number 4,000,000 doesnt mean anything to me either 02:00 < genr8_> if it was 4.294 billion or 16.777 million maybe... 02:01 < hug> Nor to me. 02:01 < hug> (Which is why I was asking here.) 02:02 < genr8_> maybe 4 million is actually the 4 billion limit due to some 1024KB thing 02:03 < hug> I dunno. I've removed 480,000 items from the folder. They generate about 4k images a day. I'll just let them know they have 3 months to get their shit in order. 02:04 < genr8_> i would just refactor the C# program 02:04 < hug> If it were that simple... 02:04 < genr8_> the thread thats been running the GDI stuff may just need to be completely torn down and thrown away periodically 02:04 < hug> The C# app runs every 5 minutes. 02:04 < hug> Processes ~5 photos on average. 02:05 < hug> So it's not memory there. 02:05 < genr8_> http://codingsight.com/gdi-leak-handling/ 02:05 < genr8_> idk 02:05 <+layer-eight> * genr8_ → Handling a GDI Resource Leak 02:05 < hug> As I said, if I manually load the GDI assembly in powershell and try to dump a single file using the .save method, it bombs out with the same generic error exception. 02:06 < hug> So long as C# is saving to that folder with GDI, it'll shit the bed. 02:06 < hug> I could *probably* save the file out to %temp% and then move it. 02:06 < hug> But ... eugh. 02:07 < Casteil> "Hey boss, just a heads up, we're going to be deploying the big one tonight" 02:08 < silentfury-s4pro> Hold on to your butts. 02:13 < misspwn> i'm holding my butt...now what? tryin to cook some dinner here 02:13 < hug> cook it with ur butt 02:13 < DoctorDick> I eat ass 02:13 < misspwn> o, sorry in advance for burning chicken thighs then 02:14 < MillerBOSS> >Do you want To STOP receiving these emails from us Just hit *reply and let us know.. 02:15 < MillerBOSS> https://www.youtube.com/watch?v=07P538K83iU 02:15 <+layer-eight> * MillerBOSS → YouTube → Eddie Murphy - Boogie In Your Butt → ⚘ 1,625,325 ↑ 8,666 ↓ 467 ✍ 1,410 02:16 < MillerBOSS> I'll take come chicken. Dark only please, misspwn, thanks. 02:21 <+NinjaStyle> DoctorDick: I can tell 02:21 < MillerBOSS> Out of hibernation? 02:22 < genr8_> remember when we needed BlackViper's list of Windows Services to figure out what they do ? 02:22 < MillerBOSS> Yup. Its still updated too isn't it? 02:22 < genr8_> recently anyway 02:23 < genr8_> at least M$ is the one documenting their own shit though 02:23 < MillerBOSS> http://www.blackviper.com/ 02:23 <+layer-eight> * MillerBOSS → Home | Black Viper | www.blackviper.com 02:23 < JollyRgrs> oh man 02:23 < JollyRgrs> i remember blackviper 02:23 < JollyRgrs> genr8_: i used that for my win2k machine 02:24 < genr8_> what other kind of cool underground resources are there like this 02:24 < genr8_> For services, permissions, ACLS, auditing 02:24 < genr8_> top secret stuff 02:28 < genr8_> say i just installed a new Windows Server box... any one know a guide or basic checklist of what would i do to secure it ? 02:29 < xamithan> Sure, don't take it on the internet 02:29 < MillerBOSS> Updawg? 02:30 < genr8_> whats? 02:30 < MillerBOSS> Huh? 02:30 < MillerBOSS> https://security.utexas.edu/os-hardening-checklist/windows-r2 02:30 <+layer-eight> * MillerBOSS → Windows Server 2012 R2 Hardening Checklist | UT Austin ISO 02:30 < MillerBOSS> https://security.utexas.edu/os-hardening-checklist/windows-2016 02:30 <+layer-eight> * MillerBOSS → Windows Server 2016 Hardening Checklist | UT Austin ISO 02:31 < genr8_> oh see this is a good start 02:31 < MillerBOSS> https://utexas.app.box.com/v/CISBenchmarkWindowsServer2016 02:32 < genr8_> last link wont load 02:32 < genr8_> rather it loads but its blank 02:32 < m4221> Hello failures 02:32 < MillerBOSS> Its slow and its box.com 02:33 < MillerBOSS> Look at link named Windows Server 2016 Benchmark v1.0.0 genr8_ 02:33 < MillerBOSS> On 2016 link above 02:33 < MillerBOSS> Its int he checklist 02:34 < genr8_> yea that did it 02:34 < genr8_> 816 pages holy fuckeee 02:34 < MillerBOSS> Yeah 02:34 < MillerBOSS> https://technet.microsoft.com/en-us/security/cc184923.aspx 02:34 <+layer-eight> * MillerBOSS → Baseline Security Analyzer 2.2 - Download FAQ Resources | TechNet 02:34 < MillerBOSS> I am on the same goal as you here 02:35 < xe0n> genr8_: this stuff is more you do on a wider scale, not on a single server, i.e automate your builds so they're complient from the get go :) 02:35 < Hunterkll> i think my i9 isn't bunk now 02:35 < d> MillerBOSS, 02:35 < d> hi 02:35 < Hunterkll> or we had a power failure 02:35 < MillerBOSS> Sup d 02:36 < genr8_> luckily i already do a lot of these things 02:36 < genr8_> just not procedurized 02:36 < MillerBOSS> Yeah but its difficult to remember/know everything right? 02:36 < jay-ros> Howdy MillerBOSS 02:36 < genr8_> yep 02:36 < MillerBOSS> Hey jay-ros 02:37 < MillerBOSS> Hmm >62 FireAMP is the recommended AV solution. 02:38 < MillerBOSS> Oh shit, I forgot my login info. ;) http://wikis.utexas.edu/display/fireamp 02:38 <+layer-eight> * MillerBOSS → ⚓ URL Redirected → UT EID Login 02:39 < MillerBOSS> Never heard of http://www.immunet.com/index 02:39 <+layer-eight> * MillerBOSS → Immunet AntiVirus 02:39 < MillerBOSS> Owned by Cisco 02:40 < genr8_> so 02:41 < genr8_> is the common tactic to publish and share .admx group policy templates that auto-apply the bulk of these security best practices ? 02:42 < hug> I thought the ADMX files were generally template definitions, not template defaults. 02:42 < genr8_> idk. 02:42 < genr8_> i thought they had settings in them 02:42 < hug> IOW: It doesn't give you any "best pratice" defaults, it simply allows you to set those to best practice. 02:42 < hug> Nah. ADMX files all default to 'unset' on each policy setting, AFAIK. 02:42 < genr8_> oh. 02:43 < hug> Which is a pain in the dick, because a lot of templates use dumb double-negatives. 02:43 < hug> Like you might have a "disable the use of blah", which you have to set to enabled for the setting to be disabled. 02:43 < genr8_> those make my head hurt 02:44 < genr8_> Ensure "Prevent enabling lock screen camera' is set to "Enabled 02:44 < hug> :( 02:46 < genr8_> i wonder how long its gonna take me to go through all 816 pages of this document 02:47 < Hunterkll> any of you fucks wanna hang out in moscow? 02:47 < JollyRgrs> no 02:48 < Hunterkll> i got so drunk i apparently have plane tickets to moscow now 02:48 < Hunterkll> so 02:48 < Hunterkll> the day after defcon 02:48 < Hunterkll> :X 02:48 < Hunterkll> not shady at all... 02:50 < jay-ros> Hunterkll - You're fucking amazing 02:50 < jay-ros> Privet, motherfucker! 02:50 < hug> uh oh 02:50 < hug> I have a very fucky server. 02:50 < Hunterkll> jay-ros, "How drunk did you get last night?" "Bought plane tickets to moscow" "How the FUCK do you still have a liver?!?!" 02:50 < Hunterkll> I blame the movie 02:50 < jay-ros> Hunterkll - I'm super responsible, but the loudest idiot on earth when I drink 02:50 < Hunterkll> was watching red sparrow at a party 02:51 < hug> Explorer is fucked. 02:51 < hug> And I can't end explorer. 02:51 < hug> Aaaand now powershell is hanging. 02:51 < hug> oh no 02:51 < genr8_> yay windows 02:51 < nojeffrey> just bought a Xiaomi redmi note 5, for $230usd its amazing for the price, never buying samsung again 02:52 < Hunterkll> lol 02:52 < genr8_> dont crack the glass 02:52 < MillerBOSS> If anyone cares live feed https://www.youtube.com/watch?v=8Xd5m_p5HfY 02:52 <+layer-eight> * MillerBOSS → YouTube → President Donald Trump and Kim Jong-un meeting in Singapore → ⚘ 1,179 ↑ 120 ↓ 11 ✍ 0 02:52 < hug> E:\Applications\Logs>taskkill /f /im powershell.exe 02:52 < hug> ERROR: The process "powershell.exe" with PID 140424 could not be terminated. 02:52 < hug> Reason: There is no running instance of the task. 02:52 < hug> pls no 02:52 < nojeffrey> genr8_ cost more to fix that the phone? 02:52 < Hunterkll> ya uh 02:52 < Hunterkll> hug, have you considered suicide? 02:53 < Hunterkll> it can help solve this problem.... for you 02:53 < hug> oh it just died. 02:53 < hug> yessss 02:53 < Hunterkll> lol 02:53 < Hunterkll> rekt 02:53 < genr8_> i mean the glass is inferior 02:53 < Hunterkll> #REKT 02:53 < Hunterkll> nojeffrey, honestly, my Galaxy S8+ is the best piece of hardware i've ever had for a long time 02:53 < genr8_> as long as you dont break it, its fine though right :) 02:53 < Hunterkll> though, it doesn't run samsung's image 02:53 < Hunterkll> so 02:53 < nojeffrey> ah, i'll get a decent case for it 02:53 < MillerBOSS> Shit bow https://www.youtube.com/watch?v=bUubgv3_ps0 02:53 <+layer-eight> * MillerBOSS → YouTube → Curb Your Enthusiasm - A Bow Is A Bow → ⚘ 281,215 ↑ 1,068 ↓ 15 ✍ 183 02:54 < nojeffrey> Hunterkll I love a bargain though, you seem to spend like its christmas every month 02:55 * Hunterkll shifty eyes 02:55 < JollyRgrs> how many of you refuse linkedin connections from ppl who you don't think are good at their job? 02:55 < Hunterkll> can i just claim money laundering? 02:55 < genr8_> haha 02:55 < Hunterkll> JollyRgrs, all the time 02:55 < Hunterkll> fuck 'em 02:55 < JollyRgrs> lol 02:55 < JollyRgrs> ikr? 02:55 < genr8_> thats why theyre submitting random invitations most likely 02:55 < JollyRgrs> i don't want to be associated by them 02:55 < Hunterkll> i'm limiting myself to C-levels and such these days 02:55 < hug> https://h-u.gs/iYxoB 02:55 < hug> lol 02:55 <+layer-eight> * hug → IMAGE/PNG Document, 4,354 bytes 02:55 < Hunterkll> for the most part 02:55 < Hunterkll> unless i personally know you 02:55 < JollyRgrs> genr8_: nah, b/c i was great at my last job (not like any diff now)... but i'd look good on his linked in 02:55 < MillerBOSS> How do you know if they are good or not, JollyRgrs ? 02:55 < Hunterkll> hug: wat 02:55 < JollyRgrs> MillerBOSS: i worked with them 02:55 < MillerBOSS> Oh 02:56 < Hunterkll> hug: I just got my film scanner. it's 10,000 DPI. my photos folder is going to be as large as xbox :( 02:56 < admiralspark> JollyRgrs: I don't. I just don't endorse people unless I believe they do know said skill 02:56 < JollyRgrs> and stupid "do you know?" on linked in now doesn't even show you the person's name... just the headshot of some girl and dismiss or yes, connect 02:56 < admiralspark> some people might be the gateway to a new job regardless of how bad they are at theirs 02:56 < JollyRgrs> like wtf? 02:56 < hug> Not worth. 02:56 < admiralspark> JollyRgrs: I think that's actually a dating app you're using 02:56 < Hunterkll> what's the premier photo intake software tehse days 02:57 < Hunterkll> still lightroom ? 02:57 < hug> Yes. 02:57 < JollyRgrs> admiralspark: i thought at that at first... but i'll take my chances 02:57 < hug> Nothing beats lightroom for cataloguing. 02:57 < Hunterkll> hug: let me guess, subscription only now 02:57 < JollyRgrs> that's why i'll add ppl i know (who are good ppl) that aren't in my field 02:57 < hug> Yes. 02:57 < Hunterkll> fucking hell 02:57 < Hunterkll> adobe can suck a dick 02:57 < Hunterkll> i'm torrenting that shit 02:58 < JollyRgrs> lol... like my cousin, who is a film maker type person... i have 2 connections... cousin and someone else, with a graphic and UX designer at unisys 02:58 < genr8_> i wonder how much money theyre making selling adobe essentials for $99 in the windows store and having that suck dick 02:59 < Hunterkll> NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO 02:59 < JollyRgrs> ooh! a solarwinds consultant 02:59 < Hunterkll> WHAT THE FUCK 02:59 < Hunterkll> this software came on CD 02:59 < Hunterkll> i don't have a CD drive in my desktop 02:59 < Hunterkll> only LTO-5 and USB jacks 02:59 < Hunterkll> :/ 02:59 < genr8_> rip optical 02:59 < Hunterkll> genr8_, but long live tape, right? 02:59 < genr8_> odd 02:59 < Hunterkll> :) 03:00 < Hunterkll> desktop case only has 1 5.25" bay 03:00 < Hunterkll> :( 03:01 < MillerBOSS> Man that limo is a tank. 03:02 <@cryptic1> back to work all of you 03:02 < MillerBOSS> OK thanks 03:02 < MillerBOSS> `bofh 03:02 <+layer-eight> BOFH Knot in cables caused data stream to become twisted and kinked 03:02 < genr8_> yea the doors and windows are like 6" thick 03:04 < rootsudo> MikeSpears funny, I skipped work today 03:04 < MikeSpears> lol 03:04 < rootsudo> It's sad man 03:04 < MillerBOSS> Wow there it is. 03:05 < rootsudo> Great job on paper, shitty day to day 03:05 < Hunterkll> rootsudo, so i got really drunk last night 03:05 < Hunterkll> :P 03:05 < rootsudo> Hunterkll did you fuck a tranny? 03:05 < MillerBOSS> Probably understands no English right? 03:05 < Hunterkll> rootsudo, no, but i now have confirmed round trip tickets to moscow for right after defcon 03:05 < genr8_> trumps chatting him up 03:05 < catbeard> https://www.youtube.com/watch?v=2HohE4Eovl4 03:05 < Hunterkll> I got "acquire plane tickets to moscow" drunk 03:05 <+layer-eight> * catbeard → YouTube → Grades - Crocodile Tears (Linier Remix) → ⚘ 149,936 ↑ 1,147 ↓ 28 ✍ 44 03:05 < rootsudo> Hunterkll I really want to go to DefCon 03:05 < rootsudo> but 03:05 < rootsudo> man what's the point I need to whip up something to present 03:05 < MillerBOSS> Probably thinking boy I outta 03:05 < rootsudo> I guess I can talk about MSFT and vulnerabilities 03:06 < catbeard> rootsudo: don't take your insulin pump with ya if you carry 03:06 < catbeard> js 03:06 < rootsudo> that's pretty sad really catbeard 03:06 < rootsudo> I know why, I just think it's sad lol 03:06 < Hunterkll> rootsudo, because going to defcon isn't sketchy enough. I have to go Defcon -> Washington DC -> Moscow 03:06 < Hunterkll> so i can get on all the lists 03:07 < rootsudo> Hunterkll yeah you're going to be on them all 03:07 < rootsudo> Russian US spy Hunterkll 03:07 < catbeard> always wanted to do the unofficial shooting range thing 03:07 < catbeard> bbq 03:07 < rootsudo> I guess I should buy tickets for defcon 03:07 < rootsudo> Unless I can bullshit some shit and get it approved but maybe it's too late 03:07 < Hunterkll> catbeard, i hear the shoot is great but i'm going home on the 12th 03:07 < rootsudo> Cause DefCon and Burning man are right near each other 03:07 < Hunterkll> have a flight to moscow on the 13th to catch apparently 03:08 < Hunterkll> rootsudo, you buy tickets in person cash only at defcon 03:08 < Hunterkll> no personal details recorded, no pre-registration 03:10 < rhqq> hi Hunterkll 03:10 < Hunterkll> hi 03:10 < Hunterkll> rhqq 03:10 < Hunterkll> what can i sucker you for 03:10 < rhqq> nommuch really 03:11 < rootsudo> Hunterkll that's ride, I was thining of HOPE 03:11 < rhqq> heil to 5ghz wifi 03:11 < Hunterkll> lol 03:11 < Hunterkll> rootsudo, you can crash at my place if you go 03:11 < Hunterkll> i have a 1050sq ft suite 03:11 < Hunterkll> in caesars 03:11 < rootsudo> Nice, Hunterkll 03:11 < Hunterkll> $0 :P 03:12 < rhqq> im abusing 5ghz wifi frequency channels 03:12 < rootsudo> I added Defcon to my calandar ;) 03:12 <@cryptic1> ban Hunterkll 03:12 <@cryptic1> oops 03:12 <@cryptic1> forgot the / 03:12 < Hunterkll> lol 03:12 < rhqq> cryptic1: back to work 03:12 < Hunterkll> cryptic1, i redefined drunk level achivements now 03:12 < Hunterkll> :) 03:12 <@cryptic1> D: 03:12 <@cryptic1> Hunterkll, how? 03:12 < rhqq> Hunterkll: you at defcon? 03:12 < Hunterkll> cryptic1, Ever get soooo drunk you wake up and have plane tickets to moscow ? 03:12 < rootsudo> Hunterkll we can get free tickets if we make a party 03:13 <@cryptic1> Hunterkll, trump level drunk? 03:13 < rhqq> ban cryptic1 for politics 03:13 < Hunterkll> trump doesn't drink 03:13 < jay-ros> Doctor Dick, signing out 03:14 < rootsudo> Hunterkll I took a boring sysadmin job, I skipped 1.5 days of work already and I'm only 3 weeks in 03:14 < rootsudo> Hunterkll I'm a great employee aren't I 03:15 < MikeSpears> rootsudo: I quit spectrum 03:15 < Hunterkll> lol 03:15 < rootsudo> MikeSpears But what about your free internet 03:15 < MikeSpears> no fucks even given 03:15 < MillerBOSS> Slcakers 03:15 < MillerBOSS> And Slackers 03:15 < MikeSpears> got a new job that pays more 03:15 < rootsudo> MikeSpears want a $40/hr one 03:15 < rootsudo> just pretend you know a bit of sharepoint 03:16 < MikeSpears> hoping I hear something favorable about the job at VIPRE tommorow, otherwise I'll be doing a contract 03:16 < MikeSpears> rootsudo: details? 03:16 < rootsudo> Sad part is, I know about SP and custom workflows and shit but yet I rather do nothing 03:16 < rootsudo> MikeSpears lol it's the job I'm doing now 03:16 < MikeSpears> even tho vipre is pretty damn close to 40 an hr iirc 03:16 < Hunterkll> cryptic1, https://i.imgur.com/jCLSR4U.png & https://i.imgur.com/xNiYH3F.png 03:16 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 46,327 bytes 03:16 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 171,468 bytes 03:16 < Hunterkll> er 03:16 < rootsudo> I may move to Chicago but I don't want to be alone again :( 03:17 <@cryptic1> THESE BETTER NOT BE DICK PICS 03:17 < rootsudo> I'm with room mates here and it's nidce 03:17 <@cryptic1> I am going to be pissed 03:17 < MillerBOSS> Too late 03:17 < MikeSpears> rootsudo: stay in florida 03:17 <@cryptic1> got me way too many times with that 03:17 < MikeSpears> noob 03:17 < Hunterkll> cryptic1, what i've never sent you a dick pic 03:17 < rootsudo> MikeSpears I don't want to. I want to be in Japan. I've been applying and I got accepted to JApanese schools 03:17 <@cryptic1> Hunterkll, that you remember 03:17 < rootsudo> the problem now is the fucking hours 03:17 < Hunterkll> cryptic1, https://i.imgur.com/In5YphO.png & https://i.imgur.com/xNiYH3F.png 03:17 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 171,468 bytes 03:17 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 62,556 bytes 03:17 < Hunterkll> those are the right two 03:17 <@cryptic1> please rephrase 03:17 < Hunterkll> that's how drunk i got 03:17 < Hunterkll> :P 03:17 < rootsudo> Hunterkll https://www.defcon.org/html/defcon-26/dc-26-cfopp.html lets do it 03:17 <@cryptic1> "I don't remember sending you a dick pick" 03:17 < genr8_> is it easy to apply for jobs in other states ? 03:17 < MikeSpears> can confirm, not dick pics 03:18 <+layer-eight> * rootsudo → DEF CON® 26 Hacking Conference - Call for Parties 03:18 < MikeSpears> genr8_: ya 03:18 < genr8_> and then get the job and move there? 03:18 < MikeSpears> I'd love to go back to boston 03:18 <@cryptic1> Hunterkll, what were you going to do in russia? 03:18 < MikeSpears> but COL is nuts 03:18 < Hunterkll> cryptic1, am going to do you mean 03:18 < Hunterkll> but yea 03:18 < Hunterkll> I got so wasted and we were watching red sparrow at the party 03:18 < Hunterkll> so ... yea 03:19 < MikeSpears> NoVA would be cool too 03:19 < Hunterkll> of course I WANT TO GO SEE RUSSIAN BALLET AND TAKE A KREMLIN SELFIE 03:19 < Hunterkll> means that I MUST IMMEDIATELY ACQUIRE PASSAGE TO RUSSIA RIGHT NOW 03:19 <@cryptic1> lol 03:19 < Hunterkll> so i did 03:19 < Hunterkll> rootsudo, i dont have that much energy 03:19 < Hunterkll> lol 03:19 < Hunterkll> too much effort 03:19 < rootsudo> Hunterkll I'm going to put you down as character reference then 03:19 < MillerBOSS> Pussy 03:20 < Hunterkll> i mean 03:20 < Hunterkll> we don't have the full enough venue 03:20 < Hunterkll> like 03:20 < MillerBOSS> Dooooo it 03:20 < Hunterkll> its only 1050sq ft 03:20 < Hunterkll> it has couches and a 6 person dining table 03:20 < Hunterkll> its not like it's a fuckin penthouse suite lol 03:20 < rootsudo> That's fine 03:20 < rootsudo> we make it a VIP party 03:20 < Hunterkll> lel 03:20 < Hunterkll> you land mcafee and i'll agree 03:20 < rootsudo> Hunterkll You agree now and I'll get Mcafee 03:21 < Hunterkll> i mean i'll already have the room so idk 03:21 < MikeSpears> rootsudo: since I have to pay for internet again, I'm getting business lol 03:21 < rootsudo> Hunterkll Don't be a pussy 03:21 < MikeSpears> because fuck it, it's not even that much more money for 300 + a static IP 03:22 < rootsudo> MikeSpears How fast does porn load for you 03:22 < MikeSpears> very fast 03:22 < rootsudo> Not even going to argue the porn part 03:22 < rootsudo> This is #sysadmin 03:22 < MikeSpears> I mean, I don't look at porn 03:22 < MillerBOSS> AHAHAHA 03:22 < MikeSpears> I get it in real life 03:23 < MikeSpears> get a girlfriend rootsudo 03:23 < MillerBOSS> People usually do both 03:23 < MikeSpears> lol 03:23 < jay-ros> I just tore the shit out of one of our software vendors... I hate being an asshole 03:23 < MikeSpears> jay-ros: being an asshole is fun 03:23 < MikeSpears> espically when its warranted 03:23 < jay-ros> 'I'm responsible for providing the infrastructure. I should not be needing to log in as a test user to have your system working" 03:24 < jay-ros> "I’m available today to assist in this current issue, as from a business perspective it is high-priority, however this level of access should have been identified from your side prior to becoming last-minute." 03:24 < jay-ros> cc everyone, business director, my CIO 03:24 < xe0n> cc the world jay-ros 03:24 < Church-> Heya folks 03:24 < MillerBOSS> emailme@millerboss.com 03:24 < jay-ros> He's lucky I didn't have his mother's email address, think of what she'd think of him 03:24 < rootsudo> MikeSpears jay-ros that's not what you do 03:25 < rootsudo> you black mail the vendor to get a payment to allow the purchase from your company usually resulting in 5-25K in your pocket 03:25 < MikeSpears> lol 03:25 < jay-ros> hahaha rootsudo - I like it 03:25 < genr8_> is having a static IP technically a vulnerability ? 03:25 < rootsudo> don't settle for candy they put in the hardware boxes 03:25 < Church-> No 03:25 < rootsudo> but, I wouldn't know about that 03:25 < Hunterkll> genr8_, no?! wtf 03:25 < genr8_> lol 03:25 < Church-> Sup' Hunterkll 03:25 < agent_white> Aha I see you have a static IP, time to hax u 03:25 < jay-ros> Sup Church_ 03:25 < jay-ros> - 03:25 < Hunterkll> Church-, i redefined ultimate drunkness 03:25 < rootsudo> HUNTERKILL BOUGHT TICKETS TO MOSCOW 03:26 < Hunterkll> ^ 03:26 < rootsudo> Hunterkll IS A RUSSIAN SPY 03:26 < Hunterkll> Church-, https://i.imgur.com/xNiYH3F.png & https://i.imgur.com/In5YphO.png 03:26 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 171,468 bytes 03:26 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 62,556 bytes 03:26 < Hunterkll> i got waaaasted last night 03:26 < rootsudo> lol 03:26 < MillerBOSS> By yourself? 03:26 < Hunterkll> no 03:26 < Church-> Hunterkll: Heh, cramming on interview prep. 03:26 < Hunterkll> at a party 03:26 < rootsudo> you didn't block all the records Hunterkll 03:26 < Church-> Time to mainline a tech stack I'm only partially familliar with. 03:27 < Hunterkll> lol 03:27 < Hunterkll> rootsudo, flight numbres don't matter 03:27 < Hunterkll> lol 03:27 < Church-> Hunterkll: Tech interview is partially generalized, partially tech stack specific. 03:27 < Hunterkll> lol 03:29 < Church-> So time to cram, their tech guys think I'll do fine but I'm still nervous and I'd like this position. Decent benefits, good salary, work from home with some travel. 03:30 < MikeSpears> quick, someone call the police on hunterkll 03:30 < MikeSpears> tell them a russian spy is flying to russia 03:30 < MikeSpears> to bring back info to putin 03:30 < rootsudo> MikeSpears Wrong department 03:31 < rootsudo> It would be Department of Homeland Security / TSA 03:32 < Hunterkll> rootsudo, you mean CBP 03:32 < Hunterkll> TSA don't give a fuck 03:32 < Hunterkll> they aint the popo 03:32 < rootsudo> TSA is part of CBP 03:33 < Hunterkll> rootsudo, wrong 03:33 < Hunterkll> ICE is separate from TSA 03:33 < Hunterkll> both under DHS, but separate 03:33 < Hunterkll> CBP is separate too 03:33 < Hunterkll> so is coast guard etc 03:33 < Hunterkll> https://www.dhs.gov/sites/default/files/publications/18_0519_DHS_Organizational_Chart.pdf 03:33 <+layer-eight> * Hunterkll → APPLICATION/PDF Document, 80,657 bytes 03:33 < Hunterkll> "Countering weapons of mass destruction office" O.o 03:34 < rootsudo> Says the SPY 03:36 < jay-ros> Hey, does anyone have cluster aware updating knowledge? 03:37 < jay-ros> I've got some random GUIDS being created from our cluster aware updating servers in DNS, and trying to work out if they're actually required 04:18 < benjgvps> Phew, had a close call with my FreeNAS box not booting off the USB drive. I took it out of the internal USB port and it boots again... I should probably setup the redundant USB drive like I should have over a year ago... 04:19 < nojeffrey> benjgvps pretty easy to backup the config too 04:19 < benjgvps> nojeffrey: I'm sometimes impressed by my laziness 04:20 < nojeffrey> heh 04:20 < MadCamel> yeah that's like $5 and 5 minutes.. c'mon get with it 04:21 < benjgvps> The funny thing is, when I setup my FreeNAS originally, I bought two identical USB drives 04:21 < benjgvps> I just never set the second one up 04:21 < MadCamel> you can just plug in the second drive and dd one to the other lol 04:25 < Church-> Heya MadCamel 04:25 < benjgvps> I assumed it would be annoying, but it's literally four buttons 04:26 < MadCamel> heya Chur 04:26 < MadCamel> ch 04:26 < Hunterkll> look 04:26 < Hunterkll> microsoft 04:26 < Hunterkll> i get it 04:27 < Hunterkll> you like compatibility 04:27 < Hunterkll> BUT DO YOU STILL NEED TO MAINTAIN FIXES FOR COMPUSERVE 2000 IN WINDOWS 10???? https://i.imgur.com/ubIwI8m.png 04:27 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 112,933 bytes 04:27 < Hunterkll> i like how literally the only thing that breaks that software is the OS version 04:27 < Hunterkll> so winodws claims it's win2k so it can run 04:28 < rhqq> well, it doesnt really hurt to keep that 04:28 < MadCamel> never know when I might want to use compuserve 04:29 < rhqq> yeah man, one day aliens come to the earth and make you run compuserve, but you'll have nothing else but win10 around 04:29 < rhqq> thats when you'll thank ms for that 04:33 < MadCamel> random old man story: Back in the day you could dial into telenet(an early packet-switched network), connect to compuserve and use this legacy interface tosign up with random credit card numbers(passed checksum). Could get free internet for about a month. Back when 'net access was normally metered hourly and 12yo's couldn't afford it.. 04:35 < rhqq> well, i was using that HUP trick on analog lines 04:36 < rhqq> single impulse instead of 90s was 30minutes 04:36 < rhqq> minimizing monies spent on internetz 04:36 < MadCamel> neat 04:36 < MillerBOSS> When you have a notice of then the aliens approach please ping me rhqq kthx. :) 04:36 < rhqq> MillerBOSS: always 04:36 < rhqq> :D 04:36 < MillerBOSS> :D 04:37 < rhqq> you'll be first one i call 04:37 < MillerBOSS> How goes it over there 04:37 < MillerBOSS> Thats what I am talking about 04:37 < MillerBOSS> Before Mom even 04:37 < rhqq> yea 04:38 < MillerBOSS> So some ass clown filed like 11 DMCA take downs on my Youtube account and not its broke. :( 04:38 < MillerBOSS> And all made up names 04:39 < MillerBOSS> now* 04:39 < MadCamel> I have one word to say that'll strike fear into any old hacker's heart: WinModem. 04:41 < MillerBOSS> How about this guy https://news.artnet.com/app/news-upload/2015/03/Peter-Norton.jpg 04:41 <+layer-eight> * MillerBOSS → IMAGE/JPEG Document, 140,317 bytes 04:43 < MadCamel> no way man norton utilities was boss 04:44 < MillerBOSS> Steve Gibson shared a story last week that Peter wanted to buy Spinrite from Steve and Steve said no way so they made Norton Disk Dr. Interesting story. I'll get the link. 04:46 < MillerBOSS> Starts here https://youtu.be/TjqZXhBMSe8?t=5440 04:46 <+layer-eight> * MillerBOSS → ⚓ https://www.youtube.com/watch?v=TjqZXhBMSe8&feature=youtu.be&t=5440 → YouTube → Security Now 666: Certificate Transparency → ⚘ 2,324 ↑ 54 ↓ 0 ✍ 17 04:46 < Church-> Welp I have a better if still small understanding of AWS again. Time to push it forward and brush up on tools. 04:47 < MillerBOSS> Stop typing like me Church- 04:47 < Church-> ? 04:47 < Church-> Kayyyy. 04:47 < MillerBOSS> Welp I have a better if still small 04:47 < MillerBOSS> Only I can type that way 04:47 < Church-> Didn't realize you did. 04:47 < MillerBOSS> Oh man 04:47 < MillerBOSS> I type like shit 04:48 < MillerBOSS> So I will put myself out there. :) 04:48 < MillerBOSS> So what are you learning in AWS? 04:57 < Church-> MillerBOSS: Just AWS in general, rusty. Also learning packer and Terraform from hashicorp's tools. Got an tech interview Thurs. 04:57 < Church-> So brushing up on tool specifics. 04:57 < MillerBOSS> Ahh gotchya 04:58 < MillerBOSS> So you must enjoy working with AWS as a whole then eh? 05:02 < Church-> Eh, it's a tech stack. 05:19 < redhat> hi. 05:20 < misspwn> hi 05:21 < redhat> how's it going? 05:23 <+NinjaStyle> HI 05:23 < redhat> hey NinjaStyle 05:23 < jay-ros> hi 05:23 < xe0n> ih 05:23 < MillerBOSS> LOL so this asshole that claimed false DMCA takedowns is attempting to extort me for $100 05:23 <+NinjaStyle> HI redhat 05:24 < redhat> https://www.reddit.com/r/Ubiquiti/comments/8qd2dj/usg_pro_and_fios/ 05:24 <+layer-eight> * redhat → USG Pro and FiOS : Ubiquiti 05:24 < redhat> thinking about that 05:24 < redhat> considering i've used both Ubiquiti Unifi line and now the Edge line 05:24 < misspwn> MillerBOSS, tell that a-hole the check is in the mail 05:24 < MillerBOSS> lol 05:25 < redhat> unrelated 05:25 < MillerBOSS> Still waiting for a response yet 05:25 < redhat> does anyone think that the new reddit UI is like.. NEW vs OLD runescape? 05:25 < misspwn> want me to cyber him? 05:25 <+AnonymooseWork> asl 05:25 <+AnonymooseWork> :D 05:25 < redhat> like: THX FOR USING THE NEW RUNESCAPE (I MEAN REDDIT) 05:25 < MillerBOSS> I don't know if its a guy or girl 05:25 < misspwn> o we can ask 05:25 <+AnonymooseWork> MillerBOSS does it matter? lol 05:26 < MillerBOSS> Unless misspwn wants to cyber a girl I guess 05:26 < misspwn> redhat, i don't have the new reddit interface yet i don't think 05:26 <+NinjaStyle> who doesnt 05:26 <+AnonymooseWork> i don't either 05:26 <+AnonymooseWork> reddit gold users can opt in to the old interface 05:26 < redhat> it keeps appearing on me misspwn 05:26 < misspwn> hmmm 05:27 < misspwn> only thing i've had so far was that chat beta thing that just appeared one time 05:27 < misspwn> that was a while ago though 05:27 < redhat> https://snag.gy/g5ZX9B.jpg 05:27 <+layer-eight> * redhat → ⚓ https://i.snag.gy/g5ZX9B.jpg → IMAGE/PNG Document, 788,887 bytes 05:27 < redhat> the sidebar wont go away either after i tell it to 05:27 < misspwn> oh Grossssssssssssss 05:27 < misspwn> i will quit reddit if it changes to that 05:27 < redhat> let's go back to Usenet? 05:27 < redhat> plz 05:27 < misspwn> that's fucking awful 05:28 < MadCamel> usenet'd be dandy 05:28 < redhat> girl, bai 05:28 < MadCamel> just use reddit via api and bypass their crapware-laden interfaces completely 05:28 < redhat> although.. i am posting this in an IRC channel soooo 05:28 < redhat> we may be biased 05:28 < redhat> lmao, i thought you said 'crapware-binladen' interface 05:28 <+NinjaStyle> yall nerds 05:28 < misspwn> MillerBOSS, so how close are we finding out if this blackmailer wears thongs or thongs in a good or bad way 05:29 < MadCamel> hey man #!/bin/laden is my favorite shebang. and IRC channel 05:29 < redhat> colusion with terrorism 05:29 < redhat> MadCamel: you are now being whois'd by /u/prism 05:32 < MillerBOSS> No clue misspwn They used generated named and the same email address for all. https://millerboss.com/x/note-wOEP2trQgA-Z.txt 05:32 <+layer-eight> * MillerBOSS → TEXT/PLAIN; CHARSET=UTF-8 Document, 174 bytes 05:33 < misspwn> oh and it's a gmail address 05:33 < misspwn> because that's legit 05:33 < MillerBOSS> Exactly 05:34 < MillerBOSS> https://www.techdirt.com/articles/20171022/23545638457/using-youtube-takedowns-as-extortion.shtml 05:34 <+layer-eight> * MillerBOSS → Using YouTube Takedowns As Extortion | Techdirt 05:34 < MillerBOSS> And https://millerboss.com/x/Screen-Shot-2018-06-11-22-34-36-r.png 05:34 <+layer-eight> * MillerBOSS → IMAGE/PNG; CHARSET=UTF-8 Document, 32,306 bytes 05:36 < misspwn> i hope you are having fun with that person 05:36 < MillerBOSS> I am not sure how much I can have if they don't reply 05:37 < genr8_> i hate new UI's that do nothing but waste more space 05:37 < MillerBOSS> What they did is get my account 3 strikes and near killed and can not upload. 05:37 < misspwn> oh oh what the fuck 05:37 < genr8_> for what 05:37 < misspwn> i wasn't sure of the full scope 05:38 <+CheckYourSix> I've been looking at those USB-C docks that support 3x 4K displays. Can you still game using something like that? Or is it worthless for anything more than regular PC usage? 05:38 < MillerBOSS> A rando claiming ownership via DMCA 05:38 < MillerBOSS> But I have no recourse except to remove the videos or send them a message via youtube saying they made a mistake 05:38 < genr8_> its just a display output, one that will barely support the 3 4k displays in the first place 05:39 < MillerBOSS> But with 3 strikes in 90 days account is about to get killed. 05:39 < MillerBOSS> >We have received three notifications alleging copyright infringement in one of your postings. Consequently, your account is subject to termination. Your ability to post new videos has been suspended. Your access to your account will be completely disabled unless we receive from you a valid counter-notification disputing at least one of the claims by Jun 18, 2018. 05:39 < genr8_> sucky 05:39 < misspwn> oh so this is frm uploading a video to youtube? 05:39 < misspwn> i thought it was from some private tracker thing 05:40 < MillerBOSS> Yeah I upload shit but this person doing the take down is trolling and extorting as per email message to me as I emailed them directly. 05:40 < MillerBOSS> Nope 05:40 <+NinjaStyle> send them malware 05:40 <+NinjaStyle> say it's bitcoins 05:40 < misspwn> yeah just embedd something 05:41 < misspwn> spoof that shit like the shit that gets spoofed at work that people click on 05:41 <+NinjaStyle> theres actually a new technique that is like 100% works every time 05:41 < MillerBOSS> Well I did install https://www.streak.com/ for Gmail to track the email being opened and all and hope to use the info to give to youtube. 05:41 <+layer-eight> * MillerBOSS → Streak - CRM for Gmail 05:41 < genr8_> its of questionable ground to hack back and this isnt even that, its just griefing 05:41 <+NinjaStyle> send them a canary token as well 05:41 <+NinjaStyle> just an image embed one 05:41 < MillerBOSS> Learn me :P 05:41 < MillerBOSS> I have no idea 05:41 < MillerBOSS> lol 05:42 <+NinjaStyle> https://canarytokens.org/generate 05:42 <+layer-eight> * NinjaStyle → Canarytokens 05:42 < misspwn> NinjaStyle, i like you 05:42 < MillerBOSS> Interesting. 05:42 <+NinjaStyle> this will let you know when they open and give you some user agent and geo info 05:42 < MillerBOSS> Yeah that is what streak does too 05:43 <+NinjaStyle> which will help for the next step, the phishing payload 05:43 <+NinjaStyle> if win 10, there is a guaranteed win that got dropped today 05:44 < MillerBOSS> Well lets wait till they reply again because I hope they are hurting for "100 USD" 05:45 <+NinjaStyle> yeah the user agent and os version info would be tremendously helpful 05:47 < MillerBOSS> Looks like info is limited https://uploads-ssl.webflow.com/5b0590e4b6c6cf6111a057aa/5b059d35fc2b2fdb0a0324e2_3-TrackYourOutgoingEmail.png 05:47 <+layer-eight> * MillerBOSS → IMAGE/PNG Document, 167,796 bytes 05:47 <+NinjaStyle> no user agent?? 05:48 < MillerBOSS> Guess not with Streak. 05:48 <+NinjaStyle> do the image web embed one 05:48 <+NinjaStyle> canarytoken 05:49 < MillerBOSS> Alright 05:50 <+NinjaStyle> i cant remember if that pulls full user agent, 1 sec 05:52 <+NinjaStyle> http://canarytokens.com/traffic/feedback/1bms7e3tujpu91qqd2wvrmzlv/test.jpg 05:52 <+layer-eight> * NinjaStyle → IMAGE/GIF Document, 43 bytes 05:52 <+NinjaStyle> just a test 05:54 <+NinjaStyle> MillerBOSS: yeah i got useragent even on an embed 05:54 <+NinjaStyle> so you just do a url token, and add an image extension 05:55 <+NinjaStyle> then you can embed in the email with html if you want 05:55 <+NinjaStyle> its just a 1x1 image 05:55 < MillerBOSS> OK cool. 05:55 <+NinjaStyle> the default will say submit.aspx or something 05:55 <+NinjaStyle> just make it image.jpd or something else 05:55 <+NinjaStyle> jpg* 05:57 < Casteil> aww 05:57 < Casteil> Bane is back 05:57 < Casteil> my sweet little adoptive murder kitty 05:57 < Pyrotechno> bane 05:57 < Pyrotechno> watch out batman 05:57 < Casteil> Critterbane 05:57 < Casteil> Slayer of chipmunks 05:57 < Pyrotechno> :o 05:58 < Casteil> (Bane for short) 05:58 < genr8_> cat pic ? 05:59 < Casteil> https://i.imgur.com/rO0CYqZ.jpg 05:59 <+layer-eight> * Casteil → IMAGE/JPEG Document, 326,927 bytes 05:59 < Casteil> it's not my cat, it just hangs around because I pet it a lot 05:59 < Casteil> and it helps control my chipmunks.. https://i.imgur.com/5MlTFIC.png 05:59 <+layer-eight> * Casteil → IMAGE/PNG Document, 311,594 bytes 06:00 < Pyrotechno> Cute 06:00 < genr8_> keep it 06:00 < Casteil> it has a collar 06:00 < Casteil> it belongs to someone 06:00 < genr8_> aw 06:01 < Casteil> was out petting her like 20 minutes ago and she's still just curled up on my porch probably scoping for critters to murder :) 06:04 < LemWork> ah dell diagnotics... how useless they are 06:05 < LemWork> system gets a clean bill of health from Diags... Memtest has 460 errors and counting. 06:06 < Casteil> heh 06:06 < Casteil> "Sorry we can't fix what's not broken" 06:06 < MillerBOSS> Thanks NinjaStyle Figured it out and sent it along. 06:08 <+NinjaStyle> hopefully it triggers 06:09 <+NinjaStyle> some scammers are careful 06:09 < MillerBOSS> Looking at the headers Gmail was used and not a client. 06:09 <+NinjaStyle> but the next step will heavily dependent on the pretext. i would definitely do with some kind of word doc 06:10 <+NinjaStyle> i'll just leave this here 06:10 <+NinjaStyle> https://posts.specterops.io/the-tale-of-settingcontent-ms-files-f1ea253e4d39 06:11 < Hunterkll> jesus christ 06:11 < Hunterkll> my film scans are over 300mb/image 06:11 < Hunterkll> i need to buy more drives 06:15 < genr8_> compress compress 06:21 < genr8_> that SettingContent.ms post was worth it 06:27 <+NinjaStyle> :) 06:27 <+NinjaStyle> all their content is high quality 06:27 <+NinjaStyle> i recommend you subscribe to the blog 06:28 <+NinjaStyle> genr8_: ^ 06:30 < genr8_> you know i had noticed those settings .ms files and i was meaning to investigate how they insert into the settings control panel , apparently poorly 06:34 < Hunterkll> NinjaStyle, so, wanna go meet up in moscow and be a russian spai with me? 06:34 <+NinjaStyle> Lol 06:35 < Hunterkll> i'm going for a week 06:35 < Hunterkll> lol 06:35 <+NinjaStyle> Why? 06:35 < Hunterkll> because i drunkenly acquired plane tickets 06:35 <+NinjaStyle> Lol 06:35 < Hunterkll> FORTUNATELY drunk me managed to bang it right for the monday after defcon 06:35 < Hunterkll> so 06:35 < Hunterkll> defcon -> DC -> Moscow 06:35 < Hunterkll> not shady at all 06:36 <+NinjaStyle> That's super shady 06:36 < genr8_> doesnt sound good 06:36 < MillerBOSS> Says Hunterkll 06:48 < genr8_> whats after bit torrent 06:54 < MillerBOSS> http://dinosaurpictures.org/ancient-earth#220 06:54 <+layer-eight> * MillerBOSS → Ancient Earth globe 07:13 < jay-ros> well, it looks like I've learned more about web certificates today than I wanted to 07:14 < nohusuro> jay-ros: such as? 07:15 < jay-ros> nohusuro - strippin the password off a pfx, adding the correct comodo crt, testing certificate before creating pem file, and uploading to the load balancer to speed up request processes 07:15 < jay-ros> i.e. a lot of googling, faffing about with openssl, and copy-paste testing 07:15 < nohusuro> why would you strip the password off your pfx? 07:16 < agent_white> That reminds me, I need to get a personal wiki (or blog) up and running and actually stick to it... too many times I've dove into some niche project only to forget quite a bit of it a few months later. 07:16 < jay-ros> because you need to upload the pfx key into a text file renamed .pem to upload into the exchange load balancer 07:16 < jay-ros> ...it's how they manage it. I'm sure you should be uploading a password-created version, but... it's how they do it 07:16 <+NinjaStyle> New last of us trailer omg 07:17 <+NinjaStyle> Ermergerd 07:17 <+NinjaStyle> Am excited 07:17 < agent_white> Ooo link? 07:17 < nohusuro> jay-ros: does comodo only provide the password in pfx format? 07:17 <+NinjaStyle> The Last of Us Part II – E3 2018 Gameplay Reveal Trailer | PS4 (https://youtu.be/btmN-bWwv0A) 07:17 <+layer-eight> * NinjaStyle → ⚓ https://www.youtube.com/watch?v=btmN-bWwv0A&feature=youtu.be → YouTube → The Last of Us Part II – E3 2018 Gameplay Reveal Trailer | PS4 → ⚘ 495,122 ↑ 89,392 ↓ 5,304 ✍ 20,339 07:18 < nohusuro> generally you can use openssl to convert to pem without stripping the password from your pfx 07:18 < jay-ros> nohusuro, nope, that's the comodo license implemented into the exchange server 07:18 < nohusuro> you kinda want to keep the password on your private key material 07:19 < nohusuro> I'm assuming your exchange load balancer is a linux machine, otherwise you wouldn't be using pem 07:19 < jay-ros> yeah, it is 07:19 < jay-ros> hpaproxy with a wrapper, it seems 07:20 < jay-ros> haproxy* 07:20 < nohusuro> is this exchange 2016? 07:20 < jay-ros> 2013 on prem 07:21 < nohusuro> so you have multiple on-prem exchange servers? 07:21 < nohusuro> I'm trying to picture why you need a load balancer 07:21 < jay-ros> yeah, I've got a pair of redundant load balancers running four cas servers 07:21 < jay-ros> connected to four mbx servers hosting four mailbox databases 07:22 < jay-ros> two by two, except for the load balancers which are two on one side... I'm trying to work out how to create a failover on different subnets to create site failover/priority 07:26 < xe0n> a good old dagggg 07:26 < xe0n> sup jay-ros 07:26 < jay-ros> dagggg-tastic! howdy xe0n! 07:26 < jay-ros> xe0n - I'm looking at some serious green ticks next to whiteboard tasks in front of me right now... It's been a good week and a bit :) 07:27 < xe0n> rockin 07:27 < xe0n> i just sent out the schedule for the sc agent rollout, 10 weeks 07:27 < jay-ros> sc agent? 07:27 < xe0n> screen connect 07:28 < jay-ros> ah right on! 07:28 < jay-ros> connectwise assistance 07:28 < jay-ros> I've rolled out anydesk 07:29 < xe0n> yeah, anything is better than vnc and teamviewer 07:29 < xe0n> so ripping those right out 07:29 < hug> I don't mind teamviewer. 07:29 < hug> Except $$$$$$ 07:29 < xe0n> anddddd ms have answered my question why we couldn't assign service numbers.... telstra have got the exclusive on e5 and wants any number, regardless if you use them as a reseller to purchase through them 07:30 < xe0n> ms just gave us a block of numbers, and now we can't assign them out 07:30 < xe0n> lol 07:31 < MillerBOSS> NinjaStyle 👉 Didn't work. Google image proxy picked it up 07:31 <+NinjaStyle> Those fuckers 07:31 < xe0n> hug: teamviewer enterprise is just rubbish, the way you need to assign machiens to groups is blah 07:31 < jay-ros> xe0n - that's a logistical nightmare 07:31 < MillerBOSS> >i want 100 usd 07:31 < xe0n> jay-ros: it is... 07:31 < hug> xe0n: It depends on how well you manage it from the get go. 07:32 <+NinjaStyle> You could always do it via external link, if you can think of how to make not suspicious 07:32 < MillerBOSS> >Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0 (via ggpht.com GoogleImageProxy) 07:32 <+NinjaStyle> Or u can just send a payload 07:32 < xe0n> hug: i ended up writing a PS script to do the 3 or so steps it wants you to do 07:32 < MillerBOSS> Well I got em on Google Hangouts 07:32 < xe0n> it works, but just rubbish... 07:32 < hug> Que? 07:33 < jay-ros> ouch, they're throwing extra costs for calls to mobiles? 07:33 <+NinjaStyle> Honestly MillerBOSS I would go lazy and generate some macro in veil and give it a shot 07:33 < jay-ros> 18 per month ex GST 07:33 < MillerBOSS> What a dick >Please send me money in advance 07:33 <+NinjaStyle> Or just do that specterops thing and hope they're on windows 10 07:33 < MillerBOSS> I have no idea about that stuff. 07:34 < MillerBOSS> Doing anything to him won't get my account fixed. I am just trying to show him in the act to show YouTube 07:34 <+NinjaStyle> I would ransomware him but to each his own 07:34 < jay-ros> xe0n - I feel a skype for business on-prem configuration happening in my office shortly 07:35 < hug> s4b onprem 07:35 < hug> lol 07:35 < hug> Dear god why 07:35 < MillerBOSS> Sure but that is foreign to me. 07:35 < hug> jay-ros: in fact why do you run all of these things in house. 07:35 < jay-ros> hug - because financial and strict manager :P 07:35 < jay-ros> hug - and I don't push and pull because I get to set it all up myself 07:36 < hug> The latter is an okay reason, the former isn't. 07:36 < jay-ros> I was just discussing the pricing with him 07:37 <+NinjaStyle> You could do it real easy with a vps or Kali ami 07:37 < MillerBOSS> https://millerboss.com/x/Screen-Shot-2018-06-12-00-37-38-L.png 07:37 <+layer-eight> * MillerBOSS → IMAGE/PNG; CHARSET=UTF-8 Document, 41,197 bytes 07:37 < jay-ros> Millerboss - yes. 07:38 < MillerBOSS> Yes 07:38 < MillerBOSS> I need 07:38 <+NinjaStyle> Yes 07:40 < jay-ros> MillerBOSS, i need. 07:41 < MillerBOSS> Yes 07:41 < jay-ros> I was listening to a canadian podcast, and he was saying they have autodialler chinese guys at the moment 07:41 < jay-ros> ...the same ones that've been passing through Australia 07:42 < MillerBOSS> This dick cheese https://millerboss.com/x/Screen-Shot-2018-06-12-00-42-02-q.png 07:42 <+layer-eight> * MillerBOSS → IMAGE/PNG; CHARSET=UTF-8 Document, 46,547 bytes 07:43 <+NinjaStyle> Now that you have the evidence, finish him! 07:44 < MillerBOSS> How? I don't know the shit you do 07:45 <+NinjaStyle> You've used metasploit right? 07:45 < MillerBOSS> Nah 07:45 <+NinjaStyle> O 07:46 < MillerBOSS> I mean I poked around but nothing more. 07:47 <+NinjaStyle> You basically generate an obfuscated reverse TCP payload with veil, put it in a word macro, start your metasploit listener, then SE them into opening the doc and running the macro 07:47 <+NinjaStyle> Then hope their AV is bad 07:48 <+NinjaStyle> But recently windows defender is pretty good 07:48 <+NinjaStyle> So if win 10 that other method is $ 07:50 < MillerBOSS> Do you have $ 100 Skrill? 07:50 < MillerBOSS> Yeah I don''t have time for all of that ya know? 07:50 <+NinjaStyle> I mean it's fast if you know it, but I get it 07:51 < MillerBOSS> Right 07:52 < MillerBOSS> Now he wants to chat. Where are you from 07:52 < MillerBOSS> ffs 07:52 < MillerBOSS> I'm Vietnam 07:52 < MillerBOSS> Figures 07:52 < vader-> sup 07:53 <+NinjaStyle> Dealing with Vietnamese scammers 07:54 < MillerBOSS> And then send to vnstreetracingtv@gmail.com. Then I will retract your copyright complaint. 07:54 <+NinjaStyle> I wonder if that is his YouTube login 07:55 < MillerBOSS> Main address now is thuthuy12993@gmail.com 07:55 < MillerBOSS> Vns is for skrill 07:55 <+NinjaStyle> I'm super tempted to just email him and see what happens 07:55 < MillerBOSS> I figured you would have by now 07:56 < MillerBOSS> Because he asked for my channel as he can't keep track 07:56 < MillerBOSS> So pretend your channel was taken down from him 07:57 < vader-> taxes are such horse shit man... :-/ 07:57 < Hunterkll> so you have multiple on-prem exchange servers? 07:57 < Hunterkll> I'm trying to picture why you need a load balancer 07:57 < MillerBOSS> Paypal address is vnstreetracingtv@gmail.com as well. 07:57 <+NinjaStyle> vader-: they're a necessary evil 07:57 < MillerBOSS> Now to youtube I guess 07:58 < Hunterkll> ^^^^ BECAUSE YOU SHOULDN'T RUN EXCHANGE WITH LESS THAN 4 SERVERS, 3 OF WHICH ARE ACTIVE DAG COPIES AND ALL OF THEM PROVIDING OWA/MAPI/ETC 08:03 < MillerBOSS> Dumb ass clicked the link NinjaStyle Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36 08:03 <+NinjaStyle> win 10 08:03 < MillerBOSS> 171.254.215.80 08:04 < MillerBOSS> I pasted it and said this is my channel 08:06 < MillerBOSS> I just know you can send $ 100 to paypal for me? 08:06 < MillerBOSS> Your channel will become good after sending money :) 08:06 < MillerBOSS> Probably some 17 year old making bank 08:09 <+NinjaStyle> fuck it im gonna just email him a reverse shell payload and say it is for generating hit bitcoin public key 08:09 < MillerBOSS> Do it 08:09 < agent_white> 'Paying the $100 for my friend' ;) 08:10 < vader-> did I miss something? 08:11 < MillerBOSS> I am definatly not paying this guy but now I have no idea that will take me seriously at youtube 08:12 < MillerBOSS> Yeah some Vietnamese is attempting to extort $100 from me to undo DMCA claims on my my youtube account. 08:12 < MillerBOSS> As I upload shit and make cash otherwise I would care as much 08:12 < MillerBOSS> wouldn't* 08:14 < jay-ros> vader- 08:14 < jay-ros> I need 08:15 < jay-ros> yes. 08:15 < MillerBOSS> Yes. 08:15 < vader-> hehe 08:16 < jay-ros> hahah Hunterkll - I just read your comment 08:16 < MillerBOSS> >I feel tired with you. After depositing $ 100 into my paypal paypal, your channel will have a good copyright status. I will not explain anything. Goodbye. 08:17 < jay-ros> MillerBOSS: "You're not worth my time. CLEARLY you don't appreciate good SEO and web optomisation. Goodbye friend. 08:17 < MillerBOSS> lol 08:17 < MillerBOSS> But this shows how fucked up YouTube's system is. 08:18 < jay-ros> MillerBOSS: "Also, i've recently changed my terms of service. Please be thankful to read them here...." 08:18 < MillerBOSS> Anyone can file a claim and have zero proof 08:18 < MillerBOSS> Ha ha yup 08:18 < jay-ros> Has anyone played with a galaxy s9 yet? 08:18 <+NinjaStyle> metasploit always takes forever to install 08:19 < jay-ros> I need to swap my old s7 out for a new mobile, and I think I'm getting a freebie from work 08:21 < MillerBOSS> I feel tired with you as well 08:21 < MillerBOSS> You will not get $100. 08:21 < MillerBOSS> Not with your attitude. 08:21 < MillerBOSS> I just want to get money. 08:21 < MillerBOSS> I just want to get money. 08:22 < MillerBOSS> And I'm holding onto your allegedly copyrighted videos. 08:22 < MillerBOSS> I hope you get some where with that install 08:28 <+NinjaStyle> MillerBOSS: i was lazy but we will see 08:28 <+NinjaStyle> i just sent 08:29 <+NinjaStyle> MillerBOSS: is he still talking to you? 08:29 < MillerBOSS> Yeah its all good. Yeah 08:30 <+NinjaStyle> nothing still, wonder if it was delivered 08:32 <+NinjaStyle> im not feeling good about it, would have expected the shell by now 08:32 < MillerBOSS> Yeah he is random. Doesn't keep a steady flow of convocation 08:33 <+NinjaStyle> plus i have no idea if these payloads still work after the new defender updates 08:38 <+NinjaStyle> boo 08:39 <+NinjaStyle> well i know it was delivered to Gmail 08:39 < MillerBOSS> Me Well the way I see it is YouTube is facilitating in extortion. 08:39 < MillerBOSS> YouTube 08:39 < MillerBOSS> 1:36 AM 08:39 < MillerBOSS> I'm sorry if you feel that way. 08:41 < agent_white> Easier to file DMCA than access a two-factor account without a phone. 08:41 <+NinjaStyle> too bad the asshole didnt run my thing 08:42 <+NinjaStyle> i mean it was a super suspicious pretext to be fair 08:43 < MillerBOSS> I will not contact you again until you agree to transfer $ 100 into my paypal wallet :) Bey 08:43 <+NinjaStyle> tell him to check his email! 08:43 <+NinjaStyle> lol 08:43 < MillerBOSS> I just did. 08:43 < MillerBOSS> :) 08:44 < MillerBOSS> >Check your email! 08:44 < agent_white> NinjaStyle: Found my first Linux Jr. Sysadmin posting for a gig around here :) Double bonus since it's a telecom company. Fingers crossed. 08:44 <+NinjaStyle> nice, well good luck 08:44 < agent_white> Actually has realistic requirements too, which is a first. 08:44 < MillerBOSS> Do you have a link I can send him in Hangouts? 08:44 < agent_white> And thank ya. Hopefully I might at least get a foot in the door. 08:45 < MillerBOSS> And have like youtube channel etc in the url? 08:45 <+NinjaStyle> he replied 08:45 < togen> telecom companies are usually good starting point. Easy way to network with other people 08:45 < MillerBOSS> >Haha. I'm not as stupid as you are. 08:45 <+NinjaStyle> "I'm not as stupid as you think" 08:45 < MillerBOSS> >I will not accept Bitcoin. 08:45 <+NinjaStyle> wat 08:45 < agent_white> togen: Yeah, I have a background in telecom as a NOC so it would be a familiar environment. 08:46 <+NinjaStyle> MillerBOSS: this fuck face 08:46 < MillerBOSS> Yup 08:46 < agent_white> What's the avg turnaround time for Youtube to reverse a DMCA claim? 08:47 < xe0n> 88mph 08:47 < agent_white> False, 60 speed. 08:47 < vader-> Any of you know of a place hiring for an entry/jr level position? 08:47 < MillerBOSS> HA HA he screenshot the email to me 08:48 < MillerBOSS> >Tom 08:48 <+NinjaStyle> lol 08:49 < MillerBOSS> What an idiot. 08:49 < MillerBOSS> >That's how the virus spread. I only accept paypal or skrill 08:50 < xe0n> send him skrillex.mp3 08:50 < xe0n> lol 08:50 < MillerBOSS> Yeah! 08:50 <+NinjaStyle> oh weird i got the payload to be downloaded 08:50 <+NinjaStyle> but i don tthink he ran the whole command 08:51 <+NinjaStyle> MillerBOSS: have you clicked it too? 08:51 < MillerBOSS> >I do not get bitcoin because the government does not allow it. I only got paypal or skrill. Thank you 08:51 < MillerBOSS> Me, no 08:51 < MillerBOSS> Are you nuts? 08:51 <+NinjaStyle> weird, i had 2 ip addresses hit it 08:51 < ned0> i clicked the canary up above NinjaStyle 08:51 <+NinjaStyle> no it was different 08:51 < ned0> fucking quick scrolling 08:51 <+NinjaStyle> this was for the dumb scammer 08:52 < ned0> this is going to be worse than the time you knocked the SSD caddy out of my laptop 08:52 < ned0> with your mind 08:52 < xe0n> dunn dunn dunnn 08:53 <+NinjaStyle> lol 08:54 <+NinjaStyle> MillerBOSS: gdi 08:54 <+NinjaStyle> i think this is burned 08:54 < MillerBOSS> Meaning no go? 08:54 < MillerBOSS> Just go ahead and lift the strikes and you will not be hacked any more. 08:54 < MillerBOSS> IP Adress 171.254.215.80 08:54 < MillerBOSS> Windows 10 08:54 < MillerBOSS> Chrome 67 08:54 <+NinjaStyle> i think he knows its bad 08:55 < MillerBOSS> That'll scare em right, right? 08:55 < MillerBOSS> This is just a virtual machine. I can turn it off now. Hahahaha 08:55 <+NinjaStyle> lol idk, lets give him like 5 mins 08:55 <+NinjaStyle> i said i can send USD through my exchange 08:55 <+NinjaStyle> if he just runs the address generator 08:55 < MillerBOSS> He thinks you are me 08:55 <+NinjaStyle> aw 08:56 <+NinjaStyle> did the canary token say he was on tor MillerBOSS ? 08:58 < xe0n> you guys must not be very busy, ay? 08:58 < xe0n> lol 08:58 < MillerBOSS> It ahttps://millerboss.com/x/Screen-Shot-2018-06-12-01-57-50-2.png 08:58 < MillerBOSS> Shit https://millerboss.com/x/Screen-Shot-2018-06-12-01-57-50-2.png 08:58 <+layer-eight> * MillerBOSS → IMAGE/PNG; CHARSET=UTF-8 Document, 36,845 bytes 08:58 < MillerBOSS> Me, I want me shit untucked. 08:58 < MillerBOSS> And unfucked 08:59 <+NinjaStyle> could send a macro and say its a paypal reciept 09:00 < xe0n> lol 09:00 < MillerBOSS> Well get creative. I know you are bored. 09:00 <+NinjaStyle> i should go bed 09:00 <+NinjaStyle> but i am annoyed by this guy 09:00 < MillerBOSS> Join the club on both things you said 09:01 < MillerBOSS> Uh oh. Getting cocky. >If you do not send $ 100 but also show your stupid, I will block all your messages, emails. Thank you. Last message. 09:07 < jay-ros> NinjaStyle, I need. 09:07 <+NinjaStyle> dowut 09:07 < jay-ros> yes. 09:07 <+NinjaStyle> yes 09:07 < jay-ros> :) 09:07 < jay-ros> $100 09:08 < jay-ros> MillerBOSS, are you seeing how deep this rabbit hole goes? 09:08 < MillerBOSS> Its interesting how his English got better. Maybe did take my suggestion of Google Translate. 09:08 <+NinjaStyle> i think its not just him running this operation 09:08 < jay-ros> "Boss, boss!!! I think I've got one!" 09:08 < jay-ros> "Ok, step aside, let me show you how a real scam artist does it, Pong" 09:08 <+NinjaStyle> MillerBOSS: i saw 2 IPs that were different from the one you had 09:08 < MillerBOSS> No idea. Trying YouTube from another angle. 09:09 < MillerBOSS> Your guess is as good as mine. 09:13 < MillerBOSS> Also when you go to https://support.google.com/youtube/answer/2807684?hl=en and click the blue box you send a counter notice which includes your (me) reason why and the form asks for legal name, address, number etc. Good thing I didn't put real info. This is a easy way to get money and some PII on people they way they are doing this. Huge hole if you ask me. 09:13 <+layer-eight> * MillerBOSS → Counter Notification Basics - YouTube Help 09:18 < donut_> Hm, any good docs on how telegram works and how to possibly evict it? 09:19 < donut_> got reports that they might be frontin through my service 09:19 < MillerBOSS> In other news Dennis Rodman was crying eh? 09:19 < jay-ros> MillerBOSS: I'm guessing bath salts... 09:20 < MillerBOSS> How do you mean evict donut_ ? 09:20 < jay-ros> evict donut sounds like a consequence of a bad diet 09:20 < jay-ros> telegram is a messaging service - can you block it on the firewall? 09:20 < donut_> not entirely sure how domain fronting works, but just got note from russia that telegram traffic has been monitored from our web ips 09:21 < donut_> which are not in aws 09:21 < donut_> if you haven't heard telegram was the reason why russia blocked all of aws 09:21 < jay-ros> listen to Pharell Williams whilst using telegram? 09:22 < jay-ros> "I know that I'm carrying on, never mind if I'm showing off I was just frontin') 09:22 < MillerBOSS> Are you really going to listen to "Russia"? 09:22 < donut_> of course 09:22 < donut_> if you had customers there you would too 09:22 < donut_> or no customers for you until next year 09:23 < MillerBOSS> Wow 09:23 < donut_> when they report that telegram traffic has been found it means no more traffic for you, at all. 09:24 < donut_> jury rigged the systems now, but damn i need to find some docs on how telegram operates and how to filter it 09:24 < MillerBOSS> Are you an ISP? 09:24 < donut_> personally i have nothing against telegram but hot damn, didn't expect to find it in my domain 09:24 < donut_> nah, a smallish global web service 09:25 < donut_> we sell gadgets 09:25 < MillerBOSS> Similar https://signal.org/blog/looking-back-on-the-front/ 09:25 <+layer-eight> * MillerBOSS → Invalid HTML document 09:25 < MillerBOSS> Thats why its "bad" to go with Russia 09:25 < MillerBOSS> In my opinion. 09:25 < MillerBOSS> :) 09:26 < donut_> not my call, as usual. Technical fixes to political problems are a nightmare 09:26 < MillerBOSS> Yeah I hear ya 09:26 < donut_> but i guess it's even worse the other way around. 09:27 < donut_> political fixes to technical problems are horror 09:27 < donut_> at least on state level diplomacy 09:31 < MillerBOSS> Good luck there eh 09:31 < rhqq> whats all the fuss bout the russia here 09:31 < rhqq> ? 09:32 < rhqq> tldr ? 09:32 <+ihre> they're coming to homosexualize your kids 09:32 < MillerBOSS> Scroll up a rad 09:32 < MillerBOSS> tad* 09:32 < rhqq> ugh 09:32 < donut_> nah, trying to find something to help me identify possible telegram traffic 09:32 < donut_> messing up our small web service to russian customers 09:32 < MillerBOSS> So does that mean Telegram the app is using your services? 09:33 < donut_> possibly, and i have no idea how it works in that regard 09:33 < MillerBOSS> Wouldn't they have to be a customer? 09:33 < donut_> but they have been in the news that they are capable of impersonating different web services 09:34 < donut_> routing traffic somehow, forged headers? errors? i dunno 09:34 < MillerBOSS> https://core.telegram.org/mtproto/description 09:36 < donut_> yeah that's the transmission protocol, but not how it's transmitted through nation state level firewalls 09:36 < Atro> ez just block 443 09:36 < donut_> heh yeah 09:37 < Atro> some firewalls can detect Telegram traffic 09:37 < Atro> like Palo alto 09:37 < MillerBOSS> I got that from https://stackoverflow.com/questions/46298204/how-detect-telegram-protocol-from-its-tcp-headers 09:37 <+layer-eight> * MillerBOSS → HOW Detect Telegram Protocol from it's TCP headers? - Stack Overflow 09:37 < MillerBOSS> https://security.stackexchange.com/questions/111961/filtering-telegram-traffic 09:37 <+layer-eight> * MillerBOSS → encryption - Filtering Telegram Traffic - Information Security Stack Exchange 09:38 < Atro> why would you wanna block telegram/signal anyway 09:38 < Atro> is your GDPR triggerin? 09:39 < donut_> nah, i have nothing against telegram 09:39 < donut_> it's just that we get no russian customers if we leak such traffic 09:39 < Atro> "leak"? 09:39 < donut_> doesn't matter to US companies that much, but for europeans it does 09:40 < donut_> Atro: how else would i explain unexpected telegram traffic from my ip addresses? 09:40 < MillerBOSS> Users? VPN, TOR? 09:41 < MillerBOSS> If you are a small hosting company 09:42 < donut_> nah, this is just a web front for a hi-tech gadget company 09:42 < catbeard> Disallow ssh tunneling and block all but essential egress ports except pinholes 09:42 < Atro> okay, so ? 09:42 < MillerBOSS> Do you mean you are just hoping a website? donut_ 09:43 < donut_> i have no idea if i actually leak telegram, but don't know enough to say it's not possible. 09:43 < MillerBOSS> Hosting* 09:44 < donut_> it's a service for the gadgets as well, but yes. 09:45 < donut_> oh and not some 'internet of things' monster 09:46 < rhqq> um 09:46 < rhqq> i did read something above 09:47 < rhqq> and it still makes no sense 09:47 < MillerBOSS> Yeah same here 09:47 < donut_> mm yeah 09:47 < vader-> so did the guy take the bate Miller?> 09:47 < vader-> bait 09:47 < MillerBOSS> Nah 09:47 < vader-> :-/ 09:47 < vader-> so did youtube suspend your whole channel? 09:47 < rhqq> whats the point of fighting telegram in the first place> 09:48 < MillerBOSS> It will be in 7 days but I will not let up on them about it vader-. I claim YouTube is facilitating in extortion. 09:48 < donut_> dont have a choice if i want to keep russians buying our stuff 09:48 < donut_> oh well, i'll have to add some sniffers and try to find anything weird while recycling ips 09:48 < rhqq> donut_: thats idiotic in its idea and still doesnt explain the reason 09:48 < rhqq> whats the point 09:49 < rhqq> and whats wrong with russians? 09:49 < donut_> they block everything related to telegram and i got a notice that my ips leak telegram traffic 09:49 < donut_> and those ips are just simple web fronts 09:49 < rhqq> are you located in russia? 09:50 < donut_> which serve static images to another front which has no problems 09:50 < donut_> no 09:50 < rhqq> then russian jurisdiction is not affecting your business 09:50 < rhqq> E O T 09:50 < donut_> ... 09:50 < donut_> they block all traffic to our service, thus no russian customers 09:50 < donut_> which is the problem 09:50 < rhqq> they wont 09:50 < donut_> they did already 09:50 < donut_> nullrouted my ips, tested it myself 09:51 < rhqq> #neutralityoftheinternet 09:51 < rhqq> xD 09:51 < rhqq> so basically your subnets are filtered out on bgp or what 09:51 < rhqq> in russia 09:51 < Atro> lel 09:52 < donut_> each isp does it their own way but the result is the same. This is handled by Roskomnadzor, their communications authority 09:52 < rhqq> they are known to be.... stubborn 09:52 < donut_> i dont even care about the russia situation at this point so much, but the telegram part is.. baffling 09:53 < donut_> how the fuck 09:53 < rhqq> what are you selling to russians 09:54 * rhqq tests the russian accent.. 09:54 < rhqq> Mikhail, tell me the truth 09:54 < MillerBOSS> lol 09:55 < donut_> heh 09:56 < rhqq> anyways, good luck, they're stubborn af, and now you wont really have peace with them for a long time 09:56 < rhqq> for me its sleep time, so cya folks 09:56 < donut_> anyway this will be interesting, thanks for the thoughts. Helped me to reconsider mine. 09:57 < rhqq> yeah, my 0 input 09:57 < donut_> =) 09:57 < rhqq> fun, i mean, they're doing exact thing americans, chinese and israeli ppl do as well 09:57 < donut_> nah just trying to explain the situation helps also me to understand it better 09:58 < rhqq> stop rubberducking me 09:58 < rhqq> xD 10:03 < jumi> morning 10:36 < Atro> why is it so difficult to get 3 external monitors with a laptop god dommot 10:47 <+ihre> get a (usb)dock 10:55 < togen> old dell docks could use 3 screens as well 10:57 < donut_> 2+laptop screen seems to be enough for me. Might be easier just to get a desktop for 3 or more ? 11:09 < togen> everyone at work uses 3 monitors 11:13 < genr8_> they make plenty of laptops that do 3 monitors 11:30 < togen> new hire's full name is 26 characters long... 11:34 < Hatsjoe> Mine is 22, so what? :P 11:45 < genr8_> theyre used to Bob and Jim 11:52 < togen> I am worried about Teamcenter PLM... 12:25 < jumi> Atro: I got two usb to hdmi adapters 12:25 < jumi> so I can plug my 3 monitors 12:29 < Atro> jumi: any feedback about how that works? 13:00 < jumi> Atro: fine enough 13:00 < jumi> altough cpu usage spikes a bit 13:00 < jumi> but for text and browsing the internet its good enough 13:01 < jumi> I wouldn't play video on it, it definitely works OK tho 13:06 < gavit> I had someone who'se lastname.firstname wouldn't fit in Windows AD 13:07 < gavit> as an account name 13:47 < kepler> Atro: need a GPU that'll support it. i think most intel chips support 3x < 4k, 2x 4k. otherwise, prob need a dedicated gpu 13:47 < kepler> Atro: i have an egpu for more screens 13:48 < kepler> on the go, i use 2x packed pixels 13:48 < kepler> waiting for razer's project valarie 13:50 < kaipee> how do you guys deal with shared 'machine accounts'? 13:51 < kaipee> like a manufacturing machine that needs to run monitoring software for testing builds, but will need to remain accessible across staff shifts (multiple users need to login and see results in the running software) 13:52 < kaipee> I don't like that they currently use a single account with a shared password 13:59 < Sousapro> kaipee: does the shared account need network access? 13:59 < kaipee> yes 13:59 < Sousapro> LMAO 14:00 < Sousapro> Security policy says no 14:00 < kaipee> reports of the builds need to be stored on network share 14:00 < kaipee> I know, it's a catch-22 14:00 < Sousapro> Is that the only network access that's required? 14:01 < kaipee> so how do I provide access to long-running software across multiple user shifts with network share access - but not allow single-login 14:01 < kaipee> I assume they only require network shares 14:02 < Sousapro> Local computer non admin account with a mapped network drive (that has saved credentials) 14:02 < Sousapro> Use group policy to mount the drive 14:02 < kaipee> local group policy? 14:03 < Sousapro> kaipee: and there's no way to run this software inside of a VM and use the endpoints as dumb terminals right? 14:03 < kaipee> and how would they log into the VM? 14:04 < Sousapro> kaipee: no, use domain group policy after putting these plague carriers err... Dedicated terminals into an OU 14:04 < kaipee> I'm not following 14:04 < Sousapro> I'd also use application whitelisting on them and only allow access to the required applications 14:05 < kaipee> I need for user1 to start the monitoring software, leave his shift and for user2 or user3 (across multiple shifts) to be able to login and see that software running and monitor it 14:07 < Nightcinder> so any normal monitoring software? 14:08 < Sousapro> So you can either lock down the workstation so that only the monitoring software can run and do the local account plus mapped network share 14:10 < Sousapro> Or you can do the same thing in a VM and have the users RDP shadow/VNC/VMware console their way into the box and leave the endpoints somewhat normal 14:11 < Sousapro> By doing things as GPOs inside of an OU it will allow you to replace or add machines as needed and will make sure people know those are special machines 14:11 <@cryptic1> morning 14:11 < Sousapro> Morning 14:12 < Nightcinder> back to work 14:12 < Nightcinder> all of our production machines are thin clients 14:12 < Nightcinder> maintenance has a laptop loaded with all their software they use 14:13 < SpookyCrisp> Nightcinder, I wish we could do that. 14:13 < Sousapro> Thin clients are a great idea 14:13 < Sousapro> No one ever wants to pay for VDI though 14:13 < SpookyCrisp> But management expects employees to work during hurricanes so they need laptops. 14:13 < Nightcinder> we use RDS 14:13 < Nightcinder> with two terminal servers 14:13 < Nightcinder> SpookyCrisp: office users have laptops/desktops 14:14 < Sousapro> SpookyCrisp: thin client laptops are a thing 14:14 < Nightcinder> and yes they are 14:14 < Nightcinder> i don't deploy those, nor would i 14:14 < SpookyCrisp> Sousapro, Yeah. My issue is my management doesn't use their noggins like normal folk. 14:14 < Sousapro> s/my/all 14:14 <+layer-eight> [SED Sousapro/SpookyCrisp] Sousapro, Yeah. My issue is all management doesn't use their noggins like normal folk. 14:14 < kepler> kaipee: does the software not allow multiple accounts/AD login? just give rights to that group that needs to log in 14:15 < SpookyCrisp> I tried to get everyone but people who would be normally working remotely to have desktops. 14:15 < kaipee> kepler: nope 14:15 < Nightcinder> front desk has a thin client to replace their useless hp laptop that never moved 14:15 < SpookyCrisp> Less likely hood of damage or loss. 14:15 < Nightcinder> we just deployed 3 wyse clients 14:15 < Nightcinder> getting ready to deploy 5 more 14:16 < SpookyCrisp> Those are nice. 14:16 < Sousapro> kaipee: if you want to make it really fun you can do remote app presentation 14:16 < SpookyCrisp> At a gig I was a contractor for we used those. 14:16 < Nightcinder> wyse 3040's mounted to P2217H's 14:16 < Sousapro> kaipee: create a security group that allows access to that app 14:16 < SpookyCrisp> Nightcinder, That would be perfect here. 14:17 < Nightcinder> office users w/ thin clients get two 22's 14:17 < Sousapro> Nightcinder: those have gotten way better over the last 10 years 14:17 < kaipee> Sousapro: how would the AD Sec Group get applied to a local admin on the machine? 14:17 < Nightcinder> laptop/desktop users get 24's 14:17 < Nightcinder> and some people get 27's at my discretion 14:17 < Nightcinder> but they're all the same res 14:17 < Nightcinder> some people just claim they're blind basically 14:17 < kaipee> using Computer Policy instead of User ? 14:17 < Sousapro> kaipee: the app has to run as admin? 14:17 < kaipee> nope 14:18 < kaipee> you said users should login a local admin 14:18 < SpookyCrisp> Nightcinder, My favorite. Larger screen != easier to see. 14:18 < Sousapro> Okay good 14:18 < Nightcinder> the only bad part about the wyse clients is you can't use a monitor mount 14:18 < kaipee> if they are a non-AD local account with admin rights, how do the Sec Policy get applied from AD> 14:18 < Nightcinder> unless you use a dell monitor mount 14:18 < Nightcinder> because of how it connects to VESA 14:19 < SpookyCrisp> Nightcinder, Yeah, but we use all Dell shit here. Wouldn't be an issue. 14:19 < Sousapro> kaipee: I wouldn't suggest using local admin account just regular local user accounts 14:19 < Nightcinder> no i mean 14:19 < Nightcinder> like we have the vivo gas dual monitor mounts 14:19 < misspwn> wait we passing out extra monitors? i'd lke mine to be all the same size please 14:19 < Nightcinder> you can't use wyse clients mounted 14:20 < Sousapro> kaipee: you'd have to experiment, it's been a while since I've done desktop support 14:20 < Nightcinder> misspwn: nope you get a 15 and 22 14:20 < kepler> ^ id kill myself 14:20 < kaipee> Sousapro: how do I apply AD Group Policy to a local user account? 14:20 < misspwn> :( 14:21 < SpookyCrisp> Nightcinder, Oh I see. Do you have them sitting on the desk 14:21 < SpookyCrisp> ? 14:22 < kepler> need this intern to get in already to do my work. ugghhhhh 14:22 < Nightcinder> the thin clients? no 14:22 < Nightcinder> we just leave them with the regular dell stands 14:22 < Nightcinder> instead of a mount 14:22 < SpookyCrisp> Nightcinder, Ah I see. 14:23 < Nightcinder> https://usercontent.irccloud-cdn.com/file/hLybIXiH/image.png 14:23 <+layer-eight> * Nightcinder → IMAGE/PNG Document, 1,574,413 bytes 14:23 < Sousapro> kaipee: no idea off the top of my head. I haven't gotten out of bed yet though so YMMV lol 14:24 < Nightcinder> bro it's 830 14:24 < Nightcinder> get to work 14:24 < Sousapro> kaipee: I personally like running the software on a VM and having them access it there 14:26 < kaipee> yeah although the software needs direct access to electronic boards that they manufacture 14:27 < kaipee> it's a strange on, no doubt :P 14:27 < Sousapro> Application whitelisting 14:27 < Sousapro> Local account 14:27 < Sousapro> Mapped network drive lol 14:28 < Sousapro> Anyone in here a desktop tech? I'm getting super rusty at this stuff lol 14:33 < SpookyCrisp> Nightcinder, Oh that's pretty neat. 14:35 < MadCamel> So is there any way to get generic win7 to act as a nat router? 14:36 < MadCamel> I ask because I need to get my linux workstation on a windows-only vpn 14:37 < SpookyCrisp> Sousapro, I'm stuck between desktop and sysadmin 14:37 < SpookyCrisp> Lol 14:37 < arlion> MadCamel: I remember trying my hand it several times and failing, mind you I was not nearly as knowledgble in networking as I am now. 14:38 < arlion> MadCamel: howevor, you want the easy way, I would reverse the roles, put the vpn on your linux box and nat the connection through your linux box would be much easier imo 14:38 < arlion> What is a "windows-only" vpn client you described? 14:39 < MadCamel> can't really do that, there's endpoint security that ties right into the TPM 14:39 < arlion> TPM? 14:39 < MadCamel> trusted platform module, crypto/key storage hardware 14:39 < arlion> Linux suppiort 802.1X authenitcation to include key auth 14:40 < Sousapro> Tell them you want to use Linux and request a Linux client 14:40 < Sousapro> What VPN client is this? 14:40 < arlion> Let's entertain this just a moment for discussion. 14:40 < arlion> Tell us a little bit more. 14:40 < MadCamel> They don't offer that even though the job is linux all day. Seriously guys, the only way to get on this network is the laptop they've given me. Anything else will red-flag my connection. 14:41 < McDonaldsWiFi> morning fellas 14:41 < arlion> MadCamel: do you have two NICs in the back on your Windows Machione? 14:42 < asimon> Good morning my friends 14:42 < arlion> asimon: good morning 14:42 < Sousapro> MadCamel: use the laptop they have given you and run a Linux VM? 14:42 < arlion> Ooo.. laptop. might need to use a usb->eth adapter. 14:42 < Sousapro> MadCamel: is it running windows 10? 14:42 < arlion> he said windows 7 14:42 < Sousapro> Ah 14:42 < MadCamel> Sousapro: that's plan B but this machine's a real dog so I'd rather not haha 14:43 < arlion> New plan. 14:43 < MadCamel> wifi and a nic. I'm not new at networking. It just seems that win7 doesn't allow nat unless it's win7 server? 14:43 < Sousapro> New plan, get a laptop made in this decade from work :P 14:43 < arlion> And which one are you using to connect to your office network? the wifi or eth? 14:44 < Sousapro> VPN miniport adapter 14:44 < MadCamel> wifi to public network, vpn over top of that to the office. nic's unused and I have a private network going between it and my real workstation already 14:44 < arlion> Okay 14:44 < arlion> do you have admin rights to your windows machine 14:44 < MadCamel> though honestly you don't need two nics for nat.. 14:45 < MadCamel> I can get a token to get admin rights for an hour. They record the screen though. Heh 14:45 < arlion> hrm, no go. 14:45 < Sousapro> You could try using Windows internet connection sharing on the VPN adapter that's created when connecting to a VPN 14:45 < arlion> I was going to suggest install virtualbox and then yanking the nic from the windows machine and giving it to a lightweight linux vm 14:46 < arlion> but that requires admin 14:46 < MadCamel> that's actually a good idea. I could get virtualbox installed 14:46 < Sousapro> Sounds like you've got good admins lol 14:46 < arlion> very good. 14:46 < arlion> I can defeat most protections given enough time. 14:46 < MadCamel> thanks for the suggestion, didn't even think of using a VM as a router 14:46 < arlion> but dam, this is good. 14:47 < Sousapro> arlion: you're the reason why whitelisting is a thing :P 14:47 < arlion> It's also the condition of my employement is that my desktop is a linux machine. 14:48 < Sousapro> Honestly why though? I'm running multiple Linux VMs in the hyper V role on my win 10 enterprise box at work 14:48 < MadCamel> I tried that as well, they just couldn't do it, too many policy/compliance issues. But if I'm going to get any real work done... 14:48 * Casteil grumbles 14:49 < Sousapro> It makes your machine a special snowflake. Not quite as bad as Macs but still 14:49 < Casteil> got a designer/contractor here sizing up this location to fit more people 14:49 < Sousapro> I'd give you RHEL as a desktop os lol 14:49 < Casteil> I have a feeling my office is about to get turned into a set of cubes.. 14:49 < MadCamel> eek 14:49 < arlion> Sousapro: yikes, you would pay licensing for my desktop? brah, I just run fedora. 14:49 < arlion> good and done. 14:49 <+giant_it_burrit> why not just use pfsense 14:49 < arlion> litterly what I was suggesting ^ 14:50 < Sousapro> arlion: I'd want a supported OS so that I'm not having to support it lol 14:50 <+giant_it_burrit> felda = support 14:50 <@Code_Man65> Oh no giant_it_burrit, he isn't here and you said the magic word 14:50 < arlion> Sousapro: bitch, I AM THE SUPPORT. 14:50 < arlion> lol 14:50 <+giant_it_burrit> felda? 14:51 <+giant_it_burrit> REEEEEEEEEEEEEE 14:51 < asimon> #gotem 14:51 < Sousapro> arlion: or have you sign a piece of paper that says you have a special machines that requires you to maintain all patching according to org standard 14:51 < arlion> I patch every morning as habit 14:51 < Sousapro> arlion: and I'd make you run SEP14 still lol 14:51 < arlion> sep14? 14:52 < Sousapro> Symantec Endpoint Protection 14:52 < Sousapro> Or whatever the org uses 14:52 <@Code_Man65> Yuck 14:52 <@Code_Man65> SEP (and McAfee EPO) are both terrible 14:52 < Sousapro> I don't want to hear that Linux doesn't get viruses 14:52 * Sousapro stares at rootkits until they explode 14:53 < arlion> Sousapro: https://paste.fedoraproject.org/paste/~fAgW4CEvEmL-BMNR6FrZA 14:53 <+layer-eight> * arlion → Untitled - Modern Paste 14:53 < Sousapro> Code_Man65: I'm not saying they are good 14:53 < arlion> patching history of my box for the last 2 years. 14:53 < Sousapro> Code_Man65: just that I'm not trusting a dev to keep a secure system that I can't easily mkbitor 14:53 < gavit> most tutorials online show you how to install apache and db on a single server. isn't it wiser to have a seperate db and webserver? when deploying 10 apps you then need 1 webserver and 1 db, and then you make those two redundant, or is it safer to keep them as 'one' because n upgrade of php shouldn't break the other apps? 14:54 < Sousapro> gavit: definitely split them up if possible 14:54 <@Code_Man65> gavit: It's a question of scale, but splitting the web and db up are good practice 14:54 < gavit> Sousapro: so 1 vm per app? 14:54 <@Code_Man65> If you are doing 3 tier you split the app, web, and database tiers 14:54 < Sousapro> ++ 14:54 < Sousapro> gavit: depends on scale 14:54 < SpookyCrisp> Sousapro, Oh god, not SEP! 14:55 < gavit> Code_Man65: so multiple db for redundancy and every app in a seperate apache/nginx vm? 14:55 < Sousapro> SpookyCrisp: it got less terrible with SEP14. SEP12 is still a dumpster fire 14:56 < MadCamel> gavit, that's generally a good plan. 14:56 <@Code_Man65> Generally, yep. 14:56 < Sousapro> gavit: that's only applicable at business scale 14:57 < SpookyCrisp> Sousapro, We've got the cloud version. Its meh at best. 14:57 < Sousapro> gavit: for home or small business, I'd probably go 2 or 3 servers for each tier. 14:57 < SpookyCrisp> Started looking into Windows Defender ATP since we can integrate it into Intune. 14:57 < Sousapro> Intune 14:57 < Sousapro> Ugh 14:58 < Sousapro> With Microsoft Autotune, you can forget about group policies. Here's half the functionality, enjoy 14:59 < Sousapro> Who needs a domain when you can use Azure AD instead? :P 15:00 < SpookyCrisp> Sousapro, That's what we're working towards lol. 15:00 <+giant_it_burrit> autotune is awful 15:00 < SpookyCrisp> We want to put at least half of our computing resources into Azure. 15:00 <+giant_it_burrit> unless used by tpain 15:00 < SpookyCrisp> giant_it_burrit, LOL 15:01 < Sousapro> SpookyCrisp: I've looked at it but I'd like intune to be a little more mature first 15:01 < SpookyCrisp> Sousapro, Not my idea. Just following orders. Our VP thinks we should be 100% cloud and have 0 on site infra. 15:01 < Sousapro> SpookyCrisp: lmao 15:01 < Sousapro> SpookyCrisp: he's gonna love those azure bills 15:01 < SpookyCrisp> Sousapro, I think Intune is awesome, but I agree it needs to mature some more. 15:02 < SpookyCrisp> Sousapro, We pay like $600 a month for our backup storage. 15:02 < SpookyCrisp> But we haven't started running VMs there. 15:02 < SpookyCrisp> We use a 3rd party to host VMs for DR. 15:02 < SpookyCrisp> That's expensive AF 15:02 <+giant_it_burrit> im tempted to have Hunterkl build out my sccm stuff 15:02 <+giant_it_burrit> but then he would do something 15:02 <+giant_it_burrit> and then start ww3 15:02 < Sousapro> SpookyCrisp: what's he gonna do when the first $10k azure bills shows up? 15:03 < Sousapro> Every C Level is like "put our Windows XP VMs in Azure" right now 15:03 <@Code_Man65> Most companies prefer opex to capex 15:04 < Sousapro> Code_Man65: that's fair but lift and shift is stupid and expensive 15:04 <@Code_Man65> No argument there, if you just try to move what you do on-prem to the cloud you are setting yourself up for failure 15:04 < Sousapro> Code_Man65: take advantage of AWS and Azure fully. Don't just upload your legacy VMs 15:05 < _Straffer> but why buy reliable things when it looks better on paper to buy the less secure things that frequently break 15:05 < _Straffer> these kinds of decisions are made by someone in a 10x10 dry-wall box while looking @ a spreadsheet 15:05 < Sousapro> _Straffer: you can't afford as many hookers or as much blow in the board room 15:06 < _Straffer> hookers 15:06 < _Straffer> blow 15:06 < _Straffer> but no extra data ports bc drops are expensive 15:07 <+giant_it_burrit> Code_Man65: do you have a getting started with sccm? reasons for sccm: better patching and app install. endpoint protection. mac management with parallels.imaging. thats the short list 15:07 <@Code_Man65> Honestly giant_it_burrit, I still recommend the windows-noob.com guides 15:08 < alazare619> had a wicked storm here last night 15:08 < alazare619> was out on my wooden deck watching it tons of sky to ground lighting 15:09 < alazare619> but what was crazier was the "spider" lightning 15:09 <+giant_it_burrit> did you get tased bro? 15:09 <+giant_it_burrit> Code_Man65: does it make the most sense to go to cbb with sccm and not the 2012r2 15:09 <+giant_it_burrit> i think its on 2016 15:10 <@Code_Man65> Yes, no reason to deploy 2012 r2 15:10 <+giant_it_burrit> then we move everyone off ltsb! 15:11 < alazare619> so we are FINALLY going to get exchange 2013 deployed 15:11 < hxcsp> alazare619: those are fun to watch and record, then play back in slow motion 15:11 < alazare619> on 2016 server 15:16 < alazare619> it will be nice to finally replace the old 2007 on 2003 exchange setup 15:16 < alazare619> and finally remove the 2003 dc's 15:17 <@Code_Man65> Umm alazare619, Exchange 2013 doesn't support Server 2016 (and never will) 15:17 <@Code_Man65> If you want Server 2016, you have to do Exchange 2016 15:17 < alazare619> wait 15:17 < alazare619> i phrased that wrong 15:17 < alazare619> 2013 on 2012 r2 15:18 < alazare619> dc's are going to 2016 15:18 <@Code_Man65> Why install Exchange 2013? 15:18 <@Code_Man65> It went out of mainstream support a month ago 15:18 <@Code_Man65> Go straight to 2016 15:18 < alazare619> becaues its the only one that we can direct migrate from 2007 from 15:18 < alazare619> cant put 2016 in prod with an existing 2007 15:18 < alazare619> the interoperability matrix doesnt show 2016 15:19 < alazare619> the migration path from 2007 to 2013 is as simple as standing up a 2013 with all roles 15:19 < alazare619> migrating the mailboxes and calling it a day 15:19 <@Code_Man65> Yeah, but 2013 should just be a stepping stone 15:19 < alazare619> it is a stepping and waiting stone 15:19 <@Code_Man65> Get everyone on it, decomm 2007, and then get 2016 stood up 15:19 < alazare619> didn't have enough budget to go straight to 2016 15:20 <@Code_Man65> Do you already have the Exchange 2013 license and cals? 15:20 < alazare619> 2016 is on your budget for next year tho...along with voip..and much much much more 15:20 < alazare619> yea it was purchased 2 years ago but never had a chance to actually get it done 15:20 < alazare619> funny enough pretty sure we have SA 15:20 <@Code_Man65> 2 years ago Exchange 2016 was out, assuming you got SA you have Exchange 2016 15:20 < alazare619> so might be able to go to 2016 for free 15:20 < alazare619> id have to double check on it 15:21 <@Code_Man65> Do so 15:21 < alazare619> actually pretty sure i do. Forgot tho the one reason we dont have it on the agenda is the fact that office 2007 doesnt support 2016 15:21 < vinrock> https://i.imgur.com/ihb83gt.jpg 15:21 <+layer-eight> * vinrock → IMAGE/JPEG Document, 46,419 bytes 15:22 < alazare619> so we purchased 2016 with Downgrade for 2013. and are waiting on office. Then moving to 2016 as its a direct migration too 15:22 <@Code_Man65> What version of office are you running? 15:22 < alazare619> 2007 15:22 < vinrock> ew 15:22 < alazare619> i'm on 2013 15:22 <@Code_Man65> Oh good fucking god 15:22 < alazare619> but thats because i have a personal license :P 15:23 < alazare619> hey some are on office xp still ;) 15:23 <@Code_Man65> You aren't helping 15:23 < alazare619> i'm at that point where i'm like #fuckitall 15:24 < alazare619> but its progress 15:24 < alazare619> trying to undo 10 years of neglect is impossible 15:24 < alazare619> heres some more food for thought 15:24 < JollyRgrs> not impossible, just need a locomotive and a cow catcher 15:24 < alazare619> they purchased individual licenses for these products... 15:25 < alazare619> we got proper licensing for the new stuff but it's just 3 steps forward 2 steps back...things are starting to go better tho... 15:28 < Paco> Since we're on the topic of Exchange. Has anyone done an on-prem upgrade while having hybrid in place? We'd be going 2010 to 2016 15:36 < Hatter> How's everyone feeling today? 15:38 < Popzi> sad that my laptop usb mouse has died and we dont have any spare in the office, so im forced to use the god aweful trackpad :( 15:38 < corn266> use the little touch tip instead 15:41 < alazare619> Paco: thats what we are doing with 2007 to 2013 15:42 < Hatter> Popzi: It was just a friendly greeting, I was inviting a bunch of whining 15:42 < Hatter> *wasn't 15:42 < Hatter> I'm sorry, that's was very rude 15:44 < Popzi> I'm now even sadder that my whining has been rejected, whilst I sit here wheeping with my trackpad :'( 15:46 < Hatter> trackpads are the worst though 15:46 < Hatter> I can't take anyone seriously who uses them 15:49 <+giant_it_burrit> https://i.imgur.com/Z3jXh6A.gifv 15:49 <+layer-eight> * giant_it_burrit → Dumb snake hits its head on a glass door 15:50 < l3gacy> good bacon to all and to all some good bacon! 15:54 < l3gacy> YAY! ER level blood glucose @ job site! 15:56 * l3gacy faints, and lands on the ficus 15:57 < l3gacy> Hey, bmurt! 15:58 < l3gacy> Look at you, you're da Kaptain, now 15:59 < alazare619> so i've been playing the game of unsubbing from every email 16:00 < alazare619> and i'm down to only getting around 200 emails a day to my personal email finally 16:00 < l3gacy> So, you're losing, alazare619 ? 16:01 < Kaptain> every sinking ship needs a kaptain 16:06 < JollyRgrs> alazare619: trying to detect "legit" from spam emails? 16:06 < alazare619> yep 16:06 < JollyRgrs> you don't want to unsub from spams or you'll just let htem know you are active and hit MORE lists 16:07 < JollyRgrs> lol 16:07 < alazare619> actually l3gacy i was getting around 3k+ spam aday 16:07 < l3gacy> That's it? Slacker 16:09 < JollyRgrs> alazare619: i think you just need to stop using alazare619@gmail.com for all the cam sites you sign up for 16:09 < JollyRgrs> just use like alazare619camwhore@gmail.com for that 16:09 < Hatter> good advice 16:09 < alazare619> JollyRgrs: i dont i use alazare619+camwhore@gmail.com 16:10 < alazare619> i use tags :P 16:10 < rpifan> hi drug users 16:10 < Hatter> can you have + in an email address 16:10 < vinrock> not gmail 16:10 < Hatter> rpifan: good morning dear 16:10 < rpifan> on gmail 16:10 < Hatter> then alazare619 is a FIBBER 16:11 < rpifan> so i went to roo ad returned 16:11 < SpookyCrisp> Hatter, Serial fibber? 16:12 < JollyRgrs> alazare619: tags or not, they all come into the same thing 16:13 < alazare619> but then i have that tag auto deleted :P 16:13 < alazare619> the problem is getting back control of the main email address 16:13 < JollyRgrs> and how many companies do you think are wise enough to the whole email+tag@gmail and filter out the tags? 16:13 < alazare619> i'm starting to win the battle tho 16:14 < alazare619> idk id think writing code to circumvent (strip) the tag off only gmail would be a shitty ROI 16:14 < JollyRgrs> i'd scrape every email and just do replace "+*@" with "@" and get the root emails... i mean, not hard 16:14 < alazare619> they can just spend more money and get more lists to mass blast 16:15 < JollyRgrs> this guy is hilarious 16:15 < JollyRgrs> he puts sir in front of everyone's name 16:16 < JollyRgrs> not just like "thank you, sir"... he'd be like "hello sir alazare619, blah blah blah... sir please let me know when I can contact sir cryptic1 about this" 16:17 < khelpw> Anyone else have 1803 roll out on domain joined PCs despite having it declined in WSUS? 16:18 < ekaj> ree 16:18 < ekaj> pretty sure that's a common issue khelpw 16:19 < khelpw> h8 16:19 < ravioli> JollyRgrs: i wanna work with them 16:19 < JollyRgrs> you do, sir ravioli? 16:19 < ekaj> khelpw: i fixed the issue in my organization by blocking windows update domains at the firewall/proxy for everything except sccm / wsus 16:19 < Hatsjoe> Guys, I need your help.. If you have an AD with example.com as FQDN root domain, is it possible to create a conditional forwarder for foobar.example.com to some other DNS not linked to the AD in any way? (lets pretend the other DNS is simply 8.8.8.8) 16:19 < Hatsjoe> Takling about windows 2008 here 16:20 < Hatsjoe> Talking* 16:20 < rpifan> who were the roovians in here 16:20 < khelpw> ekaj: I'm fixing the issue in my organization by ignoring it. 16:21 < ekaj> ah we take that approach to everything 16:21 < JollyRgrs> rpifan: you are a fan of roo from winney the pooh as well, eh? 16:21 < JollyRgrs> ;) 16:21 < rpifan> 'roo 16:21 < rpifan> boooonnnnaarooooooo 16:21 < JollyRgrs> sorry 16:21 < JollyRgrs> doesn't ring a bell 16:21 < rpifan> lol 16:21 < JollyRgrs> but i do love calling ppl boons 16:21 < JollyRgrs> ya boon 16:22 < rpifan> it wasnt that best time ever 16:22 < rpifan> but it had peaks 16:22 < rpifan> to many damnded cops tho 16:22 < rpifan> on horses and in the air 16:22 < JollyRgrs> best of times for me always comes with two peaks 16:22 < ravioli> :O 16:22 < ravioli> SpookyCrisp vs felda in #donger!! 16:22 < JollyRgrs> firm, yet soft 16:22 < ravioli> felda's first dong! 16:22 < JollyRgrs> SpookyCrisp gonna die 16:23 < ravioli> correct 16:23 < rpifan> lol 16:25 < SpookyCrisp> REKT 16:25 < l3gacy> Learning Python... yay 16:25 < Popzi> Hey there's nothing wrong with python! 16:26 < rpifan> dont speak ill of pythin 16:26 < rpifan> its the only programming language i dont hate 16:26 < rpifan> ive managed to create useful helpful scripts for work 16:26 < l3gacy> I need to learn Powershell, too 16:26 < rpifan> in a matter of a few days without even needing ot make objects or classes 16:26 < asimon> I think he forgot an opening sarcasm tag so the HTML didn't render for me 16:26 < Casteil> python is simple and effective 16:26 <+giant_it_burrit> cryptic1: want to beat rage together bby? 16:27 < Casteil> it's kind of hard to give python much shit 16:27 < SpookyCrisp> I love Python. 16:27 < Casteil> it has its place, of course, its place is not really high speed/massive data handling 16:28 < nickster> guess who forgot to put on deodorant on his right arm apparently 16:28 < l3gacy> ? 16:28 < nickster> meeee 16:28 < SpookyCrisp> Kek 16:28 < syere> nickster: that is why you keep emergency deodorant in the car 16:28 < Casteil> protip 16:28 < nickster> i have told myself that 4 times 16:28 < Casteil> don't keep deodorant in the car 16:28 < nickster> every time it has happened 16:28 < Casteil> it liquefies 16:28 < nickster> i normally bring a bag, be it backpack or briefcase 16:28 < syere> Casteil: it'll get melty sure during the middle of the day 16:28 < F34RInc> yeah just keep in a drawer in your desk 16:28 < nickster> so it'll go in there 16:28 < syere> but in the mornings its still solid 16:29 < l3gacy> I keep a stick in my backpack, and a stick at my desk, as well as in medicine cabinet 16:29 < rpifan> i like smelly sweaty guys 16:29 < Casteil> bingo, same with chap stick 16:29 < rpifan> as long as there hot 16:29 <+giant_it_burrit> you guys dont have a dolip bag in your office? 16:29 < rpifan> either really skinny or musuclar 16:29 < Popzi> how does it not expand and explode in the car during heat? 16:29 < syere> im not sure how it could explode... 16:29 <+giant_it_burrit> its a dry stick 16:29 <+giant_it_burrit> not the spray can 16:29 <+giant_it_burrit> thats what i think they mean 16:29 < Popzi> ah, yes, dry sticks, right. 16:29 < syere> they get melty. you dont go use it at noon. it's more so, you get into work and you are still on auto pilot and realize you forgot deodorant 16:30 < Popzi> exploding dry sticks, that could be fun 16:30 < nickster> you mean to tell me you don't spray liquid chap stick on your face 16:30 < syere> so you reach under the seat, grab the damn thing, then off to work 16:30 <+giant_it_burrit> are we still talking about the same thing? 16:30 < vinrock> aw fuck i just realized i forgot to renew my registration 16:30 < vinrock> now that i remembered im probably gona get pulled over on the way home 16:30 <+giant_it_burrit> make the appointment to get that done today 16:32 < vinrock> booyah tonight is the late night for my dmv so i can swing by after work 16:32 < vinrock> noice 16:32 < F34RInc> vinrock, you have to do it in person. No online option 16:32 < ekaj> `bofh 16:32 < JollyRgrs> vinrock: yo ugotta swing by early so you are through the line before they close 16:32 <+layer-eight> BOFH Somebody was calculating pi on the server 16:32 < vinrock> yeah there's an office right by my place 16:32 < vinrock> and luckily it isnt busy since i live in the boonies 16:33 < ekaj> what state 16:33 < vinrock> jersey 16:33 < JollyRgrs> idaho 16:33 < ekaj> sorry 16:33 < ekaj> Urdaho 16:33 < vinrock> i know 16:33 < rpifan> im the daho 16:33 < narziss_> Yesterday I introduced the most mischevious dev in my office to the BOFH. 16:33 < JollyRgrs> u's a ho 16:33 < felda> vinrock You have to BOOP THE SNOOT 16:33 < JollyRgrs> HOOOOOOOOOOOOOOOOO 16:33 < rpifan> felda 16:34 < ekaj> everyone a ho 16:34 < vinrock> never not boop the snoot 16:34 < JollyRgrs> narziss_: which, in his opinion, should be you, right? 16:34 < Nightcinder> https://www.wyzecam.com/ how do these people make money 16:34 <+layer-eight> * Nightcinder → Wyze Cam Pan 16:34 < Nightcinder> i'm confused 16:34 < narziss_> well, he knows it is way better to be on my good side. 16:34 < vinrock> whoa 16:34 <+giant_it_burrit> sell data to nsa 16:35 < JollyRgrs> Nightcinder: they want you to pay for extended clodu services 16:35 < JollyRgrs> their website tells you exactly that 16:35 < Nightcinder> 14 days is plenty 16:35 < JollyRgrs> "we want to make it cheap for all ppl" 16:35 < vinrock> aw man does this thing have an api 16:35 < JollyRgrs> https://www.wyzecam.com/our-story/ 16:35 <+layer-eight> * JollyRgrs → About Wyze Labs: Make Smart Home Technology Accessible To Everyone 16:35 < Nightcinder> my buddy bought one 16:35 < vinrock> cheap and easy automated paintball turret here i come 16:35 < JollyRgrs> vinrock: old v1 you could get a URL to watch it 16:35 < Nightcinder> loves it 16:35 < JollyRgrs> you could hack em 16:36 < JollyRgrs> v2 not yet 16:36 < JollyRgrs> i got a v2 :( 16:37 < Nightcinder> which do you have 16:37 < Nightcinder> the pan or straight on 16:37 < JollyRgrs> straight box 16:38 < JollyRgrs> the pan just came out i bought mine like a month or two ago 16:40 < Nightcinder> ah 16:40 < Nightcinder> how is it? 16:41 < JollyRgrs> not bad 16:41 < JollyRgrs> can't beat it for the price 16:41 < dragonfleas> How do you explain to end users you can't make things go back to loading 5 seconds instead of 10 seconds? 16:41 < dragonfleas> It's like 16:41 < JollyRgrs> however... 16:41 < JollyRgrs> you get what you pay for 16:42 < dragonfleas> They expect everything to run exactly the same amount of time always and everything to be static 16:42 < JollyRgrs> motion detection misses a lot, picks up a lot i don't want 16:42 < ravioli> dragonfleas: "sometimes it takes longer" 16:42 < JollyRgrs> zonemidner is much better in that regard 16:42 < dragonfleas> "outlook took 10 seconds to load this time instead of the usual time" 16:42 < JollyRgrs> i was hoping i could get the URL and hook it up to zoneminder 16:42 < ekaj> i called a tech about an appliance being slow after an upgrade 16:42 < dragonfleas> but then they freak out and say "i can't do my work if it's taking this long" and I honestly just get filled with rage 16:42 <@ravioli> take a breath 16:42 < JollyRgrs> dragonfleas: welcome to helldesk 16:42 < JollyRgrs> :P 16:42 <@ravioli> they'll always be like that. 16:42 < ekaj> i don't think he believed me until it took 30 minutes for me to dump a config from the web ui 16:43 < JollyRgrs> as the only one... you are helldesk and sysadmin all at the same time 16:43 < ekaj> also that's why I will not do helpdesk 16:43 < dragonfleas> JollyRgrs, not only do I deal with helldesk, but I'm also maintaining our entire infrastructure, I don't have enough time in the day to do everything I need to 16:43 <@ravioli> one of us! 16:43 <@ravioli> one of us! 16:43 <@ravioli> one of us! 16:43 < dragonfleas> I feel like I'm back at an MSP, putting band-aid fixes on stuff because I've run out of time 16:43 < DomLS3> dragonfleas: the solution is simple: tell them they have a virus that's slowing down their computer because of something they browsed to on the internet, and you have to let your boss know. 16:43 < JollyRgrs> dragonfleas: that's why i did my time as tech support and like the jeffersons, i moved on up 16:43 < DomLS3> I bet they stop complaining real quick 16:44 < dragonfleas> also previous IT guy didn't give any fucks about this environment and used 2003 r2 servers for 5 years without even thinking of upgrading 16:44 < DomLS3> wat 16:44 < DomLS3> cryptic1: back to work 16:44 < DomLS3> quick fuckin with the modes 16:44 < Tzunamii> ravioli: I, robot ? 16:44 < dragonfleas> I've been trying to reach out to Techsoup so I can get Exchange Online (365) but they won't fucking call me 16:44 < DomLS3> don't they only work with non profits? 16:44 < JollyRgrs> well, 2003 was a fine OS for 5 years before 2008 came out... therewasn't even a choice in those 5 years 16:44 < JollyRgrs> :P 16:48 <@ravioli> Tzunamii: ? 16:48 < Tzunamii> ravioli: "One of us!" 16:49 <@ravioli> ¯\_(ツ)_/¯ 16:51 < Billy2> sigh, why is windows update and wsus such a pita to work with sometimes, got a few 2008 r2 servers that just refuse to show that they need the credssp updates 16:52 < estranger> any of you cunts ever use druid.io? 16:56 < sideup66> Why did felda end the mem 16:56 < sideup66> E 16:56 < sideup66> :( 16:57 < felda> becuase it's all ogre now 16:57 < sideup66> But 16:57 < sideup66> I'm sad 16:57 < sideup66> https://youtu.be/dj20Ao4Vw9w 16:57 <+layer-eight> * sideup66 → ⚓ https://www.youtube.com/watch?v=dj20Ao4Vw9w&feature=youtu.be → YouTube → Sad Violin - Air Horn Sound Effect (MLG) → ⚘ 2,162,864 ↑ 22,069 ↓ 650 ✍ 1,395 17:04 < alazare619> dragonfleas: you and me we are the same 17:04 < dragonfleas> JollyRgrs, 2003 R2 is not okay 5 years leading up to 2018 17:04 < JollyRgrs> lol, i suppose you have a point there 17:04 <+giant_it_burrit> why is this chat so quiet 17:04 <+giant_it_burrit> are people working? 17:05 < Popzi> working??? 17:05 < dragonfleas> Our exchange server is running 2007, and it's also storing our company share drive, and it's super broken, NT Backup fails on it, I can't fix it, tried every troubleshooting step I could find, worked on it for about 8 hours, 17:05 < dragonfleas> I wanna move to exchange online 17:05 < Popzi> but have you tried running windows troubleshooter on it? 17:05 < dragonfleas> Right now I'm trying to sell a DR solution to boss but it's REALLY hard to sell it to boss because we are tight on funds 17:06 < dragonfleas> I told him "all companies have DR stories, "we didn't invest in DR until we lost 500 thousand from a catastrophic fire in the server room" and then they are filled with regret, and no bonuses that year" 17:06 < dragonfleas> but he's like "idk if we have the funds, figure out the cheapest way to make it work" 17:07 < dragonfleas> but I refuse to do our current solution of rotating drives because we don't have enough storage space and we only have 4 tb SPINNERS, that could fail, and previous guy wanted them rotated, each server backed up every day 3 times a day and rotated 5 times a day 17:07 < dragonfleas> Cold storage for DR on shitty quality HDD's is a bad fucking idea 17:08 < dragonfleas> plus I am at other offices all the time, so who's going to swap the hard drives 5 times a day if I'm working on big projects out of the HQ all the time 17:08 < dragonfleas> How did you guys sell DR to your boss? 17:09 < Popzi> How effective even is rotating drives? 17:09 < dragonfleas> Popzi, I think it's more of a pain in the fucking ass than anything 17:09 < grumplestiltzkin> the risk of business shutting down for X time and then not recovering is a pretty good selling point, dragonfleas 17:10 < grumplestiltzkin> I dont mean not recovering the data, I mean the business shuttering because it was down for too long 17:10 < Popzi> It seems like it, but if it's a fire then there'e pretty much no point, unless you're storing them in a fireproof box / offsite? 17:10 <+giant_it_burrit> what happens if a rotated drive is dropped 17:10 < Popzi> that too 17:10 < dragonfleas> Popzi, yeah he wants me to take them home with me every day 17:10 < Popzi> jesus xd 17:10 <+giant_it_burrit> what if you are off 17:10 < Popzi> what if you crash 17:10 <+giant_it_burrit> dragonfleas: how much data 17:10 < DomLS3> Should be using a third party vendor for picking up backups 17:10 < dragonfleas> giant_it_burrit, 22 TB 17:10 < DomLS3> but that costs $$$ 17:11 < grumplestiltzkin> dragonfleas: what the actual fuck? 17:11 < dragonfleas> grumplestiltzkin, yeah....i fucking know... 17:11 <+giant_it_burrit> how many users? 17:11 < dragonfleas> i got it, i'll install crash plan pro on every server 17:11 < dragonfleas> just kidding 17:11 < Paco> Is any of that deduplicated or compressed? :o 17:11 < dragonfleas> Paco, it's compressed but not deduped 17:11 < Popzi> just accidentally drop a drive when you're taking it to the car 17:11 < dragonfleas> giant_it_burrit, we have about 100 17:11 < grumplestiltzkin> just so I'm clear, the prcess now is a human person thing swaps disks, maybe multiple times a day, then takes them home. presumably not in a locked container, and also not encrypted? 17:12 <+giant_it_burrit> ^ 17:12 < dragonfleas> grumplestiltzkin, yep 17:12 < dragonfleas> well 17:12 < dragonfleas> that's not the process 17:12 < grumplestiltzkin> that's an auditors wet dream to make a big red CRITICAL FAIL for that 17:12 < dragonfleas> because I told my boss I refuse to do that 17:12 < dragonfleas> it was the process before me 17:12 <+giant_it_burrit> what is the process 17:12 < Popzi> and this is what cutting corners looks like 17:12 < dragonfleas> right now we don't have a DR 17:12 < dragonfleas> backups are running to NAS 17:12 < dragonfleas> our NAS is external to rack 17:12 < dragonfleas> all back ups go to NAS 17:13 < grumplestiltzkin> oh, ok, if its *outside* the rack, you have physical and geographic diversity :| 17:13 < dragonfleas> It's in my office which is across the building 17:13 <+giant_it_burrit> why not rsync to google or something 17:13 < Popzi> I think there's more chance of you dropping a drive / it breaking due to the constant swapouts than there is of it actually failing 17:13 < dragonfleas> but, my whole point of this is, I need a preferably cloud based DR service (or tape drive solution) that doesn't cost a fuck ton 17:14 < grumplestiltzkin> dragonfleas: bossman probably needs the definition of the word 'risk' explained - and if he knows, then the decision makers need to know. 17:14 <+giant_it_burrit> you could put 22 tb in google drive 17:14 <+giant_it_burrit> get in writing that they are ok with not having a real dr 17:14 <+giant_it_burrit> what industry are you in 17:14 < khelpw> dragonfleas: For $100/mo you can put your shit on my personal NAS at my house 17:14 < dragonfleas> non-profit state funded drug rehab/probation 17:14 < khelpw> I've only got like 4TB of storage 17:14 < dragonfleas> so basically the lowest funded shit 17:14 < khelpw> and it's a single, WD external HDD 17:15 < khelpw> but 4TB 17:15 < dragonfleas> nice meme khelpw 17:15 < khelpw> Who should I send the invoice to? 17:15 < grumplestiltzkin> dragonfleas: oh. man. yeah, good luck getting any cash for anything 17:15 <+giant_it_burrit> i have more than that 17:15 <+giant_it_burrit> dragonfleas: if you want cheap and dirty 17:15 < grumplestiltzkin> dragonfleas: do yall have more than 1 physical building? 17:15 < dragonfleas> grumplestiltzkin, we do 17:15 <+giant_it_burrit> get a google account 17:15 <+giant_it_burrit> get 5 users 17:15 <+giant_it_burrit> enjoy unlimited space 17:16 < grumplestiltzkin> dragonfleas: fleabay it up mang. for the actual DR - you probably cant afford COLO, so COLO yourself - and then all these other strategies for multiple locations of backups 17:16 < dragonfleas> I wonder how long it would take to backup 22 terabytes with a 10 mbps upload speed 17:16 <+giant_it_burrit> dragonfleas: where are you 17:17 < grumplestiltzkin> drug rehab - I assume HIPAA applies? 17:17 < dragonfleas> grumplestiltzkin, yep we need to be able to sign BSA's with any backup company if it's third party/cloud 17:18 < dragonfleas> or have HIPAA compliance 17:18 < grumplestiltzkin> like - any physical backup medium that is transported better be encrypted - or if there's a loss, man .. you don't want that fight to prove that there was no breach, or accept the breach fines 17:19 < grumplestiltzkin> an audit was how I finally got the $8k approved for our backup tapes to be encrypted 17:19 < grumplestiltzkin> way back 17:19 < alazare619> dragonfleas: if you wana know how to sell it find out how much the companies yearly income is then / by the number of hrs they are open then give them a hypothetical if we lost x we would be down for y and y is equal to Z in profits 17:19 < dragonfleas> grumplestiltzkin, our backups on the NAS are encrypted 17:19 < dragonfleas> alazare619, what profits? we're non-profit 17:20 < dragonfleas> we're in the red every year 17:20 < alazare619> i.e. my company pulls around 3-4 mill a year we are open 8-5 6 days a week then did the math 17:20 <+giant_it_burrit> dragonfleas: what nas 17:20 <+giant_it_burrit> dragonfleas: whats the budget 17:20 < dragonfleas> giant_it_burrit, our backup NAS 17:20 < alazare619> non-profits are never in the red every company minus my current was non profit 17:20 < dragonfleas> boss won't give me a budget 17:20 <+giant_it_burrit> i meant what is it 17:20 <+giant_it_burrit> could you secure 30 bucks a month 17:20 < alazare619> the term in the red is so losely used its stupid 17:20 <+giant_it_burrit> and are you in the us 17:20 < dragonfleas> yes i'm in US 17:21 < alazare619> theres grants and stuff they just need to file for it 17:21 < rpifan> anyone been to camp bisco 17:21 < alazare619> also if you are a 501c3 check with a local LEC 17:21 < alazare619> alot of them will let you colo so they can tax right off make sure its a small lec 17:22 <+giant_it_burrit> dragonfleas: whera about 17:22 < alazare619> alot of them will be on wind/battery/solar/gas backup power also and are usually pretty hefty buildings 17:22 < dragonfleas> how much do tape library's cost? 17:22 < dragonfleas> alazare619, i'm sorry but what is an LEC? 17:22 < alazare619> local exchange carrier 17:23 < dragonfleas> What does that mean? 17:23 < alazare619> its telco term 17:23 < alazare619> think local ISP...most ISP's before being an ISP were local phone companies 17:23 <+giant_it_burrit> dragonfleas: where abouts in the us 17:23 < alazare619> alot of the small ones still exist for small rural areas and they were given a ton of money for the fiber grants 17:23 < alazare619> alot of rural ISP's are now offering gigabit or faster because of that 17:23 <+giant_it_burrit> dragonfleas: what kind of nas 17:24 < alazare619> and there data centers are very very nice 17:24 < dragonfleas> giant_it_burrit, it's a WD4100 17:25 <+giant_it_burrit> i see dr backup/multiplebackup options on their page 17:26 < dragonfleas> it's the EX4100* 17:27 < alazare619> check pm dragonfleas 17:29 <+giant_it_burrit> dragonfleas: https://community.wd.com/t/possible-to-sync-between-google-drive-and-wd-mycloud/96803 17:29 <+layer-eight> * giant_it_burrit → Possible to "sync" between google drive and WD Mycloud? - My Cloud - WD Community 17:29 < rr> guys, im trying to create WMI filtering on GPO for Windows 10 x64 17:29 < rr> select Version from Win32_OperatingSystem WHERE Version like "10.%" AND ProductType="1" AND OSArchitecture ="64-bit" 17:29 < rr> ^how to check if this query is valid? 17:31 < pcspkr> wbemtest 17:31 < grumplestiltzkin> speaking of disk things - for homelab use (freenas) with 2 ZFS volumes - mirrored SSDs (1TiB ea) and mirrored spinners (4TiB ea) should I present the whole SSD and spinner volumes to the hypervisor to be datastores, or is splitting them a better idea? For enterprise, I would make sure to have at least 2 of each (assuming non-tiered), but I don't know if that's necessary for home 17:31 < pcspkr> connect -> ok -> query 17:32 < rr> pcspkr can run wbemtest on Domain Controller? and point to..? 17:33 < pcspkr> if your DC is GUI, sure 17:33 < pcspkr> you can run it on a client 17:34 < rr> yup.. pointed to namespace root\cimv2 and run the query 17:34 < rr> results are null 17:34 < rr> lol 17:34 < pcspkr> you can connect to remote computers by prepending \\computername\ into the namespace 17:36 < rr> hmm.. i dont have Windows 10 machine in my domain currently 17:36 < rr> guess hv to KIV 17:36 < rr> thanks for your help 17:36 < Heresiarch> grumplestiltzkin: considering the aim of a homelab is to approximate what you'd find in a prod environment, you might want to separate them (as they would be in a prod env). 17:37 < ebol4> what's that thing in html that makes a take up the same space as multiple 's 17:37 < ebol4> like i have one that contains a single element, and then the next contains two elements 17:37 < ebol4> i want to stretch the first 17:38 < Popzi> ebol4: you mean rowspan= ? 17:39 < ebol4> rowspan, yeah, thank you 17:39 < Popzi> 17:43 <+NinjaStyle> wouldnt that be colspan? 17:43 <+NinjaStyle> colspan=2 17:45 < insecurity> nert 17:48 < ebol4> yeah it ended up being colspan 17:48 < ebol4> but same thing 17:50 < dragonfleas> are sonicwalls decent compared to fortinet firewalls? 17:50 < dragonfleas> are they comparable? 17:54 < ebol4> i imagine they're pretty much the same 17:55 < ebol4> but i also know absolutely nothing about either of them 17:55 < ebol4> i just like to imagine them 17:55 < JFDkthx> 3 more days 17:55 < JFDkthx> nerds 17:57 < JFDkthx> dragonfleas: if ur not using palo altos ur gae 17:59 < corn266> JFDkthx: Our information owner doesn't need to sign off on our risk assessment report, correct? Only if we needed to get a Risk Acceptance Letter? 18:00 < JFDkthx> corn266: not sure about that part. 18:00 < JFDkthx> it makes sense logically 18:00 < JFDkthx> because they have to accept that risk. 18:00 < corn266> I thought the AO was accepting the risk 18:01 < JFDkthx> mmm 18:01 < JFDkthx> idk. 18:01 < JFDkthx> all the experience i have with accredidation and ATOs come from the DOD 18:01 < JFDkthx> its diffint when we are DFCs 18:02 < JFDkthx> which btw 18:02 < JFDkthx> we have our audit tomorrow 18:02 < corn266> good luck, we have ours on Thursday 18:02 < JFDkthx> well it starts tomorrow and goes for a while 18:02 < JFDkthx> ima be on vacay 18:02 < JFDkthx> u2 <3 18:02 < corn266> lucky bastard 18:02 < JFDkthx> ;) 18:03 < corn266> I keep trying to get my FSO to take over the paperwork and he's finally started working on half of it 18:03 < JFDkthx> ravioli: ravioli nice and smelly pastioli 18:04 < JFDkthx> i wouldnt trust our FSO to program an x-09 much less fill out paperwork 18:05 < corn266> top kek 18:05 < vavkamil> what is FSO 18:05 < JFDkthx> facility security officer 18:05 < corn266> facility security officer 18:05 < JFDkthx> ++ 18:05 < vavkamil> it's not even listed on wikipedia 18:05 < vavkamil> https://en.wikipedia.org/wiki/FSO 18:05 <+layer-eight> * vavkamil → FSO - Wikipedia 18:05 < asimon> Film Symphony Orchestra 18:06 < JFDkthx> vavkamil: make a new entry then 18:07 < corn266> be the change you want to see 18:08 < estranger> so many ants. wtf. 18:09 < JFDkthx> estranger garbage day? 18:10 < estranger> is it? 18:10 < estranger> nope! 18:10 < estranger> dont scare me like that 18:10 < JFDkthx> haha 18:11 < Hatsjoe> Does anyone have an explanation why with AWS, I can connect to the SES SMTP endpoint on port 2465 and 2587 via EC2 but not on ports 25, 465 and 587? ALL outgoing traffic is allowed 18:11 < JFDkthx> but what about incoming traffic 18:11 < dragonfleas> JFDkthx, you mean pfsense? 18:15 < corn266> ffs "Our organic eggs do not contain GMOs" well I'd fucking hope not 18:16 < rhqq> wut 18:17 < rhqq> corn266: these two buzzwords trigger me more than anything related to politics or devops-cloud ;p 18:17 < corn266> rhqq: here are the other two points this carton makes "No antibiotics were used in the production of these eggs" "All eggs are produced without added hormones" 18:17 < Heresiarch> rhqq: ...you get triggered by "eggs"? 18:17 < Hatsjoe> JFDkthx: also allowed in 18:18 < ebol4> everyone throw eggs at rhqq 18:18 < corn266> organic non-GMO eggs only though 18:18 < ebol4> only the purest 18:18 < rhqq> haha 18:19 < estranger> corn266, what if the egg is laid by a GMO chicken fed organic feed? 18:19 < Heresiarch> Hatsjoe: 25 is connection-throttled. https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-connect.html 18:19 < rhqq> well 18:19 <+layer-eight> * Heresiarch → Connecting to the Amazon SES SMTP Endpoint - Amazon Simple Email Service 18:19 < rhqq> technically speaking they're not pure at all 18:19 < ebol4> you some kind of chicken nazi 18:19 < rhqq> also free-range is the 3rd one 18:19 < Hatsjoe> Heresiarch: I know, but we havent been using port 25 yet, and that also doesnt explain why 465 and 587 doesnt work 18:19 < corn266> estranger: you mean a chicken that was selectively bread to produce more eggs? 18:19 < rhqq> caged, gmo-feed are most stable 18:19 < Hatsjoe> And with throtteling I'd expect it to work sometimes, but it doesnt work at all 18:19 < rhqq> chemically 18:19 < Heresiarch> Hatsjoe: what troubleshooting have you done? 18:20 < estranger> im ready for lab meat 18:20 < rhqq> meaning that they're lasting long 18:20 < ebol4> i want some chicken in a biscuit 18:20 < rhqq> not going bad 18:20 < rhqq> and have shortest time between being laid and chilled 18:20 < estranger> ive been craving cheap fried chicken for a while 18:20 < Hatsjoe> Heresiarch: verified inbound and outbound SG, inbound and outbound ACL, iptables 18:20 < rhqq> meaning they're safest to eat under all the circumstances 18:20 < corn266> ebol4: honey butter chicken biscuit 18:20 < estranger> i buy Egglands Best eggs 18:20 < Hatsjoe> Everything allows access, 2465 and 2587 work, 25, 465, 587 don 18:20 < Hatsjoe> dont* 18:20 < ebol4> i buy the 80-cent per dozen eggs from target 18:21 < estranger> i dont eat a lot of eggs anymore so I get the fancy ones.. supposedly less cholesterol.. and they do taste quite good 18:21 < rhqq> estranger: cholesterol is bullshit 18:21 < rhqq> in terms of food 18:21 < rhqq> it's digested 18:21 < ebol4> all eggs are beautiful 18:21 < rhqq> you produce your own, and it is independent on food you eat (more or less) 18:22 < estranger> rhqq, i dunno my numbers vary based on my diet 18:22 < rhqq> estranger: well 18:22 < rhqq> it is more like 18:22 < rhqq> you eat more fats/fatty acids 18:22 < rhqq> then your body have more bricks to create your own 18:22 < rhqq> also, that hdl/ldl markers 18:22 < JFDkthx> hurricane bud 18:22 < JFDkthx> ayyyy 18:22 < corn266> rhqq: you lay your own eggs? 18:22 < JFDkthx> that dank wet bud 18:22 < Heresiarch> Hatsjoe: dunno then. 465/587 should do, assuming you have starttls/smtps set up. 18:22 < rhqq> corn266: i shit brick 18:22 < rhqq> s 18:22 < estranger> im going to cali in augest... weedtime 18:23 < dragonfleas> sonicwall licensing is fucking expensive 18:23 < JFDkthx> for you 18:23 < rhqq> dragonfleas: go being poor somewhere else 18:24 < estranger> yeah i wish poor people would jsut knock it off and stop being poor 18:24 < rhqq> yeah, lets delegalize being poor! communism ftw! 18:24 < estranger> just get a better job duh 18:25 < ebol4> comrades o7 18:25 < JFDkthx> dragonfleas: typical, why arent you working at a fortune 500? 18:25 < JFDkthx> get lost 18:25 < JFDkthx> nerdbrain 18:25 < Hatter> shouldn't a stacked bar chart typically have the lower volumes at the bottom of the bar 18:25 < JFDkthx> Hatter: no, it's the opposite 18:25 < JFDkthx> because it's stacked. 18:25 < rhqq> Hatter: no, depends on how you set it up 18:25 < Hatter> but how do I 18:25 < rhqq> as two bars next to each other may have different valuse 18:25 < rhqq> ;p 18:26 < rhqq> values* 18:26 < Heresiarch> dragonfleas: ...and that's why I went with pfsense. 18:26 < estranger> #startUpLife ftw 18:26 < estranger> drink beer and use hipster words 18:26 < JFDkthx> estranger: just put everything into a single container and call it hypercontainerverged 18:26 < rhqq> estranger: organic, gluten-free beer 18:26 < ebol4> it's tuesday my dudes 18:26 < estranger> JFDkthx, oh shit... 18:27 < JFDkthx> estranger: also make it run some shitty jetty with a page that says #THEFUTURE and a countdown to 2020 18:27 < dragonfleas> New mario party is coming out :D 18:27 < Heresiarch> JFDkthx: triggered 18:28 < bmurt> hmm 18:28 < JFDkthx> Heresiarch: got em 18:28 < estranger> lol, still giggling at hyperconverged containers 18:28 < estranger> im going to start calling VMs that 18:28 < JFDkthx> lol 18:29 < JFDkthx> we've HC all of our docker containers into an HA appliance 18:29 < estranger> we combine all your containers into a single unit you can run on its own! 18:29 < JFDkthx> that gives us full control over the environment 18:29 < Heresiarch> ... 18:29 < Heresiarch> bro. Do you even serverless? 18:30 < JFDkthx> Heresiarch: yeah man, all of our domain servers are run on desktop login through virtual boxes 18:30 < JFDkthx> services* 18:30 < JFDkthx> sorry. `vagrant` 18:31 < estranger> vagrant in production? is that normal? 18:31 < Heresiarch> You mean you're not running auth through an API sourced to a lambda function with an S3 bucket for nonvolatile storage? 18:31 < estranger> Heresiarch, gross 18:31 < estranger> so gross 18:31 < Heresiarch> estranger: payback. ;) 18:31 < JFDkthx> Heresiarch: s3 was hacked. dont you remember the downtime last year 18:31 < JFDkthx> cant trust it 18:31 < Casteil> https://i.imgur.com/owwMokX.gifv 18:31 <+layer-eight> * Casteil → what this cat did to its baby is really nasty , WARNING its hard to watch 18:31 < estranger> JFDkthx, DATA AUTONOMY 18:31 < estranger> Heresiarch, lol 18:32 < estranger> JFDkthx, https://www.datastax.com/why-datastax/data-autonomy read up, come to the dark side 18:32 <+layer-eight> * estranger → Data Autonomy | DataStax 18:32 < JFDkthx> Heresiarch: what we really have is when someone makes a dns lookup we have an ansible script that spins up an ephemeral server in azure to do the resolution then it terminates itself. 18:33 < Hatter> JollyRgrs: but is there anyway to get consistent colors in my kibana dashboards? 18:33 < JFDkthx> estranger: what is this 18:33 < estranger> JFDkthx, it's your data, OWN IT 18:33 < Heresiarch> JFDkthx: ...plebian. The real hotness is just using DNS-over-HTTPS to have google return your resolution. 18:34 < estranger> DNS over HTTPS using your TCP over DNS proxy 18:34 < JFDkthx> Heresiarch: everything returns 401 18:34 < JFDkthx> but doesnt redirect 18:34 < JFDkthx> what do 18:34 < Heresiarch> JFDkthx: check with your ACS owner. You're clearly not authorized for DNS. 18:35 < JFDkthx> rip 18:35 < JFDkthx> i gotta poop 18:35 < JFDkthx> afk 18:35 < dragonfleas> :D 18:35 < dragonfleas> brain gotta poop 18:35 <@killdash9> JFDkthx: I want to believe in that ansible script 18:39 < scwizard> geez 18:39 < scwizard> my boss is starting to complain that it seems really inefficient only having one process per docker container 18:40 < Heresiarch> ... 18:40 < scwizard> he's not technically wrong is the issue so 18:40 < scwizard> that being said I'm gonna try and tune things without turning away from that quite so soon 18:41 < Heresiarch> scwizard: fpm or nginx? 18:41 < scwizard> Heresiarch: neither, php, it's php artisian queue work 18:41 < Heresiarch> ... 18:42 < Heresiarch> and you didn't put this in supervisord like the docs tell you to? 18:42 < scwizard> hmmmm 18:42 < scwizard> oops 18:42 < scwizard> that might be it 18:42 < scwizard> ok wait i'm confuse 18:42 < scwizard> ok i see 18:42 < scwizard> https://laravel.com/docs/5.6/queues#supervisor-configuration 18:42 <+layer-eight> * scwizard → Queues - Laravel - The PHP Framework For Web Artisans 18:43 < scwizard> that doesn't fork to multiple queue work things though does it 18:43 < scwizard> and it's a daemon eww 18:43 < Heresiarch> yes, it does. And you can configure how many processes it starts up. 18:43 < scwizard> actually wait maybe it's fine that it is 18:43 < scwizard> idk 18:44 < Heresiarch> it'll also restart any processes that terminate out (depending on config), so it can be quite useful for non-persistent jobs that need to be multi-process. 18:45 < scwizard> def gonna look into that angle 18:50 < JollyRgrs> https://youtu.be/zI8UnfP21lI?t=60 i need a gif of that salt pour pls 18:50 <+layer-eight> * JollyRgrs → ⚓ https://www.youtube.com/watch?v=zI8UnfP21lI&feature=youtu.be&t=60 → YouTube → Best Roommate Ever! Stephen Curry Rap by KingBach (Music Video) → ⚘ 3,006,637 ↑ 63,403 ↓ 1,269 ✍ 2,388 19:00 < gavit> Hi, on my cpanel I see spam emails getting generated with mailnull in the mail control data 19:01 < gavit> does this mean that the account mailnull (exim uses this) is compromised? 19:10 < admiralspark> gavit: if you have to ask, then yes 19:10 < scwizard> Heresiarch: supervisord isn't some laravel thing, it's this whole big thing 19:10 < scwizard> there comes a point, where if you're going to put a bunch of stuff with supervisord into one container you might as well use a real init system 19:10 < FenJai> I ahve pfsense running on my network but still ahve a ISP's modem in front of it. Do I need to put pfsense in the modem's DMZ to properly port forward ? 19:10 < scwizard> and if you're going to use a real init system, you might as well not use a container 19:13 <+ihre> just run a bash script or launch $application in foreground through the entrypoint ? 19:13 <+ihre> fuck supervisord/runit 19:14 < felda> FenJai no 19:14 < felda> FenJai make sure the modem is in bridge mode so pfsense does all of the routing and NATing and porting 19:15 < felda> then all the modem does is literally turn your ISP connection into ethernet and pfsense handles all the networking 19:15 <+ihre> if the application dies, the container should go down with it because you should put a healthcheck in place 19:15 <+ihre> (except when youre using lxc) 19:15 < scwizard> ihre: i'm strongly considering it 19:16 < scwizard> ihre: i don't give a shit if the application dies, a new container will be spun up 19:16 < scwizard> this isn't about keeping the thingy up, it's about running a bunch in parallel only 19:19 < FenJai> It doesnt look like my modem supports bridge mode felda. What else do you recommend ? 19:20 < felda> FenJai what is it currently doing? 19:20 < felda> is it not giving the public IP to pfsense? 19:20 < Casteil> damn chipmunks 19:20 < F34RInc> FenJai, what make and model modem do you have 19:21 < Casteil> digging too close to my utilities and causing a lot of property damage, game over guys 19:21 < felda> yeah I had this issue once with my DOCSIS 3 modem I got to use with comcast and pfsense 19:22 < FenJai> F34RInc, BT smart hub type A 19:22 < felda> I had to make sure my firewall was plugged in and on before the modem booted in order for it to pass the public IP to pfsense 19:23 < felda> FenJai do you have the specific model number? 19:23 < corn266> It shouldn't take long to write a partition table with partitions to an 8TB drive, right? 19:23 < FenJai> No, felda. Atm I have the modem on 192... network and pfsense on a 10... network. The modem is just set as a gateway for pfsense 19:23 < felda> Is it a modem, router, wifi combo box? 19:23 < F34RInc> felda, bruh you didnt even look it up 19:24 < corn266> F34RInc: don't you know the first rule of tech support is to always assume 19:24 < hxcsp> i order so much stuff from amazon, that they want to give me a ubiquiti dash button 19:26 < estranger> heh 19:26 < felda> well if it is that 19:26 < felda> then yeah you would want to put pfsense in the DMZ 19:26 < felda> most would recommend setting it in bridge mode before doing DMZ 19:27 < felda> but since it is a combo box that is likely locked down you will have to put it in the DMZ 19:27 < felda> I did that for a while using Frontier DSL and their modem, router, wifi combo box :( 19:27 <+NinjaStyle> im having a really shitty day so far 19:27 <+NinjaStyle> i'm about to tell my boss off 19:27 <+NinjaStyle> if he tosses one more piece of bullshit at me today 19:28 <+ihre> NinjaStyle: i need 48 6" patches, dtn 19:29 < FenJai> felda, do I need to do anything on pfsense once its on the dmz ? 19:29 <+NinjaStyle> ihre: its worse than that 19:29 * ihre tosses a crimping tool to NinjaStyle 19:29 <+ihre> few things are worse than crimping patches yourself :p 19:29 < felda> FenJai you might want to refresh your WAN IP but other than that you shouldn't have to 19:29 <+NinjaStyle> i wouldnt do that for several reasons 19:30 <+NinjaStyle> neither would they, because the labor would cost more than cables 19:31 < FenJai> what do you mean refresh felda ? 19:32 < felda> FenJai like a DHCP release / renew 19:32 < felda> because pfsense should be getting the WAN IP from your modem 19:33 < FenJai> Nah, I use static IPs between the modem and pfsense 19:33 < felda> aight if you want to thats fine 19:33 < felda> I've never done that so I can't help you if it goes dongers up 19:33 < Heresiarch> scwizard: ...and thus you progress on the path of wisdom. 19:33 < aName> well... that's fucking obnoxious. Dropbox counts the administrator as one of your licenses for business. 19:33 < FenJai> I want as few potential failure points on the modem 19:34 < scwizard> this is really really bizare 19:34 < scwizard> it seems the queue gets worked down at the same rate no matter how many fargate tasks we have 19:34 < scwizard> which defies all common sense 19:34 < scwizard> common sense would dictate that the more resources you throw at it the faster it should go but 19:35 < scwizard> while that was the case before with ec2 instances something funny is going on with fargate 19:36 < scwizard> it seems to be 1.5k messages every 5 minutes wheather there's 2 tasks or 20 19:36 < Heresiarch> scwizard: is there another limiting factor? Are 1.5k messages being dispatched to the redis queue per 5 mins? 19:36 < JFDkthx> everytime i log in and see that i dont have any new emails i start worrying about my exchange server 19:37 < JFDkthx> same thing with skype 19:37 < scwizard> Heresiarch: there shouldn't be, because when we have an ec2 autoscaling group processing said queue, it went faster 19:37 < scwizard> so it makes me wonder 19:37 < scwizard> is ALL my fargate stuff on one server 19:37 <+NinjaStyle> JFDkthx: i used to do the same thing 19:37 < scwizard> and it's trying to pump all the networking through one NIC or something 19:37 < scwizard> that would sort of explain why i'm limited to 20 fargate tasks? 19:37 < JFDkthx> NinjaStyle: i havent had an email or skype message since 8am 19:37 <+NinjaStyle> no new emails, sends a test email from gmail 19:37 <+NinjaStyle> whew 19:38 < JFDkthx> cant get to gmail at work 19:38 < JFDkthx> also no phone 19:38 < Heresiarch> scwizard: possibly. 19:38 < JFDkthx> so 19:38 < JFDkthx> im fuckered 19:38 < JFDkthx> guess i'll mailx from unicks 19:38 < estranger> i never used fargate 19:38 < scwizard> estranger: at this point i'm gonna recommend you keep it that way ngl 19:39 < estranger> yeah i dont think id touch that outside of maybe dev 19:39 < scwizard> its such a neat idea but 19:39 < scwizard> ugggggggggg 19:39 < scwizard> the problem with things that "just work" 19:39 < scwizard> is when they just don't work 19:39 < estranger> just use k8s everywhere 19:39 < estranger> scwizard, lots of things are GREAT whenyou are on the happy path.. but what makes a product great is how it handles things when not on the happy path 19:40 < Heresiarch> scwizard: keep in mind with supervisor'd up artisan processes that they're each fairly lightweight - you can easily set numprocs=10 on a given daemon config without really hitting much in the way of RAM. 19:40 < corn266> JFDkthx: how are you even in an irc channel if your work is that locked down 19:40 < scwizard> i've been trying to avoid learning and using k8s just because I don't want to leave the company with a k8s thingy that they can't understand or maintain 19:40 < JFDkthx> corn266: putty'd into AWS 19:40 < Hatter> hey JFDkthx maybe you should come work with me, I'll give you 15 minutes of web browsing a day 19:40 < scwizard> Heresiarch: ram isn't the issue something else is 19:41 < corn266> fucking lel 19:41 < scwizard> and I can't figure out what 19:41 < estranger> scwizard, you need to be more selfish 19:41 < scwizard> but it's blowing my mind that adding tasks isn't making it go faster 19:41 < Heresiarch> scwizard: didn't say it was for FG - I was referring to benefits of your existing ASG'd instances. 19:41 < scwizard> estranger: also honestly k8s means switching from aws to google 19:41 < JFDkthx> hatter the only thing you could pay me to do is to enforce your DNR 19:41 < estranger> scwizard, no it doesnt 19:41 < estranger> k8s can run in any cloud 19:41 < estranger> or on prem 19:41 < scwizard> everything i've heard about amazon k8s made me wince 19:41 < Heresiarch> scwizard: k8s support was announced for ECS a little while ago. 19:42 < estranger> dont use aws k8s.. just use k8s managed yourself 19:42 < scwizard> estranger: down that way lies madness 19:42 < estranger> spin up ec2 instances, install kubernetes... DATA AUTONOMY 19:42 < JFDkthx> lol 19:42 < scwizard> i've heard it's "not that simple" 19:42 < scwizard> and that that's a bit of an understatement 19:42 < JFDkthx> oo 19:42 < estranger> its nto that hard, either 19:42 < JFDkthx> lunch time 19:42 < JFDkthx> McDonaldsWiFi: gas station burrito time 19:43 < JFDkthx> it's patch night babeeeeee 19:43 < estranger> does anyone still use dc/os? that was the same concept 19:44 < scwizard> guys tell me, can you see where in this graph I doubled the amount of CPU and memory? 19:44 < scwizard> https://i.imgur.com/Y93a1kH.png 19:44 <+layer-eight> * scwizard → IMAGE/PNG Document, 15,347 bytes 19:46 < scwizard> fuck scalin gup 19:46 < scwizard> i'm just gonna have only 2 tasks 19:46 < scwizard> and see how quick this next crawl goes 19:46 < corn266> scwizard: 17:30 if my eyes don't deceive me 19:47 < scwizard> corn266: bingo 2018-06-12 12:29:07 -0500 Message: Successfully set desired count to 18. Change successfully fulfilled by ecs. Cause: monitor alarm production-profile-crawl in state ALARM triggered policy dynamic-crawler-scaleo 19:47 < scwizard> corn266: but you see the issue right? 19:49 < corn266> yea, but I don't know enough about what you're talking about to help 19:50 < Heresiarch> scwizard: ...were you running fargate on ec2 launch? 19:50 < scwizard> no we just moved dynamic crawling to it this week 19:50 < corn266> I could pose that your service is attempting to access the same object(s) and the number you give it doesn't change the access latency 19:50 < scwizard> corn266: that's not how a message queue is supposed to work lol 19:51 < Heresiarch> scwizard: right. But there's apparently two different launch types - full-serverless (fargate) and ec2 launch. 19:51 < scwizard> Heresiarch: we're full serverless 19:51 < corn266> it does if your messages only get removed once the query is answered in full 19:51 < scwizard> with this 19:51 < scwizard> corn266: well the proof is in the pudding, before the move to fargate, scaling up instances def scaled up the rate at which the queue was processed 19:52 < scwizard> messages should get "claimed" right away, there shouldn't be fighting over messages 19:52 < ekaj> should a server 2012 SMTP server/relay have much trouble sending a 13 meg .xls? 19:52 < corn266> assuming that's how fargate works, yea 19:52 < scwizard> fargate has nothing to do with the queue processing, it's just a way of running docker containers 19:53 < scwizard> before we started running the queue worker on fargate we were just running it on a bunch of autoscaling ec2 t1.micro instances 19:53 < corn266> sorry my only experience with messages queues are 0mq and rabbit-mq, and even rabbit-mq dynamic scaling was programmed in house 19:53 < Heresiarch> scwizard: then the only question is whether the number of artisan processes is scaled the same way on your fargate launch as on your previously autoscaled setup. 19:53 < scwizard> the queue in this case is amazon SQS 19:53 < scwizard> Heresiarch: it's not at all, but that's not the point, doubling CPU/memory capacity should still do SOMETHING 19:54 < Heresiarch> scwizard: no, it won't. 19:54 < scwizard> Heresiarch: ok let me be more clear, doubling memory, CPU and the number of queue processes running 19:54 < scwizard> should do something 19:54 < scwizard> because that's what happened 19:55 < Heresiarch> scwizard: increasing CPU/memory means fuckall when you're talking about a persistent process that runs a defined queue. artisan isn't gonna scale up to do it's dirty - it basically reserves resources on startup and doesn't deviate during its runtime. 19:55 < scwizard> Heresiarch: nono you're not understanding at all. The memory/cpu weren't increased in place. The number of "instances" was doubled, each with its own set of queue workers 19:56 < scwizard> its like going from 2 ec2 instances to 4 ec2 instances, not like going from 2 2xlarge to 2 4xlarge 19:56 < corn266> do those new instances get added to the queue as workers? 19:56 < Heresiarch> scwizard: then you're right - traffic should have scaled linearly if you're just adding more containers. 19:56 < ekaj> `bofh 19:56 <+layer-eight> BOFH Os swapped to disk 19:57 < scwizard> Heresiarch: exactly! 19:57 < Heresiarch> corn266: doesn't quite work that way. This is in reference to laravel queues, which basically push/pop jobs onto a redis queue. This isn't a pub/sub arch per se. 19:57 < scwizard> corn266: the question is weird, but yeah i guess 19:57 < scwizard> yeah what Heresiarch said 19:58 < scwizard> what i'm doing for the next batch 19:59 < scwizard> is I'm running 2 "instances" (in ecs they're called tasks) only, and seeing how quickly the queue is worked down 19:59 < Heresiarch> scwizard: could be rate limiting from a given source IP on sqs. That may well fit for fargate. 19:59 < alazare619> really wish ryobi had something like this https://www.homedepot.com/p/Makita-18-Volt-LXT-Lithium-Ion-1-4-in-Cordless-Die-Grinder-Tool-Only-XDG01Z/205468527 19:59 < felda> anyone watch the Nintendo conference? 19:59 < felda> Specifically the Super Smash? 19:59 < scwizard> Heresiarch: each "task" has its own IP, but yeah rate limits are actually something we do struggle a lot with 19:59 < felda> ROCK HARD MY DUDES 19:59 < JFDkthx> felda: the battle royal smash 19:59 < felda> ALL THE CHARACTERS 19:59 < alazare619> felda: i seen the pokemon one for the switch 20:00 < alazare619> i'm geodude hard right now 20:00 < felda> literally all characters from all the games are in the new Smash Bros Ultimate 20:00 < scwizard> but yeah i'm gonna manually spin up the old system after testing this a bit 20:00 < JFDkthx> even spawn 20:00 < JFDkthx> and yoda 20:00 < scwizard> to rescue things 20:00 < JFDkthx> wait that was soul caliber 20:00 < JFDkthx> SOUULLLLLLLL CALIBER FOUR! 20:01 < Heresiarch> scwizard: if you were already running into rate limit issues, then trying to shoehorn in containerization isn't going to do you any favors. 20:01 < Hatter> the pirate guy was my favorite 20:02 < ebol4> cervantes 20:02 < JFDkthx> kalak or bust 20:02 < JFDkthx> just saying 20:02 < ebol4> kilik and talim 20:02 < JFDkthx> yeee 20:02 < JFDkthx> kili 20:02 < JFDkthx> same same 20:02 < scwizard> Heresiarch: how so? 20:03 < scwizard> well what i was hoping to do initially was to have 1 queue listener per task and have each task have its own public ip but 20:03 < scwizard> there's a service limit of 20 tasks 20:03 < Heresiarch> scwizard: instances have a defined NIC. That doesn't guarantee conn/latency/bandwidth, but it's a lot closer to such than process isolation. 20:03 < scwizard> yeah 20:03 < scwizard> that's what I'm guessing is going on here 20:03 < JollyRgrs> felda: wait, so you can be Ken from street fighter 2010? 20:04 < scwizard> that's what I'm working on testing now 20:04 < Heresiarch> scwizard: then you might also want to move to dynamodb instead of sqs. Probably more expensive, but your only limitation in that case will be the redis memory space you provision (rather than any specific rate limits of sqs) 20:04 < scwizard> oh that's the sort of rate limit you were talking about 20:05 < scwizard> well i don't think its on the SQS side 20:05 < Heresiarch> no, was in reference to "service limit of 20 tasks". Is that on the fargate side? 20:05 < scwizard> yes 20:06 < scwizard> a "task" is like a ec2 instance kinda, except serverless 20:06 < scwizard> and you're limited to 20 20:06 < ebol4> remember that part in before sunrise where they steal wine 20:06 < ebol4> fucked up 20:06 < Heresiarch> jesus. So here's how this would go - you'd either roll up a container that runs supervisor with a jacked up amount of numprocs, or run an ASG with relatively beefy instance types that each run 10+ numprocs on supervisor. 20:07 < scwizard> except increasing the number of processes didn't actually do anything 20:08 < JFDkthx> isnt that what he was telling you from before? 20:08 < Heresiarch> ...in fargate. But even if it did, you'd ultimately be limited to 20 simultaneous queue workers. 20:08 < scwizard> it might even be worse 20:08 < scwizard> all those tasks might still be squeezing through the same network interface 20:09 < scwizard> unlike an ec2 instance which has a dedicated nic per instance 20:09 < Heresiarch> 20 queue worker processes could fit in a t2.medium without breaking a sweat. 20:09 < Heresiarch> (under supervisord) 20:10 < Heresiarch> that said, if you do go ec2+asg, you might want to consider using one of the m/c class instances. t-class isn't necessarily as stable on network (throughput esp). 20:10 < scwizard> ec2+asg is how we had it before 20:10 < scwizard> it worked fine 20:11 < scwizard> we were hoping for similarish performance but with the convenience of containers 20:11 < Heresiarch> not unless the containers spawn supervisord. 20:12 < scwizard> what i'm thinking is even if i implmenet that it won't make a difference 20:12 < Heresiarch> how many ec2 instances did you have up during that spike you posted? 20:12 < scwizard> because there's something not kosher going on behind the scenes 20:12 < scwizard> Heresiarch: 0 because we're 100% on fargate now for that 20:13 < Heresiarch> scwizard: that image where everything spiked up was under fargate? 20:13 < scwizard> it spikes up every hour 20:13 < scwizard> that's how our app works 20:13 < scwizard> then it's supposed to go down 20:13 < scwizard> the issue is that the number of fargate "instances" (tasks) we spin up isn't influencing the rate at which it goes down 20:14 < scwizard> whereas the number of ec2 instances we spin up does influence the rate at which it goes down 20:14 < Heresiarch> let me rephrase. When you had ec2+asg running, how many instances were going at peak? 20:14 < scwizard> like 10 20:15 < Heresiarch> ...seriously? 20:15 < scwizard> yeah? why? 20:15 < scwizard> 10 nanos 20:15 < Heresiarch> it's weird. Maybe there is something behind the scenes. What's the general nature of each queue job? 20:26 < Nightcinder> i keep finding crossbows in realm royale :( 20:27 < alazare619> Nightcinder: i keep getting merc'd by warriors and throwing axe snipes from like 687564984165491651918964968489749648941648964 miles 20:27 < alazare619> like i'm positive the instant they click throw its hit me 20:28 < JFDkthx> Nightcinder: comeplay fartnite where xbows are vaulted 20:28 < alazare619> i can look right at them and i never see the animation just me dieing 20:28 < Nightcinder> i don't like fortnite 20:28 < JFDkthx> whaaaaat 20:28 < v4ult> are glassdoor reviews legit? I planned to apply for a role, but after looking at the glassdoor reviews, I don't think its a good idea 20:28 < alazare619> fortnite blows 20:28 < JFDkthx> dont like the building? 20:28 < alazare619> realm royale is awesome 20:28 < admiralspark> anyone here a graylog user? 20:28 < alazare619> realm royale is the best mix it plays more like TF2 wide open 20:28 < admiralspark> I have been informed that we have need to export to archive storage anything older than 6 months 20:28 < JFDkthx> Nightcinder: you can do what i do, i just rely on my duo's building and i just flank and rush 20:29 < admiralspark> because $reasons 20:30 < alazare619> is spookydad bo? 20:30 < alazare619> is that you bo? 20:32 < SpookyDad> What 20:35 < Tekz> what do you guys use to keep track of server information for a quick glance of what it's for, etc.? been recommended a wiki, onenote, and ansible (though I'm not sure that fits my environment) 20:36 <+giant_it_burrit> Tekz: what do you want to know? 20:36 < ekaj> personally onenote, org as a whole has a hardware/software tracker and sharepoint 20:36 < khelpw> Lansweeper over here 20:36 <+giant_it_burrit> alazare619: 20:36 < Tekz> basically just information about servers that someone who has no idea what is going on could come in and look at 20:36 <+giant_it_burrit> check turn book 20:36 < Heresiarch> Tekz: ansible 20:36 < Tekz> the infamous 'documentation' that never exists 20:36 < Tekz> basically 20:37 <+giant_it_burrit> lansweeper would work 20:37 <+giant_it_burrit> pdq inventory 20:37 < Tekz> have pdq, have snipeit, have zabbix 20:37 <+giant_it_burrit> so that should be everything 20:37 <+giant_it_burrit> what are you missing? 20:38 < khelpw> By the sounds of it, documentation lol 20:38 < khelpw> Just gotta make use of the tools you have if you've got all those. 20:38 <+giant_it_burrit> what documentation tho 20:38 < ekaj> he wants documentation of the servers 20:38 < ekaj> not just what a dashboard says 20:38 <+giant_it_burrit> but documenting what 20:38 < Tekz> say i have an application server that has multiple things on it 20:38 < ekaj> purpose, hardware, software, etc 20:38 < khelpw> Actual uses. Not just that it's running SQL server, but what databses are hosted there etc 20:39 < Tekz> need a place to write down what the server is used for 20:39 <+giant_it_burrit> pdq inveotry will do that 20:39 <+giant_it_burrit> why not name it logically 20:39 < ekaj> ... 20:39 <+giant_it_burrit> pdq has custom fields 20:39 <+giant_it_burrit> usage=dank memes 20:40 < Tekz> how about this 20:40 < Tekz> change management 20:40 < Tekz> someone goes in, changes something on a server 20:40 < Tekz> what system could i use to document that 20:40 < Heresiarch> Tekz: ...still ansible. 20:40 <+giant_it_burrit> audit logs 20:40 <+giant_it_burrit> ansible would work 20:40 < bmurt> Tekz: your change request process and CAB board should have a record of that prod change 20:40 <+giant_it_burrit> ^ 20:40 < Tekz> lol 20:41 < Tekz> i am the change request process 20:41 <+giant_it_burrit> if you wanted unauth changes 20:41 <+giant_it_burrit> then then send logs somewhere 20:41 < Nightcinder> alazare619: well ended up 9th 20:41 < Nightcinder> hunter bow is absurdly good 20:41 <+giant_it_burrit> Nightcinder: ? 20:42 < Nightcinder> realm royale 20:42 <+giant_it_burrit> ew 20:42 < bmurt> Tekz: you should implement a change control board 20:42 < bmurt> and proper maintenance windows 20:42 < Nightcinder> i don't like building 20:42 <+giant_it_burrit> do it with jira 20:42 < Nightcinder> so 20:42 <+giant_it_burrit> shits easy 20:42 < admiralspark> Tekz: since nobody is giving you a useful answer, we use Bookstack. I use ansible for my server automation but I'm still slowly converting them from a pets to cattle mentality, so we still need documentation 20:42 < admiralspark> I do have python scripts that update certain pages with tables of information 20:43 <+giant_it_burrit> why not use git with ansible 20:43 <+giant_it_burrit> or bitbucket and jira 20:43 <+giant_it_burrit> something to that effect 20:43 < admiralspark> one-off java-based enterprise applications that have R/O access to oracle DB's that an outside vendor is the only one allowed to touch, is why 20:43 <+giant_it_burrit> changes are logged and commited 20:43 <+giant_it_burrit> as i said or something to that effect 20:43 < admiralspark> I use gitlab/git/ansible. But I can't idempotent 100% in Windows yet 20:44 <+giant_it_burrit> windows use dsc 20:44 < admiralspark> and we needed a place to document *processes* 20:44 < admiralspark> which is really what he needs 20:44 < admiralspark> giant_it_burrit: use it. Ansible on windows is still better for our needs 20:44 <+giant_it_burrit> fair 20:44 <+giant_it_burrit> im waiting for it to become really good 20:44 <+giant_it_burrit> id like to use it 20:45 <+giant_it_burrit> places to document we are geting better at but people have to do it 20:45 < admiralspark> Yeah, I'm having to use 2.5 to get what I need and still finding some cases where I need ps-remoting to do stuff 100% but it's getting there 20:45 < admiralspark> giant_it_burrit: my goal is automated documentation :) but shitty vendors stand in my way 20:45 < Tekz> admiralspark, Bookstack looks interesting. 20:46 < Tekz> thanks for pointing it out 20:46 < admiralspark> one of them...the "install" process changes every week 20:46 < admiralspark> Tekz: it's got really good WYSIWYG editing and it's got a low learning curve, which means easier adoption by techsa 20:46 < admiralspark> and full encrypted AD integration for auth and editing, on top of change tracking 20:47 < admiralspark> and the other typical "wiki" benefits 20:47 < Nightcinder> https://arstechnica.com/gadgets/2018/06/microsoft-andromeda-this-year-new-hololens-in-2019-and-the-next-xbox-in-2020/ 20:47 <+layer-eight> * Nightcinder → Microsoft “Andromeda” this year, new HoloLens in 2019, and the next Xbox in 2020 | Ars Technica 20:47 <+giant_it_burrit> admiralspark: how does it tie in with ansible and such 20:48 < admiralspark> I'm still looking at 3-5 yrs to realistically have one-service-per-server and real abstracted virtualization, we're vmware/windows enterprise atm. Soon™ 20:48 < admiralspark> giant_it_burrit: I use ansible to provision it entirely and just let our backups take care of the vm data? 20:48 < admiralspark> or do you mean my ansible stuff tying into it's docs? 20:49 <+giant_it_burrit> the latter 20:49 <+giant_it_burrit> that would be nice 20:50 < admiralspark> I use my git repo for the "why" and "how" of all my ansible stuff. I have powershell and python scripts that update the data in bookstack right now, just making db edits. All of the information in Bookstack is stored in the DB so I can have it save stuff as "draft" and then finalize it myself, or just auto-update in the case of stuff like app version numbers or other smaller bits of info 20:50 < admiralspark> I use it for process documentation for regulatory reasons 20:50 < admiralspark> for about 80% of it 20:50 < Heresiarch> awh, I was hoping bookstack had an api. 20:51 < admiralspark> Heresiarch: https://github.com/BookStackApp/BookStack/issues/823 20:51 <+layer-eight> * admiralspark → GitHub → BookStackApp → BookStack → A platform to create documentation/wiki content built with PHP & Laravel → @ ~ 2 days ago → PHP → ✡ 1,504 → Forks: 233 → ☹ 225 20:51 < admiralspark> It's open source, just needs the contribution 20:52 <+giant_it_burrit> i will hold atm 20:52 < admiralspark> I'm focusing on other projects right now, else I'd help 20:52 < Heresiarch> admiralspark: true, but an API is a massively non-trivial addition (if it's not already there). 20:52 < admiralspark> giant_it_burrit: if you want full automation for documentation, I had that working with Dokuwiki and its API, but dokuwiki is ugly 20:53 <+giant_it_burrit> ill hold off 20:53 <+giant_it_burrit> maybe anisble will be good on windows by then 20:53 < admiralspark> Heresiarch: I know :P I don't have the time right now to stay on top of my ongoing projects, beginning that would be a dead end 20:53 < asimon> Just found a vscode extension that provides spotify integration 20:53 < admiralspark> giant_it_burrit: haha, word 20:53 < Heresiarch> heh 20:53 < asimon> That's pretty sweet 20:53 < admiralspark> asimon: what...is the use-case? 20:54 < Tekz> What about something like Drupal 20:54 < admiralspark> Tekz: what about it? 20:54 < Tekz> idk just mentioning it 20:54 < admiralspark> it's a CMS 20:54 < scwizard> at my bosses advice 20:54 < Tekz> oh, really? 20:54 < asimon> admiralspark: So you don't have to spend valuable time opening the spotify window to see what song is playing or skip songs 20:54 < scwizard> i created a seperate service in a different availability zone that does the same thing 20:54 < admiralspark> Tekz: oh wait, I bet I know something that might interest you 20:54 < scwizard> and we will see if the queue gets worked twice as fast this way 20:55 < admiralspark> asimon: ahhhhhhh I see, the player controls would be in VSC 20:55 < Heresiarch> scwizard: ...k. 20:55 < admiralspark> Tekz: https://www.combodo.com/itop-193 check this out. Might help 20:55 < scwizard> it's a crazy idea but 20:55 <+layer-eight> * admiralspark → iTop: open source ITIL ITSM CMDB Software 20:55 < scwizard> it's a crazy problem so 20:55 < scwizard> i think it's smart 20:56 < admiralspark> Tekz: that should help document, show what ties to what, help with change management and outage scoping, etc 20:58 < Tekz> ok yeah this is more what i was talking about 20:58 < Tekz> it looks like overkill for my uses but yeah 21:18 < JFDkthx> desktop guy said he needed a ps2 mouse kb 21:18 < JFDkthx> went to the server found an old old ibm kb. and an old three button mouse sun kb 21:18 < JFDkthx> asked him if he wanted the nipple or the ball 21:18 < JFDkthx> he didnt get it 21:19 < felda> always take the nips 21:23 < asimon> Idk I kind liked the balls 21:24 < JFDkthx> asimon: i expect that from you 21:24 < asimon> you what 21:24 < JFDkthx> asimon: 19:24:32 JFDkthx | asimon: i expect that from you 21:25 < asimon> oh thanks 21:25 < JFDkthx> np 21:26 < corn266> question regarding cryptsetup; if I `cryptsetup luksFormat /dev/sdX` does that actually encrypt anything, or is it just setting it up as a crypto_LUKS type with header and other info? 21:31 < corn266> Like if I ran a `dd if=/dev/urandom of=/dev/sdX` before the luksFormat, is it still necessary to write zeroes to the now crypto_LUKS drive 21:32 < joelazot> hello 21:32 < corn266> how was your chem test 21:32 < joelazot> good ty 21:32 < joelazot> i got a high achieved 21:33 < joelazot> so like a 17 / 25 i think 21:33 < JFDkthx> dont get high while taking tests 21:33 < JFDkthx> silly 21:33 < joelazot> but today i have a english test lmao 21:33 < joelazot> but im good at english 21:33 < joelazot> dw 21:33 < joelazot> i'm overthinking my career so much 21:33 < JFDkthx> corn266: no? 21:33 < joelazot> brb 21:33 < JFDkthx> to your q 21:44 < corn266> JFDkthx: I figured, we'd just be writing random data twice 21:47 < joelazot> For some reason im getting really anxious that if I go the devops route regarding my career like I want to I won't find a job or I won't be good enough to get hired... So its like do I just go down the whole windows route cause I do have a lot more knowledge currently regarding Windows Server in comparison to Linux infrastructure; or Linux in general. side note: I'm still in high school and are about 2 years away from finis 21:48 < joelazot> Also another thing if I go down the windows route; will windows server on prem even be a thing in 20 years? I feel like I'm over thinking all of this, and I can't really stop. 21:48 < felda> anyone in here worked at a radio station? 21:48 < felda> their audio setup is cray as fuck 21:49 < asimon> joelazot: You're thinking way too far ahead imho 21:49 < asimon> 2 years is a long time 21:50 < xamithan> devops isn't a route it is a methadology 21:50 * asimon puts another coin in his Nobody agrees on what devops actually is jar 21:51 < joelazot> devops is a process, it's just that so little people call it what it really is so i think i may as well just call it what everyone else calls it 21:51 < joelazot> well refer to it in that way rather 21:51 < joelazot> in my opinion 21:51 < xamithan> The job listings all want programmers 21:51 < joelazot> yeah 21:52 < joelazot> i just don't know what I really should learn y'know 21:52 < xamithan> Whatever you want 21:53 < asimon> Build some tf2 mods or whatever it is high school kids do 21:53 < joelazot> yeah 21:53 < felda> cryptic1 Code_Man65 killdash9 ravioli pretty sure joelazot is saying the naughty word 21:53 <@cryptic1> ? 21:53 < BytesAndCoffee> ! 21:53 <@cryptic1> did someone say devoops? 21:53 < xamithan> The pace tech is going are you sure sysadmins are still going to be around when you get out of college joel 21:53 < joelazot> ok 21:53 < xamithan> We might be replaced by programmers by then 21:54 <@cryptic1> probably by brogrammers 21:54 < joelazot> o 21:54 < McDonaldsWiFi> check out this struct brah 21:54 < BytesAndCoffee> xamithan: who will the programmers come crying to when they screwed up not just their VM, but the entire host, and forgot to set up backups 21:54 < Church-> Heya folks 21:54 < McDonaldsWiFi> no shit, are you referencing a variable before you define it? wtf you doin BRAH?! 21:54 <@cryptic1> exactly 21:54 < xamithan> They would put in a ticket with AWS 21:54 < xamithan> of course 21:55 < joelazot> I just want to work with virtualization server technologies and linux or windows 21:55 < BytesAndCoffee> xamithan: what about AWS's sysadmins, will they be gone? 21:55 < xamithan> Nah, their job duties will just change 21:56 < joelazot> so if i go down the windows route i should basically be learning azure and powershell and such? 21:56 < joelazot> in 10 years will i be a dev's babysitter? 21:56 < xamithan> Depends 21:56 < xamithan> You might be doing desktop support 21:56 < xamithan> In which case you'd be babysitting end users 21:56 < BytesAndCoffee> "You're being reassigned to money watching, here's your ticket to south america" "But, what?" "Why did you think it was called Amazon Web Services? 21:56 < BytesAndCoffee> " 21:57 < BytesAndCoffee> s/money/monkey/ 21:57 <+layer-eight> [SED BytesAndCoffee] "You're being reassigned to monkey watching, here's your ticket to south america" "But, what?" "Why did you think it was called Amazon Web Services? 21:57 < joelazot> lol 21:57 < grumplestiltzkin> There are large spiders involved too, just a head's up 21:58 < BytesAndCoffee> grumplestiltzkin: i mean, how else do they work on the world wide web? you need some fucking big spiders 21:58 < grumplestiltzkin> srs 21:59 < silentfury-s4pro> so that's why they're "crawlers" 21:59 < silentfury-s4pro> TIL! 21:59 < BytesAndCoffee> don't get me started on the shit you go through working at barracuda networks 22:00 < JFDkthx> cryptic1: get back to work 22:01 < rhqq> cryptic1: get back to work 22:01 <@cryptic1> d: 22:01 <@cryptic1> D: 22:01 < rhqq> hah 22:01 < rhqq> you failed! 22:01 <@cryptic1> rhqq, everyone fails eventually 22:02 <@Code_Man65> You lean more from failure than you do from success 22:02 <@Code_Man65> If you don't make mistakes, you don't learn 22:02 < felda> I am leaning a lot right now 22:02 < felda> I'm practically perpendicular with the ground 22:02 < JFDkthx> Code_Man65: doesnt mean i get to take creadit for fixing something i broke at work 22:02 < Heresiarch> felda: parallel. 22:03 < joelazot> i'll probably end up being a normie windows sysadmin 22:03 < JFDkthx> Heresiarch: he's leaning so much hes come all the way around. 22:03 < felda> woops 22:03 < felda> s/ground/my house 22:03 <+layer-eight> [SED felda] I'm practically perpendicular with the my house 22:03 < felda> .... perfect 22:03 < JFDkthx> are you high 22:03 < felda> i am recovered 22:03 < Heresiarch> joelazot: you'll be a dev's babysitter in one form or another anyway. The only question is whether you'll also be an enduser's babysitter too. 22:04 < joelazot> i really hope i won't be a end users babysitter 22:04 < jaelae> vendor trying to sell me some software is 4 minutes late to this meeting 22:04 < jaelae> at 5 minutes i call it right? 22:04 < silentfury-s4pro> i usually give it 10, but it would depend on the relationship with the vendor/salesrep 22:05 < jaelae> i am barely interested 22:05 < silentfury-s4pro> then why the meeting? 22:05 < JFDkthx> if they are 15 minutes late you are legally allowed to leave. 22:05 < scwizard> i'm so fucking lost 22:05 < BytesAndCoffee> jaelae: keep the meeting on, drag it out as long as possible 22:05 < scwizard> so I tried my boss's thing of having another service in another availability zone 22:05 < BytesAndCoffee> "You wasted my time, i waste yours" 22:05 < jaelae> no way 22:05 < jaelae> my time is too valuable 22:05 < scwizard> and the queue is still worked at the same rate 22:06 < jaelae> i just figured sometimes i like to see new stuff 22:06 < jaelae> maybe something will interest me 22:06 < scwizard> I spin up the old ec2 instances and it gets worked faster 22:06 < BytesAndCoffee> jaelae: also im petty as hell 22:06 < scwizard> so the bottleneck isn't on the sqs side 22:06 < Casteil> thinning down my herd of chipmunks... 3 down, only 397 left to go 22:06 < BytesAndCoffee> so take that in to account 22:06 < jaelae> for the most part we have the perfect environment so hard to jump to an alternative. but i do like to get pricing from competitors so we can justify upgrades 22:06 < scwizard> it's not on the networking supposedly 22:06 < scwizard> i have no idea where it is 22:06 < Heresiarch> scwizard: does it matter? 22:06 < scwizard> Heresiarch: all I know is that, I can't figure out how to work the queue quickly via fargate 22:06 < scwizard> no matter how I configure it 22:07 < Heresiarch> scwizard: https://www.youtube.com/watch?v=VFqfglY45kY 22:07 <+layer-eight> * Heresiarch → YouTube → Wash - Do we care? Are we caring about that? → ⚘ 12,737 ↑ 44 ↓ 0 ✍ 3 22:08 < scwizard> no idea what to do now 22:08 < scwizard> ditch fargate? 22:08 <+ihre> start herding goats 22:08 < scwizard> ihre: don't tempt me bro 22:08 <+ihre> do it 22:08 < scwizard> when i was a kid 22:08 < scwizard> i knew a sysadmin 22:08 < Heresiarch> scwizard: "Doctor! Doctor! My arm hurts when I move it like this!" "Ok, don't move it like that." 22:08 < scwizard> who ended up becoming a zen buddist and quitting tech 22:09 < scwizard> Heresiarch: so what is "moving my arm like this" in this case? 22:09 < scwizard> using fargate? 22:09 < Heresiarch> yup. 22:10 < Heresiarch> scwizard: if you were paying for support, you could ask AWS why. Otherwise, call it a learning experience and move on. 22:10 < scwizard> well here's the thing 22:10 < scwizard> we are paying for support but like 22:10 < scwizard> my previous adventures with AWS support have sort of led up to this moment 22:10 < scwizard> I learned that autoscaling groups with launch templates 22:10 < scwizard> and I learned that amazon aurora 22:10 < scwizard> both weren't what they were cracked up to be 22:11 < scwizard> and basically that the new shit amazon is coming out with is fucking broken 22:11 < scwizard> so at this point i'm starting to notice a pattern 22:11 < Heresiarch> which is? 22:12 < scwizard> that using products released in 2016/2017 is a bad idea 22:12 < Heresiarch> scwizard: https://media2.giphy.com/media/EaTtW2ar3ccog/source.gif 22:12 <+layer-eight> * Heresiarch → IMAGE/GIF Document, 1,001,698 bytes 22:20 < vinrock> 4:20 blaze it yo 22:21 < Driveways_> I need a sanity check. vhosts defined in apache with servername, order shouldn't matter right? I have a config for zabbix with zabbix.conf and going to it resulted in getting the default welcome page. If I move zabbix.conf to 00-zabbix.conf I get the zabbix page 22:21 < Driveways_> Order being the pickup in conf.d from httpd.conf 22:23 < Heresiarch> Driveways_: are you accessing the server with just ? 22:23 < Driveways_> servername is the fqdn and using the fqdn i got the welcome page until moving to 00-zabbix.conf 22:25 < McDonaldsWiFi> guys 22:25 < McDonaldsWiFi> I offically got a new job. 22:25 < corn266> chronic masturbation isn't a job 22:25 < McDonaldsWiFi> I'm a sysadmin by title! Do I belong now 22:25 < asimon> McDonaldsWiFi: glhf 22:25 < McDonaldsWiFi> corn266: that's my part time jerb 22:25 < McDonaldsWiFi> ;P 22:26 < McDonaldsWiFi> is there some kind of secret sysadmin club? 22:26 < dragonfleas> could i copy the config from my 5510 to a 5506-x and the config still work? 22:26 < dragonfleas> shit sorry i know this is more of a networking question 22:29 < vinrock> when you become a sr. someone can teach you the secret handshake 22:29 < Hunterkll> heh 22:29 < Hunterkll> "High quality cutscenes for P2-450 and up" 22:29 < Hunterkll> yes please 22:29 < Hunterkll> give me the high quality 22:29 < Hunterkll> but pentium 2 450? 22:29 < Hunterkll> not sure if my i9 can handle this 22:32 < JollyRgrs> what is it about today? 22:32 < JollyRgrs> the hot indian girl and the hot german (descent) girl are both super flirty with me today 22:32 < Hunterkll> lol 22:32 < asimon> It's a trap 22:33 < MadCamel> it's a tarp 22:33 < Hunterkll> how big's her dick? 22:33 < McDonaldsWiFi> It's a tarp 22:33 < JollyRgrs> asimon: i might be getting a new position, but it is still within the overall company 22:33 < JollyRgrs> Hunterkll: want me to ask her? 22:33 < MadCamel> it doesn't matter as long as it's a feminine dick 22:33 < asimon> JollyRgrs: glhf 22:33 < JollyRgrs> she said she'd bring me a brat from a legit german shop in her town next time she visits here 22:33 < JollyRgrs> lol 22:33 < McDonaldsWiFi> i dont know what's happening 22:34 < JollyRgrs> McDonaldsWiFi: DING! your buns are done 22:34 < Hunterkll> JollyRgrs, that sounds about as smart as me taking a selfie in front of the kremlin and then sending it to my work's all employees email list 22:34 * JollyRgrs changes McDonaldsWiFi's name to BurgerKingWiFi 22:35 < JollyRgrs> Hunterkll: lol 22:35 < Hunterkll> don't get me wrong 22:35 < Hunterkll> i'm totally gonna take the selfie in front of the kremlin 22:35 < agent_white> "Do you take risks?... Are you a risky person?... A frisky person?" Fuck I hate these "strongly agree, agree, half agree, quarter agree" stupid questionnaires. 22:35 < Hunterkll> just not do the second part which will probably get be blackballed from every ;US government agency ever 22:35 < Hunterkll> lol 22:35 < JollyRgrs> agent_white: maybe i should ask those ?s to these girls? 22:35 < asimon> agent_white: They should just hire the akinator as consultant 22:36 < Heresiarch> Hunterkll: nah, you just have to win an election. 22:36 < JollyRgrs> Hunterkll: whaaat? nah, never 22:36 < Hunterkll> Heresiarch, lol 22:36 < Hunterkll> Heresiarch, can i shoot someone on 5th ave too? 22:36 < Hunterkll> or does that have to come after 22:36 * asimon adds Huntekll to list 22:36 < Hunterkll> which one? 22:36 < JollyRgrs> Hunterkll: you'd wanna wait until after, so you could self-pardon 22:36 < Hunterkll> lol 22:36 < Heresiarch> It has to come after if you shoot someone on 5th ave. If you go to Battery Park you can do it today. 22:36 < asimon> That's for me to know 22:37 < asimon> and for you to not know 22:37 < asimon> Anyways, it's 5:00 somewhere 22:37 < Hunterkll> asimon, is it the same one where i know i'm gonna get hassled by customs because my travel itenerary is literally DEFCON -> Washington D.C -> Moscow -> Baltimore ? 22:37 < Hunterkll> lol 22:37 < asimon> Don't forget to back up your stuff 22:37 < agent_white> JollyRgrs: Do it. "You find me handsome: strongly agree, or very strongly agree?" 22:37 < Hunterkll> back up? 22:37 < Hunterkll> pfff 22:37 < Hunterkll> shit 22:37 < Hunterkll> my personal laptop has the DoD logon banner 22:37 < JollyRgrs> agent_white: "are you a risky person?" 22:37 < Hunterkll> that's probably a bad idea 22:37 < Hunterkll> :D 22:37 < JollyRgrs> "are you a frisky person?" 22:38 < JollyRgrs> "do you want to send me pics of your tatas?" 22:38 < dragonfleas> Is there a way to get ASA updates for my firewall without having a support contract? 22:38 < JollyRgrs> #savethetatas 22:38 < dragonfleas> JollyRgrs, i know you have a way to do it 22:38 < JollyRgrs> dragonfleas: yeah, that's basically the whole point of #bearcave 22:39 < Hunterkll> lolol 22:39 < Hunterkll> dragonfleas, pirate bay 22:39 < Hunterkll> find the file name, find an IOS collection with the file in it 22:39 < dragonfleas> what's bearcave 22:39 < Hunterkll> oh god 22:40 < Hunterkll> JollyRgrs, i thought bearcave experience was required to use IRC 22:40 < Hunterkll> or did they finally relax the license requirements 22:40 < JollyRgrs> dragonfleas: ios updates and so much more 22:40 < catbeard> i have an OG IRC license 22:40 < dragonfleas> where the fuck do i get that 22:41 < dragonfleas> how do i get to bearcave 22:41 < Heresiarch> Hunterkll: some of us got grandfathered in without having to cave a bear. 22:41 < JollyRgrs> ^^ 22:41 < catbeard> ^ 22:42 < JollyRgrs> catbeard: did you ever get your OG irc license to work with mIRC when that was a thing? 22:42 < Hunterkll> fucking virgins the lot of you 22:42 < rhqq> xD 22:42 < Heresiarch> Hunterkll: of course we are. A sandwich is always better if you know no one had fucked it. 22:43 < Hunterkll> dragonfleas, anyway, it's #bearcave on efnet 22:43 < Hunterkll> they have an mp3 server too 22:43 < vinrock> that channel name doesnt sound kosher 22:43 < Hunterkll> * Topic for #bearcave is: [#Bearcave] Since '93 | Welcome little baby bears | PM mp3some for ops | <@Midnight> bearcave lives matter <@mp3sum> make bearcave great again 22:43 <@Code_Man65> I'll bet that channel is unbearable 22:43 < Hatter> my channel invented sending people to #bearcave as a joke 22:43 < vinrock> hyuk hyuk hyuk 22:43 < Hunterkll> 'tis not really a joke though 22:44 < Hunterkll> dragonfleas needs ASA firmware updates 22:44 < Hunterkll> lol 22:44 < Hatter> oh #bearcave will definitely have that 22:44 < Heresiarch> trolling warez sites for firmware updates to a firewall. #soundslegit 22:44 < Heresiarch> s/sites/channels/g 22:44 < Hunterkll> Heresiarch, cisco does digitally sign them 22:44 < Hunterkll> and they do validate 22:44 < Hunterkll> so 22:44 < Hunterkll> and you can always hash shit 22:44 < Hunterkll> like with MSDN having hashes posted online 22:45 < Casteil> hash is illegal yo 22:45 < Hunterkll> i'm gonna go with this is NSFW (text only, instructions on medication )but god damn - https://i.imgur.com/o4LjmLU.png 22:45 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 314,323 bytes 22:45 < Hunterkll> those instructions 22:45 < Hunterkll> :X 22:45 < Casteil> yum, my kind of girl 22:45 < Casteil> >.> 22:46 < Casteil> "extra texture!" 22:48 < dragonfleas> Result of the command: "show version" 22:48 < dragonfleas> Cisco Adaptive Security Appliance Software Version 8.2(5) 22:48 < dragonfleas> Device Manager Version 6.4(5) 22:48 < dragonfleas> i need update pls 22:48 < Hunterkll> dear god 22:48 < Hunterkll> is that fred flinstone's firewall? 22:49 < fredopasta> Who what 22:49 < fredopasta> Don't bring my family into this 22:50 < dragonfleas> this is an old 5510 boys 22:51 < Heresiarch> dragonfleas: is this in your homelab, or prod? 22:51 < dragonfleas> Heresiarch, prod 22:51 < dragonfleas> we have 1 5510, and 2 5505's 22:51 < Heresiarch> dragonfleas: ...what was your IP address again? 22:51 < dragonfleas> 69.69.69.69 22:52 < dragonfleas> 172.69.urmum.cocainedealers.net 22:52 < Heresiarch> ...wasn't there a major ASA vuln that was only fixed in the 9.x branch? 22:52 < Hunterkll> dragonfleas, you should be on 9.2.something 22:52 < Hunterkll> or 9.1.something 22:52 < Hunterkll> 9.2 better IMO 22:53 < Hunterkll> Heresiarch, but he's on a super ancient as fuck version 22:53 < Hunterkll> like SUPER anceint 22:55 < Heresiarch> there was! https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1 22:55 <+layer-eight> * Heresiarch → Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability 22:55 < rpifan_> hi 22:55 < rpifan_> jesus christ my bank is just ridiculous 22:55 < dragonfleas> I know Hunterkll I wish I could 22:55 < rpifan_> this is a credit union but they have decied to turn on overdraft protection 22:55 < rpifan_> even though i told them not too 22:56 < rpifan_> fucken a 22:56 < McDonaldsWiFi> later haters 22:56 < xamithan> call 'em up and tell them to turn it off 22:57 < rpifan_> i did but as i was at bonaroo i kept using my card and they kept charging me to transfer money from my saving account over and over again like 10 times 22:57 < rpifan_> and i just saw it 22:57 < rpifan_> i am sooo pissed because right before that i had sent them an email to disable that feature to begin with 22:57 < xamithan> Why you spending money you don't have in the account 22:57 < Hunterkll> dragonfleas, you need this filename - asa924-33-k8.bin 22:57 < Hunterkll> that's the may 8th release 22:57 < dragonfleas> how do i download it? 22:57 < Hunterkll> google, bitch 22:57 < rpifan_> because if there is no money it should deny my transaction 22:57 < rpifan_> why doesnt it do that 22:58 < dragonfleas> is this site legit? 22:58 < dragonfleas> http://sfree.ws/model?main_group_id=1&child_group_id=174&model_id=1509&release_id=25847 22:58 <+layer-eight> * dragonfleas → sfree.ws 22:58 < xamithan> Maybe you should switch to cash 22:58 < xamithan> debit cards suck anyway, they have no protections like credit cards 22:58 < Hunterkll> dragonfleas, yes, not the most recent files, but yes 22:58 < Hunterkll> you can check the cisco download site for hashes 22:58 < Hunterkll> and compare them 22:58 < Hunterkll> https://software.cisco.com/download/home/280582808/type/280775065/release/9.2.4%20Interim 22:58 < Hunterkll> don't need to log in to see hashes 22:58 < Hunterkll> just click on the release name 22:59 < JollyRgrs> rpifan_: don't you know how to um... keep tabs on your finances? 22:59 < Hunterkll> ^ 22:59 < Hunterkll> but i'd rather have a charge go through in most cases than not 22:59 < Hunterkll> especially if i forget about a bank draft or something 23:00 < Hunterkll> but i usually keep around $1k in my checking account anyway... 23:00 < Hunterkll> and use credit cards for everything... 23:00 < dragonfleas> Hunterkll, are the 5505 and the 5510 releases the same? 23:00 < dragonfleas> because under the 5505 there's newer versions 23:00 < rpifan_> well im poor 23:00 < rpifan_> besides preauthorized ach chargers 23:00 < xamithan> credit cards are made for poor peoples 23:00 < rpifan_> will always go through 23:00 < rpifan_> regarldess 23:00 < Hunterkll> dragonfleas, same firmware image used on both 23:00 < Hunterkll> rpifan_, bullshit. a written cehck is a pre-authorized charge that will bounce 23:00 < Hunterkll> :) 23:01 < dragonfleas> Hunterkll, there's no asdm updates on this site? 23:01 < Hunterkll> actually wait 23:01 < Hunterkll> 5510 might not be able to run 9.2 23:01 < Hunterkll> asa917-29-k8.bin 23:01 < Hunterkll> https://software.cisco.com/download/home/279916854/type/280775065/release/9.1.7%20Interim 23:01 < Hunterkll> i forget why but some models couldn't 23:01 < Hunterkll> or were never supported 23:02 < Hunterkll> even though the image should work 23:02 < Hunterkll> might have been /just/ the 5510 because i think my 5540 hgad 9.2 23:02 < Hunterkll> or maybe that was an x 23:02 < Hunterkll> either way 23:02 < Hunterkll> dragonfleas, OH 23:02 < Hunterkll> dragonfleas, you can get cisco to give you updates directly if it is a security patch even without contract 23:03 < Hunterkll> https://www.tenable.com/blog/identifying-systems-affected-by-cisco-asa-critical-vulnerability-cve-2018-0101 23:03 <+layer-eight> * Hunterkll → Identifying Systems Affected by Cisco ASA Critical Vulnerability (CVE-2018-0101) - Blog | Tenable™ 23:03 < Hunterkll> just need to use livechat support if you have a flawed version affected by ... well, any vulnerability 23:03 < scwizard> that was an ugly meeting with my boss 23:04 < scwizard> he is not happy 23:04 < Hunterkll> stop using so much teeth 23:04 < scwizard> he really wanted fargate to be a thing and be amazing 23:04 < Hunterkll> dragonfleas, i can give you my ASDM image 23:04 < Hunterkll> that's really up to date 23:05 < dragonfleas> Hunterkll, pls 23:05 < dragonfleas> google drive it to me? 23:05 < Hunterkll> dragonfleas, https://www.dropbox.com/s/jt894foyxc1dy90/asdm-782-151.bin?dl=0 23:05 <+layer-eight> * Hunterkll → Dropbox - asdm-782-151.bin 23:05 < Hunterkll> ASDM 7.8(2)151 23:07 < Hunterkll> oh huh 23:07 < Hunterkll> ASA 5510 does have 9.2 23:07 < JFDkthx> Hunterkll: i was going to tell you something yesterday 23:07 < joelazot> english essay time boys 23:07 < JFDkthx> i cant remember it now 23:08 < Hunterkll> neveermind 23:08 < Hunterkll> no it doesn't 23:08 < JFDkthx> so instead, i'll just let you know. 23:08 < JFDkthx> you're a butt 23:08 < Hunterkll> yea 23:08 < Hunterkll> dragonfleas, 9.1 only for yuou 23:08 < Hunterkll> lol 23:08 < Hunterkll> Note: The ASA 5510, ASA 5520, ASA 5540, ASA 5550, and ASA 5580 are not supported in this release or later. ASA Version 9.1 was the final release for these models. 23:08 < Hunterkll> 5505 can take 9.2 23:08 < Hunterkll> lol 23:08 < onenerdyguy> Hunterkll, bah 23:08 < dragonfleas> i reloaded and it crashed 23:09 < Hunterkll> wat 23:09 < Heresiarch> ...is there a step release between 6.x and 9.x? 23:09 < Hunterkll> wut r u doin 23:09 < Hunterkll> Heresiarch, probably 23:09 < Hunterkll> but he's on 8.x 23:09 < onenerdyguy> Hunterkll, bah. we've got a 5510 23:09 < Hunterkll> and he only upgraded ASDM, not ASA 23:09 < Heresiarch> ah, ok. 23:09 < Hunterkll> i didn't think you had to reload for an ASDM upgrade 23:09 < Hunterkll> it will forcefully upgrade your ASDM launcher too 23:10 < onenerdyguy> asdm doesn't need a reload, only if you do the ASA 23:10 < felda> AT&T + Time Warner merger just approved by judge! 23:10 < Heresiarch> ...shocking. 23:10 < felda> https://www.cbsnews.com/news/judge-rules-on-att-time-warner-merger-live-stream/ 23:10 <+layer-eight> * felda → AT&T - Time Warner merger decision: Judge Richard Leon approves AT&T $85 billion purchase of Time Warner today - live updates - CBS News 23:10 < dragonfleas> i reloaded and it's taking forever to boot back up 23:11 < Hunterkll> also 23:11 < felda> smash tournament on at E3 23:11 < Hunterkll> here you go 23:11 < Hunterkll> information disclosure vulnerability 23:11 < Hunterkll> https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20180606-asaftd.html 23:11 <+layer-eight> * Hunterkll → Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability - Cisco 23:11 < Hunterkll> this month 23:11 < onenerdyguy> felda, they approved it?! 23:11 < felda> onenerdyguy yup 23:11 < felda> $85 million 23:11 < onenerdyguy> jesus 23:11 < onenerdyguy> well, there it goes guys 23:11 < onenerdyguy> we had a good run of not being full on monopolies 23:11 < felda> sorry $85 BILLION dollary doos 23:11 < felda> that's a shit ton 23:12 < Heresiarch> o/ 23:12 < Hunterkll> dragonfleas, so if you call up TAC with that advisory # 23:12 < Hunterkll> you can get the latest versions 23:12 < Hunterkll> of ASA OS software 23:12 < Hunterkll> though you REALLY want to check to see if there are interim steps 23:12 < Hunterkll> sometimes you have to step througoh specific versions 23:13 < dragonfleas> i updated ASA and it's still stating that it's 8.2 23:13 < Hunterkll> because you didn't update ASA 23:13 < Hunterkll> you updated ASDM 23:13 < Hunterkll> that is different 23:13 < dragonfleas> no 23:13 < dragonfleas> i didn't updated ASDM 23:13 < Hunterkll> ASDM is your pretty GUI management tool 23:13 < dragonfleas> i updated ASA 23:13 < Hunterkll> why? 23:13 < grumplestiltzkin> IIRC you have to update the ASA code before the ASDM, but its been a while 23:13 < Hunterkll> sfree.ws file? 23:13 < dragonfleas> yeah Hunterkll 23:13 < dragonfleas> maybe it failed? 23:13 < Hunterkll> did you change your boot file? 23:13 < Hunterkll> you may have just uploaded it 23:13 < Hunterkll> and not switched to it 23:14 < Hunterkll> i really hope you have a console cable on this thing 23:14 < Hunterkll> lol 23:14 < dragonfleas> i used ASDM's upgrade tool 23:14 < Hunterkll> dragonfleas, you NEED to upgrade to 8.4(5) or higher 23:14 < dragonfleas> oh it's because ASDM doesn't know anything newer than 8.2(5) 23:14 < Hunterkll> first 23:15 < dragonfleas> nope 23:15 < dragonfleas> it worked 23:15 < dragonfleas> i just did a show version 23:15 < Hunterkll> your config may be fucked 23:15 < Hunterkll> then 23:15 < Hunterkll> or you may have some seroius unintended side effects 23:15 < Hunterkll> https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/release/notes/asarn91.html#pgfId-763574 23:15 <+layer-eight> * Hunterkll → Release Notes for the Cisco ASA Series, 9.1(x) - Cisco 23:15 < dragonfleas> no it's because i'm on the old version of ASDM 23:15 < Hunterkll> i'm not talking about that 23:15 < dragonfleas> fuckkkkk 23:15 < Hunterkll> i'm talking about the fact that the cisco documentation says explicitly you need to update to 8.4(5) first 23:15 < dragonfleas> fuck 23:15 < dragonfleas> well what do i do now 23:16 < dragonfleas> i mean the firewall is up and working 23:16 < Hunterkll> install 8.4(5) 23:16 < Hunterkll> then show-run 23:16 < Hunterkll> if it looks sane, copy run start 23:16 < dragonfleas> downgrade to 8.4(5)? 23:16 < Hunterkll> right now your old config hasn't been modified yet 23:17 < Hunterkll> i'd slap 8.4(5) oin there for the moment 23:17 < Hunterkll> then let it run for a bit 23:17 < Hunterkll> to validate you're still sane 23:17 < dragonfleas> i'm looking at my config right now and it looks fine? 23:17 < dragonfleas> on 9.1(7) 23:17 < Hunterkll> cisco usually says these for a reason 23:17 < dragonfleas> ok is it fine if i do a code downgrade? or is that going to fuck me? 23:17 < Hunterkll> like, if you were on 9.1(1) you have to go to 9.1(2) before you can go to 9.1(newer) 23:17 < Hunterkll> no you're fine 23:18 < Hunterkll> usually 23:18 < Hunterkll> but if you're on 9.1(2) you can go to the latest 23:18 < Hunterkll> there's quirks 23:18 < dragonfleas> ok 23:18 < Hunterkll> check first 23:18 < dragonfleas> so go from 8.4(5) to 9.1(2) to 9.1(7)? 23:18 < Hunterkll> no no 23:18 < Hunterkll> 8.4(5) can go directly to 9.1(7) 23:18 < Hunterkll> check your flash 23:18 < Hunterkll> you should have a backup of the config 23:19 < Hunterkll> https://supportforums.cisco.com/t5/firewalling/downgrade-asa-8-4-6-to-8-2-1/td-p/2458805 23:19 <+layer-eight> * Hunterkll → Solved: downgrade ASA 8.4(6) to 8.2(1) - Cisco Support Community 23:19 < Hunterkll> go back to your old version with the config backup (or, if the config startup hasn't changed - check modified date on flash - just roll back and roll forward 23:19 < dragonfleas> I just downgraded to 8.4(5) 23:20 < Hunterkll> dragonfleas, for future reference, here's the ASA upgrade path bible https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/planning.html#ID-2152-0000000a 23:20 <+layer-eight> * Hunterkll → Cisco ASA Upgrade Guide - Planning Your Upgrade [Cisco ASA 5500-X Series Firewalls] - Cisco 23:20 < dragonfleas> i don't have a 5500-x 23:20 < dragonfleas> I have a 5505 23:21 < Hunterkll> .... there is no such thing as a 5500-x 23:21 < Hunterkll> the lowest would be the 5506-x 23:21 < Hunterkll> or 5505 which is still in the 5500 series 23:21 < dragonfleas> I have a 5505 23:21 < dragonfleas> non-x 23:21 < Hunterkll> the non-x models just can't go past 9.2 for the '05, and 9.1 for the '10 and higher 23:21 < Hunterkll> the software version and requirements do not change. 23:21 < Hunterkll> the firmware downloads for the 5505 are also listed in the 5500-X category, if you didn't see that before 23:22 < Hunterkll> regardless, you're now on 8.4(5) 23:22 < dragonfleas> yeah 23:22 < Hunterkll> check your running config 23:22 < Hunterkll> then do write mem / copy run start 23:22 < Hunterkll> or whatever to save it to disk 23:22 < dragonfleas> there's a log of "upgrade_startup_errors_201806120611.log" 23:22 < Hunterkll> this will save the new syntax that it upgraded 23:22 < Hunterkll> heh 23:22 < Hunterkll> this is why i said to roll back to the old version and old config first 23:22 < Hunterkll> but ah well 23:22 < dragonfleas> WAIT WHAT 23:22 < Hunterkll> review that file 23:22 < dragonfleas> how do i review old config? 23:22 < Hunterkll> it should have made a backup on flash 23:23 < Hunterkll> and you should have made a backup before upgrading 23:23 < dragonfleas> well i don't know anything about firewalls 23:23 < dragonfleas> or cisco devices 23:23 < Hunterkll> well then stop shotgunning changes before i'm finish saying things 23:23 < Hunterkll> :P 23:23 < dragonfleas> ok 23:23 < Hunterkll> but in the file transfer window 23:23 < Hunterkll> of ASDM 23:23 < Hunterkll> on the root of your flash drive 23:24 < Alternity> ugh, one of our users got phished 23:24 < Hunterkll> you might see something like oldconfig_date_number.cfg 23:24 < Hunterkll> maybe 23:24 < dragonfleas> Yes i do see that Hunterkll 23:24 < Alternity> they got infected with emotet 23:24 < Hunterkll> dragonfleas, i assume it has today's date? 23:24 < potoftea> Hey guys, any one experienced as independent contractor, I've couple questions maybe someone can help? 23:24 < Alternity> nasty fucking malware 23:24 < dragonfleas> Hunterkll, yes 23:25 < Hunterkll> transfer that file and check it 23:25 < dragonfleas> i'm looking at it 23:25 < Hunterkll> how much ram does your ASA have? 23:26 < dragonfleas> 128 MB 23:26 < Hunterkll> ! 23:26 < Hunterkll> RAM or FLASH 23:26 < rpifan> so yall does anyone work for stage / music / festival it 23:26 < dragonfleas> ram 23:26 < Hunterkll> 5510 never shipped with that low amount of ram 23:26 < dragonfleas> it's a 5505 23:26 < Hunterkll> default shipping configuration was 256gb 23:26 < rpifan> there have to be positions where u work for bonnaroo / okechobee / music fests in the it field 23:26 < Hunterkll> why'd you say 5510 in the beginning 23:26 < Hunterkll> -_- 23:27 < dragonfleas> i referred to it wrong sorry 23:27 < dragonfleas> i'm looking at a 5505 23:27 < Hunterkll> okay 23:27 < Hunterkll> 128MB was internal flash 23:27 < Hunterkll> and you CAN run 9.2 then 23:27 < Hunterkll> but 23:27 < Hunterkll> dragonfleas, https://i.imgur.com/Lt0fTJ9.png 23:27 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 38,724 bytes 23:27 < Hunterkll> so on that 23:27 < Hunterkll> you have Total Flash: 128MB and Total Memory: 128MB 23:27 < Hunterkll> ? 23:28 < dragonfleas> SHIT 23:28 < dragonfleas> i was looking at flash lmaooo 23:28 < aName> What's the command on a cisco ASA to list VPN users? I know I pipe something to grep but can't remember what 23:28 < dragonfleas> i have 512 mb 23:28 < Hunterkll> OKAY 23:28 < Hunterkll> good 23:28 < dragonfleas> of RAM 23:28 < Hunterkll> because you need that 23:28 < dragonfleas> LMAO 23:28 < Hunterkll> lol 23:28 < Hunterkll> because that's the min req 23:28 < Hunterkll> i was about to be NO WONDER 9.1 FAUCKING TOOK SO LONG TO BOOT 23:28 < dragonfleas> ok so i should revert to the old config? 23:28 < dragonfleas> looks like the config was from when i was running 8.2 23:29 < Hunterkll> ya... copy oldconfig_whatever startup-config 23:29 < aName> Nevermind I got it 23:30 < Hunterkll> dragonfleas, and change your boot file to the right version 23:30 < dragonfleas> i can't get into SSH on the firewall 23:30 < dragonfleas> says access denied now 23:30 < dragonfleas> fuck i think config is fucked 23:30 < Hunterkll> so like, 'boot system disk0:asa-825.bin" or whatever 23:30 < Hunterkll> then do it using file manager 23:30 < Hunterkll> in ASDM 23:31 < Hunterkll> since it seems ASDM is still working 23:32 < Hunterkll> https://i.imgur.com/xStgzML.png 23:32 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 91,753 bytes 23:33 < Hunterkll> you can change boot image there 23:33 < dragonfleas> it says bad filename 23:33 < dragonfleas> when i tried to copy it over 23:33 < Hunterkll> dragonfleas, you did copy old-config.cfg startup-config ? 23:34 < dragonfleas> that's the command i put 23:34 < dragonfleas> and it said "error parsing file name" 23:35 < Hunterkll> dragonfleas, download startup-config.cfg 23:35 < Hunterkll> as a backup 23:35 < Hunterkll> then 23:35 < Hunterkll> take your local copy of oldconfig 23:35 < Hunterkll> rename it to startup-config.cfg 23:35 < Hunterkll> delete startup-config.cfg on the device 23:35 < Hunterkll> and upload the file 23:35 < Hunterkll> then set your boot image to the old ASA image 23:35 < Hunterkll> and then reload - do NOT write mem or save config 23:36 < dragonfleas> all i see is 8_2_5_0_startup_cfg.sav 23:37 < dragonfleas> i don't see a startup-config.cfg 23:37 < Hunterkll> O.o 23:37 < dragonfleas> i'm in file management viewing everything 23:37 < Hunterkll> dragonfleas, https://i.imgur.com/ghT8y7E.png 23:37 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 105,125 bytes 23:37 < Hunterkll> nothing like that? 23:38 < dragonfleas> https://imgur.com/5MlMLJZ 23:38 <+layer-eight> * dragonfleas → IMGUR Image → Image/png → a few seconds ago → 827x557 → ⚘ 3 23:38 < Hunterkll> dragonfleas, did you ... scroll down? 23:38 < dragonfleas> yeah 23:38 < dragonfleas> still no startup-config 23:39 < Hunterkll> dragonfleas, i'm curious now. under configruation / device management / system image/configuration / boot image/configuration 23:40 < Hunterkll> what is hte 'boot configuration file path' 23:40 < dragonfleas> how do i see that? 23:40 < Hunterkll> that's the menu path in ASDM 23:40 < Hunterkll> https://i.imgur.com/xStgzML.png 23:40 <+layer-eight> * Hunterkll → IMAGE/PNG Document, 91,753 bytes 23:40 < DomLS3> SonicWall > Cisco 23:41 < rpifan> sonice youth? 23:41 < rpifan> sonic reducer aint no loser 23:41 < rpifan> gotta sonic reducer 23:41 < Hunterkll> DomLS3, thought the channel said no trolling 23:41 < joelazot> Hunterkll: how many sentences should i have in a paragraph 23:41 < DomLS3> Hunterkll: Who is trolling 23:41 < Hunterkll> joelazot, depends on who you're submitting too and how good you can suck off the professor 23:41 < joelazot> it's high school 23:41 < DomLS3> joelazot: 4-6 23:41 < joelazot> ty 23:42 < Hunterkll> ya thats about right for amatuer shit 23:42 < DomLS3> Amatuer shit like Cisco 23:42 < Hunterkll> if you go pro make sure you add an extra inch or two and get some good shampoo 23:42 < Hunterkll> er i mean 23:42 < dragonfleas> https://i.imgur.com/5AwABwO.png 23:42 <+layer-eight> * dragonfleas → IMAGE/PNG Document, 64,069 bytes 23:42 < Hunterkll> dragonfleas, well, you sure as hell didn't downgrade to 8.4.(5) 23:42 < Hunterkll> lol 23:42 < dragonfleas> yeah 23:42 < dragonfleas> what do i do 23:43 < Hunterkll> dragonfleas, oh, go into licensing and save the information in activation key section 23:43 < Hunterkll> for that matter how are you running ASDM ... 23:43 < Hunterkll> this is spooky action at a distance shit here 23:43 < dragonfleas> why would i save the activation key? 23:44 < Hunterkll> because going backwards in firmware can sometimes mess with licensing 23:44 < Hunterkll> and only licensing 23:44 < Hunterkll> not functions 23:44 < Hunterkll> but that way you can always restore the licensed feature set too 23:44 < Hunterkll> you should have that, and the config, backed up forf EVERY device you have 23:44 < dragonfleas> ok done 23:44 < dragonfleas> what do i do now 23:44 < dragonfleas> go to 8.4(5)? 23:44 < Hunterkll> no 23:45 < Hunterkll> we'll just do a full revert first 23:45 < dragonfleas> how do i do that 23:45 < Hunterkll> upload that .sav file as startup-config.cfg 23:45 < Hunterkll> and then set your boot file as the old firmware image 23:45 < dragonfleas> what .sav file? 23:45 < Hunterkll> .... the one that started with the 8_2_5 23:45 < dragonfleas> ok 23:45 < Hunterkll> <dragonfleas> all i see is 8_2_5_0_startup_cfg.sav 23:45 < dragonfleas> so just rename it? 23:45 < Hunterkll> yea 23:45 < Hunterkll> make sure you got local backup copies of everything 23:46 < Hunterkll> dragonfleas, also set the 'boot configuration file path' to the startup-config just in case 23:46 < dragonfleas> ok done 23:47 < dragonfleas> so i'm reverting to 8.2(5)? 23:47 < Hunterkll> yes 23:47 < Hunterkll> so now you should have boot image location being ONLY 8.2(5)'s .bin file 23:47 < dragonfleas> ok, everything is done, should i apply and reload? 23:47 < Hunterkll> and set your ASDM image file path too 23:48 < dragonfleas> ok done 23:48 < Hunterkll> apply 23:48 < Hunterkll> check the file modificaiton date/time of startup-config 23:48 < Hunterkll> to make sure it didn't just get modified again by the apply 23:48 < Hunterkll> then reload 23:48 < Hunterkll> in fact, you may want to re-upload it again just to be safe 23:48 < rpifan> anyone mess aroud with nfc and mifare 23:49 < dragonfleas> oops 23:49 < dragonfleas> just saved the running config 23:49 < dragonfleas> i think i broke it 23:49 < Hunterkll> lol no 23:49 < Hunterkll> delete and re-upload 23:49 < dragonfleas> i'm kidding lol 23:49 < dragonfleas> here we go 23:49 < dragonfleas> my palms are sweaty 23:49 < Hunterkll> lol 23:49 < dragonfleas> knees are weak 23:49 < dragonfleas> Hunterkll, thanks for your help by the way 23:50 < dragonfleas> this would have cost me 500 dollars from a network consultant 23:50 < Hunterkll> lol and i'm using my home setup to take screenshots 23:50 < Hunterkll> :P 23:50 < Hunterkll> okay 23:50 < Hunterkll> and we'll go to 8.4(6) 23:50 < Hunterkll> http://sfree.ws/model?main_group_id=1&child_group_id=174&model_id=1509&release_id=25870 23:50 <+layer-eight> * Hunterkll → sfree.ws 23:50 < Hunterkll> since that's what cisco recommends in the software version chart 23:50 < Hunterkll> the one that said 8.4(5) was older 23:51 < catbeard> rip dragonfleas network 23:51 < catbeard> jk 23:51 < dragonfleas> I'm still getting access denied 23:51 < dragonfleas> wtf 23:51 < Hunterkll> eh 23:51 < Hunterkll> as long as ASDM is working 23:51 < Hunterkll> we can fix that 23:51 < Hunterkll> enable probably went sideways in the single shot upgrade 23:52 < dragonfleas> WTFFFFFFFFF 23:52 < Hunterkll> hm 23:52 < Hunterkll> enough F's to need a console cable but not enough to worry yet 23:52 < Hunterkll> :) 23:52 < Kobe``> lebron coming to LA who's hyped 23:53 < dragonfleas> https://i.imgur.com/dhwV9e0.png 23:53 <+layer-eight> * dragonfleas → IMAGE/PNG Document, 25,364 bytes 23:53 < dragonfleas> why did this come up if we reverted!??!?? 23:53 < Hunterkll> er 23:53 < Hunterkll> better yet 23:53 < Hunterkll> how did you get it to log in before 23:53 < Hunterkll> just hit continue without upgrade 23:53 < Hunterkll> change the boot file. again. 23:53 < Hunterkll> wait 23:53 < Hunterkll> you have the upgrade 23:53 < Hunterkll> lol 23:54 < Hunterkll> just upgrade it 23:54 < dragonfleas> ok i'm in 23:54 < dragonfleas> without upgrade 23:54 < dragonfleas> what do i do now 23:54 < Hunterkll> cxheck boot file settings 23:54 < Hunterkll> dis weird 23:55 < dragonfleas> boot image is 917(23) again 23:55 < dragonfleas> wtfffffffff 23:55 < dragonfleas> should i revert again? since I have the config saved locally? 23:56 < Hunterkll> the old ASDM may not have been able to save it 23:56 < Hunterkll> update ASDM first 23:56 < Hunterkll> new ASDM can support old firmware --- Log closed Wed Jun 13 00:00:06 2018