Back to Home / #linode / 2006 / 01 / Prev Day | Next Day
#linode IRC Logs for 2006-01-01

---Logopened Sun Jan 01 00:00:22 2006
00:04|-|dddd44 [dhb55@] has quit [Read error: Connection reset by peer]
00:08|-|dddd44 [dhb55@] has joined #linode
00:16|-|Shaun2222 [] has joined #linode
00:24|-|Shaun [] has quit [Ping timeout: 480 seconds]
00:24|-|Shaun2222 changed nick to Shaun
01:19<taupehat>do it right now
01:23<JasonF>it's showing all ms crap for me
01:23<JasonF>oh well, time to sleep it off :P
01:23<taupehat>JasonF: look higher in the result
01:24<@mikegrb>welcome to 1995
01:24<taupehat>hi mikegrb
01:25<@mikegrb>been like that since 95
01:25<@mikegrb>at least
01:25<taupehat>mikegrb: did they register with tucows in 1995?
01:26<taupehat>1991 if I read this record right
01:26<taupehat>just seems odd that they'd use tucows
01:26<@mikegrb>them being registered with tucows has nothing to do with all the non ms results
01:27[~]taupehat is a bit blotto and easily led down the garden path
01:27<taupehat>happy new years btw
02:01<taupehat>Sun Jan 1 00:01:03 PST 2006
02:01<taupehat>bah, missed it
02:01<taupehat>but happy new years
02:26|-|Dreamr3 [] has quit [Ping timeout: 480 seconds]
02:27|-|Dreamr3 [] has joined #linode
02:32|-|dddd44 [dhb55@] has quit [Read error: Connection reset by peer]
02:38|-|dddd44 [dhb55@] has joined #linode
03:01<internat>it was only new years like 19hrs ago
03:01<internat>get with the times
03:11[~]guinea-pig wakes up...
03:11<guinea-pig>oh i missed it :(
03:17|-|dddd44 [dhb55@] has quit [Read error: Connection reset by peer]
03:22|-|dddd44 [dhb55@] has joined #linode
03:29|-|dddd44 [dhb55@] has quit [Read error: Connection reset by peer]
03:47<@linbot>New news from wiki: AppInfo: screen <>
03:47<@linbot>New news from forums: Getting random mysql errors intermitently and ideas? in Linux, Apache, Mysql and PHP (LAMP) Forum <> || PostgreSQL or MySQL? in Linux, Apache, Mysql and PHP (LAMP) Forum <> || apt-get unable to parse status file in General Discussion <> || Host 40 Panic in System and Network Status
04:26|-|internat [] has quit [Ping timeout: 480 seconds]
04:28|-|jekil [~alessandr@] has joined #linode
04:33|-|internat [] has joined #linode
04:41|-|internat [] has quit [Ping timeout: 480 seconds]
04:42|-|internat [] has joined #linode
05:42|-|jekil [~alessandr@] has quit [Quit: Leaving]
05:47|-|darkbeholder [] has quit [Ping timeout: 480 seconds]
06:53|-|Ciaran [] has joined #linode
07:00<Ciaran>I have a question for caker or mikegrb. Do either of you mind if I /msg you?
07:46<JasonF>the first email of the year for me is the DARN LINODE BILL!@!!!!!
07:47|-|internat [] has quit [Quit: This computer has gone to sleep]
07:55<@linbot>New news from forums: Quick emerge --sync for Gentoo in Performance and Tuning <>
08:01<@linbot>New news from forums: Ubuntu and iptables loaded at boot time? in General Discussion <>
08:07<@linbot>New news from forums: Bind Help or Tutorial in Linux Networking <>
08:11|-|predius [] has joined #linode
08:20|-|darkbeholder [] has joined #linode
08:26|-|iggy [~iggy@] has quit [Ping timeout: 480 seconds]
08:49|-|jekil [~alessandr@] has joined #linode
09:21|-|UWO [] has joined #linode
09:23<UWO>hi all,
09:23<UWO>my linode a/c has just been activated and I just installed CentOS
09:23<UWO>but it seems that I can't ping the IP nor can I ping outside hosts inside my CentOS...
09:24<JasonF>UWO: are you using a 2.6 kernel?
09:24<UWO>I think it is 2.4
09:24<JasonF>if you didn't change it, it's 2.4
09:24<JasonF>have you tried using lish
09:25<JasonF>and checking the ip configuration settings?
09:25<UWO>yes, I can only get into my CentOS only thru lish...
09:25<UWO>I think the IP config is sane..
09:25|-|Redgore [~Redgore@] has quit [Quit: A geek without purpose - | SMDC-Network IRC -]
09:25<UWO>kind of strange..maybe becoz I am a new user?
09:26<UWO>they need some times to set things up?
09:26|-|Redgore [~Redgore@] has joined #linode
09:37<JasonF>it's probably some network setup issue
09:37<JasonF>post it on the forum and see if anyone has any ideas
09:43<UWO>good idea,
09:43<UWO>thanks Jason :)
09:47|-|lhurgoyf [~can@] has joined #linode
10:07|-|emcnabb [] has quit [Quit: IRC: Where men are men, women are men, and little girls are FBI agents]
10:10|-|UWO [] has quit [Quit: UWO]
10:39|-|FireSlash [] has joined #linode
10:47|-|FireSlash [] has quit [Ping timeout: 480 seconds]
10:49|-|lhurgoyf [~can@] has quit [Quit:]
10:55<Narada>hm need something to remind me about how to use debian package management; haven't used it in yearsw
11:12<Ciaran>I need to go for a bit. But Narada, I believe the most important commands are "apt-get install <package>" and "apt-cache search <text>" to install and search for packages respectively. I assume uninstalling is "apt-get uninstall", but don't quote me on that. I don't know much about Debian's package management system.
11:13<Narada>yes thanks Ciaran you are a gentoo dev right right?
11:13<Ciaran>No, that's another Ciaran. :D
11:13<Narada>oh sorry
11:14<Redgore>thats a good guide on package management for debian
11:14<Narada>Ciaran: which distro have you used out of curiosity
11:14<Ciaran>No worries. ciaranm is the Gentoo dev you mean. But I do use Gentoo on my Linode, and on my home computer.
11:14<Ciaran>Heh. Mind-reader.
11:14<Narada>Redgore: i will definitely check it out thank you
11:14<Narada>Ciaran: ah nice :)
11:15<Ciaran>I'm thinking of switching to another distro, but at the same time I adore Gentoo's flexibility.
11:15<Ciaran>But Gentoo isn't the best choice for Linodes, in my experience.
11:16<Narada>Ciaran: that's exactly my thoughts; i use gentoo on every possible machine server or desktop; but i'm looking into switching some of them to debian due to it being binary dist and also more stable for production
11:16|-|iggy [~iggy@] has joined #linode
11:16<Narada>Ciaran: i know what you mean; my linode is on gentoo and has been struggling badly; that's why i've deployed debian on my second new linode
11:17<Narada>except now i need to actually learn about debian again; it's been several years since i used it
11:17<Ciaran>You have two Linodes? Nice. Out of curiosity, what types are they? I'm curious as to how much it costs you.
11:18<Ciaran>It's funny, actually. I've made a semi-automatic stub for emerge that let's me automatically transfer packages from my home computer that have already been transferred.
11:18<Narada>well my setup is not of the usual linode user; both my linodes are of custom specification; the second one is a test linode only for a specific duration
11:19<Ciaran>Like, I can do "emerge --mc somepackage" and because of the new --mc switch it'll automatically check to see if my home computer has it, and if so, ask for the root password and use quickpkg to make the package, transfer it over to the Linode, and then use use emerge -K to install it.
11:20<Narada>ah that's a very nice trick but could potentially use more bandwidth but still very effective
11:20<Ciaran>The above saves a bit of time but can cause hell when things are slightly different.
11:21<Narada>Redgore: yup that guide is exactly what i need :)
11:21<Ciaran>I tried to use it to upgrade my version of Apache. Unfortunately the binary Apache seemed to be linked to stuff that I didn't have on the Linode. I can't remember why specifically, but in the end I had to emerge it normally anyway.
11:21<Redgore>thats the big strength of debian, good documentation
11:23<Narada>i'm glad to hear that as i'm considering adopting debian now
11:23<Ciaran>So am I.
11:23<Narada>however i would also like to point out that gentoo is very strong in documentation too
11:23<Narada>xen + debian would be a good combination that i will adopt when xen is released
11:23<warewolf>Linux is Linux is Linux by any other name
11:24<Ciaran>The one peeve I have with binary distros is that packages can come with dependencies that you don't want or need, whereas compiling from scratch with USE flags allows you to pick and choose what you want.
11:24<warewolf>yeah gentoo is super flexible
11:24<Narada>warewolf: you use it too?
11:24<warewolf>I /used/ gentoo.
11:25<warewolf>it was an interesting experience.
11:25<warewolf>I liked some aspects, and completely disliked others
11:25<warewolf>I love emerge. It's the slickest thing since sliced bread.
11:25<Ciaran>I mean, there are programs for which an X interface is optional. Most binary packages will have it built with X though, even if you don't want that on a Linode.
11:25<Ciaran>Ohyes. Emerge rules.
11:25<warewolf>but I absolutely can't stand the rc scripts in gentoo.
11:25<Narada>Ciaran: yes i agree
11:26<Ciaran>warewolf: You go for sysvinit-style scripts, then?
11:26<warewolf>I like sysv
11:26<Ciaran>warewolf: You can use that with Gentoo too, you know.
11:26<warewolf>I like /etc/rcX.d/ /etc/init.d, etc
11:26<Narada>i'm not aware of this other style of scripts
11:26<Ciaran>There's a package for it.
11:26<warewolf>Ciaran: oh yes I bet there's a package for it, but how much do the other preexisting packages tie into it?
11:26<Narada>hmm what is the purpose of the two rc.d and init.d dirs
11:27<Ciaran>warewolf: Good point.
11:27<warewolf>Narada: init.d is the "real" location of all the init scripts
11:27<warewolf>Narada: the rcX.d (rc2, 3, 4, 5.d) are the per-runlevel softlink directories that link back to the "real" scripts.
11:27<Ciaran>Narada: sysvinit uses runlevels 0 to 6. 0 is shutdown, 1 is single user, 3 is normal text-mode multiuser, 5 is graphical multiuser, 6 is reboot.
11:28<Narada>ah thanks for explaining that
11:28<Ciaran>In each rcX.d directory you have symlinks like S05something that link to the appropriate init.d script. The S means "start", and the "05" indicates the order it should go in.
11:28<Narada>hmm so why prefer this over the init.d only style i wonder
11:29<Narada>is it because the logic or ordering them exists within init scripts and having to cache dependencies
11:29<Ciaran>So when that runlevel is executed, it looks at the rcX.d directory for that runlevel and runs the file with an argument of "start" or "stop" depending on if the first letter is "S" or "K".
11:30<Ciaran>Narada: The sysV style has been in use for a looooong time. You'll find it in just about every single version of Linux.
11:30<Ciaran>Except Gentoo, of course.
11:31<Ciaran>Having said that, I like Gentoo's init. It handles dependencies and everything.
11:31<Narada>yeah it's very easy to use and understand; the frequent caching can be annoying but it's not always so frequent
11:33<warewolf>I used the Hardened version of Gentoo, and I started from stage 1 compiling everything from scratch
11:33<Ciaran>On your Linode?
11:33<warewolf>I wanted everything to be compiled with stack protector (propolice), GRSecurity, so on and so forth.
11:33<warewolf>no, on my company laptop
11:33<warewolf>I intended to take it to DefCon and /not/ get rooted :)
11:34<Ciaran>I was wondering. I didn't think Hardened was possible with no way to do a custom kernel. :D
11:34<warewolf>^ up there I kept an emerge package for X that fixed my laptop's backlight
11:34<warewolf>oh and here
11:34<Ciaran>Ah, cool.
11:34<warewolf>all the omfgwtf patches for the kernel to get all sorts of shit in there
11:34<warewolf>old old old old old stuff.
11:35<Narada>holy cow that's a lot of customisation
11:36<warewolf>it /worked/ too.
11:36<warewolf>and omfgwtf was it a pain to get software suspend + grsecurity working together
11:36<Ciaran>I've never experimented with Hardened or SELinux or anything.
11:36<warewolf>there's some process flags that were clashing
11:36<warewolf>I had to renumber some things in some headers
11:37<warewolf>now, my company laptop is running RHEL4
11:37<warewolf>I really like redhat because it makes things easy. I also really like RPM
11:37<Narada>heh you really do treat your laptops like enterprise machines don't you :)
11:37<warewolf>once you learn how to make it your bitch, it's slicker than shit.
11:37<Narada>you like RPM?!
11:37<Ciaran>RPM is pretty good. Lots of people hate it though.
11:38<Redgore>rpm's problems come down to its packagers
11:38<warewolf>a lot of people hate RPM because people made bad RPM packages.
11:38<Redgore>not the system in a whole
11:38<warewolf>lately there have been people who try /hard/ not to make bad packages
11:38<warewolf>like Dag Wieers (
11:38<Ciaran>Yeah, but people hate the system as a whole because of it.
11:38<warewolf>and RPMForge
11:39<warewolf>I learned Linux on Slackware (and decided tar -zxvf package.tar.gz && cd package && make && make install was a poor package system),
11:39<warewolf>then moved to redhat back before there were good 3rd party packagers
11:40<warewolf>got burned a bunch of times by bad packages
11:40<Ciaran>I'm a Slackware weenie as well.
11:40<warewolf>(oh man, Ximian Gnome, I loved how their uninstaller uninstalled the *entire* machine)
11:40<Redgore>I learned linux on a run on windows partition distro, went on to mandrake as it was then, used at least 30 odd distro's. now have settled on debian, slackware and mandriva
11:41<warewolf>mandrake appears to be all fluff to me, and that's pretty much been my experience
11:41<Ciaran>It was funny, actually. I tried Mandrake (as it was called back then) at one point and was amazed at how everything just worked. Then I tried going back to Slackware for a bit and had so many problems getting things to work that I gave up and moved to Mandrake for a few years.
11:41<warewolf>debian is just .. strange .. debian has it's own strange way of doing things, some that really rub me the wrong way
11:41<Ciaran>Mandrake was basically my first introduction to use Linux full-time.
11:42<Redgore>I was on slackware on my main machine when I went linux only
11:42<Ciaran>Started with 9.0, used 9.1 later. rpmdrake was a godsend.
11:42<Redgore>gone to mandriva now on my main machine, 9.2 was the last mandrake I used before mandriva 2006
11:42<Ciaran>I moved to Gentoo after that, and I'm still using it
11:44<Narada>hm don't know anything about mandriva
11:44<Redgore>the greatness of open source software, choice
11:44<Ciaran>Me neither.
11:44<Ciaran>Yeah, choice is awesome.
11:45<Redgore>its not like you can use Novell Windows :P#
11:45<Ciaran>Or Microsoft NetWare. ;p
11:45<Narada>i love linux because as i use it i learn; learning is very important to me
11:45<Ciaran>*nods* Me too.
11:47<Ciaran>Gentoo's my perfect distro. Not only is it a lot more standard than the distro I used previously (Mandrake), it's also very awesomely flexible. As an example, I use KDE on this box, but I don't have Konqueror installed. Why? Because I don't use it, and nothing I've installed has needed it either.
11:47<Narada>there were times before when i'd try like seven distros in a day just to see how they all did it but now i've forgotten all but the ones i use; i don't have the time to try news ones anymore
11:47<Redgore>I always tested distro's for at least a week
11:48<Redgore>but I think ill settle down properly
11:48<Narada>heh yeah i only did that once bit crazy i know:)
11:48<Redgore>so no more testing of them
11:48<Ciaran>The one problem with Gentoo, of course, is the compilation time. First time I compiled 'kde' (and this was before it had split packages), it took a total of 15 hours to compile.
11:49<Ciaran>I've never even tried to compile I've always just used the binary provided in emerge.
11:49<Narada>heh yeah same here
11:49<Narada>linode & gentoo is an excrutiatingly slow combination at least in my experience
11:49<Ciaran>And mine.
11:50<Ciaran>And I'm probably not doing the other users on the host any favours either...
11:50<Redgore>one of the reasons why I wouldnt use gentoo on a linode
11:50<Narada>like the migration to gcc 3.4.4 and the following emerge -e world is going to take bloody forever
11:50<Redgore>personally i think caker should put all gentoo users on the same hosts
11:50<Ciaran>Narada: Why bother? You don't need to recompile everything just 'cuz you got a new compiler version.
11:50<warewolf>and let them all DoS each other
11:50<warewolf>that would be wrong :P
11:51<Redgore>nah that would be good
11:51<Narada>it's safer; there's linked libraries all over the place
11:51<Narada>plus the kernel needs to be compiled with same compiler
11:51<Redgore>and they shouldnt be allowed to change distro either :P
11:51<warewolf>Narada: I call bullshit
11:51<Ciaran>Narada: What do you mean?
11:52<Ciaran>Right now I have one gcc version on my home computer, 3.3.6. I don't have any other SLOTted versions and I've never done an emerge -e world. And everything works fine.
11:52<Narada>well the nvidia-kernel and kernel need the same compiler
11:53<Narada>emerge -e world compiles nvidia-kernel but doesn't recompile the kernel so you have to do it manually
11:53<warewolf>Narada: the nvidia-kernel package is adding binary modules into an already existing kernel, so that does require a similar build envirionment, not necessarially the same compiler.
11:53<Narada>i'm not saying emerge -e world is mandatory but it is recommended in the gcc upgrade guide
11:54<Narada>well you have to recompile it otherwise it won't work; you know what i mean
11:56<Ciaran>Narada: I just checked my setup. As far as I can tell, my nvidia-kernel was compiled with gcc-3.3.5 and my kernel with gcc-3.3.6.
11:57<Narada>yeah that's because it is the same branch with same C++ ABI
11:57<Ciaran>I believe that's what you mean, anyway.
11:58<warewolf>ABI is the binary interface
11:58<warewolf>API is the programming interface
11:58<Ciaran>Okay then.
11:58<warewolf>and I think the kernel isn't C++.
11:58<warewolf>I think it's C.
11:58<Ciaran>Okay, yeah, so the upgrade to gcc-3.4 will cause problems. But I imagine that as long as you recompile glibc, the kernel, and any kernel modules you have, you should be fine.
11:59<warewolf>I think Linus hates C++ with a passion.
12:00<Narada>i meant gcc
12:01<Narada>well yes you could do a bare minimal rebuild which i will do on my linode
12:01<Narada>but for my physical machines they can handle the load like dual xeons etc
12:02<Narada>it's nice to know that the OS binaries have been built by a common compiler just for uniformity i guess
12:03<taupehat>anyone else read ISC today?
12:03<warewolf>handler's diary?
12:03<warewolf>the IM worm exploting the WMF vuln?
12:04<warewolf>oh god
12:04<warewolf>trustworthy computing?
12:04<Ciaran>It's funny, actually. For my home computer I've stuck with kernel version 2.6.9 because that's the last version I could find that I could actually still apply the supermount patch to, albeit with a bit of tweaking. 2.6.10 introduced a completely new way of doing things.
12:04<taupehat>read the article
12:04<taupehat>warewolf: he's co-opting the name
12:04<warewolf>er, reads.
12:04<warewolf>*pauses tivo*
12:04<Ciaran>taupehat: ?
12:04<warewolf>Ciaran: yes
12:05<warewolf>any IT professional reads the handler's diary daily :)
12:05<taupehat>or anyone posing as such
12:05<warewolf>it's part of my _job_ to read it :)
12:05<taupehat>mine too
12:05<taupehat>by the way
12:05<warewolf>This new exploit code generated WMF files that were sufficiently different that they bypassed nearly all AV and IDS signatures.
12:05<Ciaran>I already unregistered shimgvw.dll on my Windows laptop, but I haven't installed any patch yet. I should do that.
12:05<warewolf>well shit
12:06<taupehat>anyone in here know of a good management tool for windows boxes that works more or less like SMS but runs on a Samba domain?
12:06<taupehat>I've inherited a large, spread-out network with zero client management or even inventory capability
12:07<warewolf>taupehat: you consider Dameware and I will come through the ethernet and castrate you my self.
12:07<warewolf>just to get that clear. :)
12:07<taupehat>right now when a machine turns up compromised and doesn't have a sensible machine name, my solution is to drop the MAC address at the gateway and wait for the phone to ring
12:07<taupehat>which is clearly less than ideal
12:07<warewolf>taupehat: I wish I had that kind of power.
12:07<taupehat>warewolf: it's not something I take lightly, nor is it what I want to be doing
12:08<warewolf>taupehat: you would not believe how many worms have entered the enterprise network and propigated out of a .. local area across the backbone to cause a clusterfuck
12:08<warewolf>taupehat: our IT policy states that employees are not allowed to connect company computer equipment to networks that are not protected by corporate internet firewalls
12:09<Ciaran>I wonder if it's worth temporarily unplugging the network cable to my box at work tomorrow until I unregister the DLL and apply the patch.
12:09<warewolf>taupehat: nevertheless, employees take laptops home, jack into their AOL for Broadband, and infect themselves with blater/sasser/witty/etc and BRING IT FUCKING HOME.
12:09<taupehat>what's wrong with dameware
12:09<taupehat>warewolf: yeah, laptops are my primary concern
12:09<warewolf>taupehat: dameware is chock full of holes. Please use an enterprise class solution, if possible.
12:09<taupehat>when I get enough stakeholder backing, I'm banning windows laptops from the network, period.
12:09<taupehat>oh also
12:09<warewolf>taupehat: how big is the company you work for?
12:10<taupehat>my annual software budget (to manage about 300 computers) is $500 US
12:10<warewolf>this is why I hate working in the IT industry
12:10<warewolf>we're so not understood, underfunded, and undermanned.
12:10<warewolf>and then we get yelled at when shit breaks when we're already overworked
12:10<taupehat>I work in K12 education
12:10<taupehat>we really are underfunded, not just in IT
12:11<warewolf>oh christ dude
12:11<taupehat>like, horribly
12:11<warewolf>you need a paypal button or something
12:11<taupehat>the middle school has classes with 40 students
12:11<warewolf>taupehat: ok your best solution is to daily re-image workstations
12:11<warewolf>I shit you not
12:11<taupehat>no, seriously
12:11<warewolf>I'm dead serious
12:11<taupehat>I don't have anywhere near the storage for that
12:11<warewolf>set up a box for network storage
12:11<taupehat>not even remotely close
12:11<warewolf>oh come on
12:12<warewolf>you can get two 500gb IDE Drives and throw samba on a linux box
12:12<taupehat>my profiles/homedirs server is 89% utilized
12:12<taupehat>my hardware budget is >gone<
12:12<warewolf>start deleting mp3s
12:12<taupehat>already checked
12:12<taupehat>it's just full
12:12<warewolf>do you have quotas on?
12:12<warewolf>turn them on
12:12<taupehat>but I know who's using space
12:12<taupehat>and nobody's using much
12:13<taupehat>jdiskreport is my friend =]
12:13<warewolf>then you'll get people who are complaining about the lack of disk space to get more disk space for you
12:13<warewolf>when it's 500 voices v.s. 1, the 500 win
12:15<Ciaran>Place your bets now, gentlemen. How badly is this whole thing going to look by the time Microsoft get round to releasing a patch? And how many people will actually apply the thing?
12:15<taupehat>now that you've mentioned dameware, it looks like the first thing that fits my budget
12:15<warewolf>Ciaran: it is a critical threat
12:15<taupehat>Ciaran: I'm guessing that it'll be pretty ugly, but nothing catastrophic
12:15<warewolf>no, it is catastrophic.
12:15<@linbot>... but it is up briefly, warewolf ...
12:15<warewolf>the WMF vuln can come in via .gif, jpg, bmp, etc
12:15<taupehat>linbot: what is up briefly?
12:16<warewolf>there's no way to block it
12:16<Ciaran>warewolf: You mean it doesn't even rely on a particular MIME type?
12:16<taupehat>WMF uses "magic bits"
12:16<warewolf>it detects it via the file header
12:16<Ciaran>Ah, right.
12:16<warewolf>and windows explorer or IE will render it no matter what the extension is.
12:17<Ciaran>How about Firefox?
12:17<Ciaran>If it's local, does it use the magic bits or the extension?
12:18<warewolf>under windows it's still vulnerable
12:18<taupehat>Ciaran: if you have the file in your cache, and anything, say, google desktop, indexes it, or you open the folder... pwned.
12:18<Ciaran>Yeah, I know.
12:18<warewolf>it will still render the image and cause the exploit to happen
12:18<Ciaran>taupehat: Yeah, I realise that.
12:18<taupehat>it's pretty wretched
12:18<taupehat>if a virus scanner reads the file (and doesn't immediately recognize the threat), pwned.
12:18<taupehat>it's pretty bad
12:18<warewolf>god I hate windows.
12:19<warewolf>it gives me a job though.
12:19[~]warewolf goes back to watching TV
12:19<taupehat>the problem to me isn't that microshaft won't have a patch out until the 9th, it's that 3/4 of the bloody intarweb won't have that patch installed
12:19<taupehat>warewolf: really, what's wrong with dameware
12:19<taupehat>this seems like it might fit my scene
12:19[~]taupehat has no budget...
12:19<warewolf>taupehat: it. is. chock. full. of. remote. root. exploit. vulnerabilities.
12:19<warewolf>taupehat: do. not. use. it.
12:20<taupehat>not even the remote client control app?
12:20<warewolf>taupehat: do. not. use. any. part. of. dameware.
12:20<taupehat>the one-off VNC client
12:20<warewolf>if anything use psexec
12:20<warewolf>part of sysinternals utils
12:21<Ciaran>I actually investigate worms, trojans, and such. I have an environment in VMware that seems to be open to programs running but in reality is locked down pretty tightly. I like investigating exactly what happens.
12:21<warewolf>Ciaran: and today's malware writers detect VMWare. Poof.
12:21<taupehat>warewolf: that's a telnet app
12:22<warewolf>taupehat: psexec is not a telnet app
12:22<Ciaran>warewolf: Ah, but they probably don't count on the host being Linux.
12:22<taupehat>Ciaran: they probably _do_
12:22<warewolf>Ciaran: listen to what I said. they detect the emulated enviornment.
12:22<Ciaran>Oh, right. Sorry, I thought you meant that they find a way to propagate to the host.
12:22<warewolf>Ciaran: there are subtle differences in the memory locations of certian things in VMWare that makes it extremely easy to detect
12:23<taupehat>play with fire... prepare to get burned
12:23<warewolf>malware writers once they detect the emulated environment, they discontinue execution
12:23<warewolf>and they usually code the malware to delete itself
12:23<taupehat>warewolf: it's easier than that - they just have to look for hardware like the "VMWare Display Adaptor"
12:23<warewolf>because they don't want you disassembling it.
12:23<warewolf>taupehat: those are text strings and easially changed.
12:23<Ciaran>taupehat: That can be worked around by not installing the VMware Tools.
12:24<warewolf>taupehat: I'm talking about low-level things thare are difficult to change in VMWare unless you actually modifiy the source code to it, or patch it via runtime methods
12:24<Ciaran>And, of course, since VMware is closed-source...
12:24<taupehat>it's easier to put a real windoze box in a sandboxed network and watch the traffic coming off it. There are also some interesting monitoring tools that are essentially rootkits. And then there's wipe-and-reimage afterwards
12:25<taupehat>like I have time to do that shit, though
12:25<Ciaran>The only spare computer I have is a 120MHz Pentium. No way it would run XP, which most things will expect nowadays. But yeah, if it was a good computer I could easily set it up like you say.
12:26<taupehat>Ciaran: if you ever do, just build it clean with whatever apps you want to have on it, and then make an image of the drive. then after you're done playing with some malware, you wipe the sucker
12:27<Ciaran>taupehat: Yeah, that's what I'd do.
12:27<Ciaran>That's the way I do it with VMware at the moment.
12:27[~]warewolf rofls at southpark
12:39<warewolf>holy shit
12:40<warewolf>someone beat caker for last place on ratemylinode
12:40<warewolf>I didn't think that was possible
12:43<taupehat>I dropped to 7th place
12:43<warewolf>that's the most wavering black line I've seen. Ever.
12:43<warewolf>(the black line is the remaining tokens you have)
12:43<taupehat>something tells me that Bad Things are happening to that box
12:47<warewolf>god I hate decoding what my mom says to me over aol IM
12:47<warewolf>talking about me working extra hours "o. u get pd?"
12:47<taupehat>your momma leetspeeches LOL
12:47<warewolf>yes I hate it.
12:47<warewolf>because I know she can touch-type.
12:47<taupehat>did you try telling her this?
12:48<warewolf>that would be the correct thing to do.
12:48<warewolf>I think I might have
12:48<warewolf>my parents are old, and I think it's out of lazyness
12:50<taupehat>so that site that's running really hot
12:50<taupehat>has an interesting mix of pages
12:50<taupehat>bunch of fundy stuff, and then some really weird-looking blog
12:51<taupehat>and this whole knights of telperion is like a mix of king arther meets the crusaders and they birth a bastard child that likes unicorns or something...
12:51<taupehat>word up, people =]
12:52<warewolf>aww, he links to RML
12:52<warewolf>how ince
12:52<taupehat>yeah, I'm not criticising
12:52|-|flint [] has joined #linode
12:52<taupehat>it's an interesting site
12:53<warewolf>USE MY BUTTONS
12:53|-|jekil [~alessandr@] has quit [Quit: Leaving]
12:55<flint>I have a linode question for the brave and brazen of the linode it appropriate to ask in this pause?
12:55<warewolf>if you don't ask, we can't answer.
12:55<flint>BTW Happy New Year la-di-dah.
12:55<taupehat>I thought this channel was for help, not flaming (except when I flame someone)
12:56<@linbot>lol zug moo dance
12:56<flint>taupehat, did not mean to flame, flame not lest you be flamed (but this is also a flame :^) damn recursion!
12:56<taupehat>flint: hehe
12:56<taupehat>well, what's the question
12:57<taupehat>warewolf: all those are linode buttons
12:57<warewolf>taupehat: yes. feel free to use them to link to
12:57<warewolf>I love 80x15 buttons
12:58<flint>ok campers, the tourist question is that I want to set up a bzr repository on a brand spanking new linnode. MDZ himself tried to do this and could not because you are running warty on the User Mode Linux. Is this the case?
12:58<warewolf>can you expand your TLAs please?
12:58<warewolf>what is a bzr repo
12:59<flint>gotcha, BZR is the bazaar repository project for all ubuntu documentation
13:00<flint>mdz is matt zimmerman, the cto of cannonical
13:00<flint>uml is user mode linux...
13:00<warewolf>so what's the application have to do with the distro it's running on?
13:00<warewolf>is something in warty too old?
13:01<flint>good point, the damn thing absolutely needs to have python 2.4 and a whole buncha libraries that it?
13:01<taupehat>so upgrade python?
13:01<taupehat>apt-get install python-2.4
13:01<flint>try as I might I cannot figure out how to simply upgrade from 2.3x to pyhon 2.4
13:01<warewolf>you /can/ upload your own distro images, or perform a net-install (takes some doing though) of your favorite distro
13:02<taupehat>flint: apt-cache search python
13:02<taupehat>I'm pretty sure apt-get install python-2.4 is the magic code
13:02<flint>tried that...Building Dependency Tree... Done
13:02<flint>The following packages have been kept back:
13:02<flint> iptables libgcrypt7 libgnutls10 libssl0.9.7 perl-base sudo wget
13:02<flint>0 upgraded, 0 newly installed, 0 to remove and 7 not upgrad
13:02<Ciaran>Now, this is interesting. Apparently Ethereal sniffs its packets before iptables works its magic in the nat/PREROUTING chain.
13:03<taupehat>apt-get install {list of packages held back}
13:03<taupehat>the do apt-get update
13:03<taupehat>apt-cache search python
13:03<flint>taupehat, I will give this a try...thanks
13:03<taupehat>flint: no problem... let me know if you need more help
13:04[~]taupehat runs debian boxes high and low
13:04<warewolf>flint- we have a bunch of debian users in here, I'm not one of them, but there are a bunch who idle.
13:04<warewolf>flint- stick around and you'll probally get enough help to fix your problem.
13:04<warewolf>(including taupehat)
13:05<flint>taupehat, and warewolf , I am trying the ubuntu path...mdz whined to me about the need to update the uml
13:05<warewolf>flint: any details on what about the UML needed to be updated?
13:05<warewolf>flint: I find it difficult to believe, to be honest.
13:05<taupehat>flint: ubuntu is a derivative of debian, and stuff like apt works the same
13:05<flint>he was vague in this area...
13:06[~]taupehat likes kubuntu quite a bit =]
13:06<flint>mdz is a case of versionitus looking for a place to happen (you can quote me!:^)
13:06<warewolf>creeping featureism
13:07<Ciaran>Oh wait, I'm a pillock. (regarding my Ethereal/iptables thing). Disregard that.
13:07[~]warewolf -c video games then sleep &
13:07<flint>I need to go down the kubuntu path, right now I am playing with the defaults... b back soon leemme try stuff...
13:08[~]taupehat wanders off to write a graphics viewer that allows media files to register callbacks
13:16|-|jekil [~alessandr@] has joined #linode
13:18<flint>taupehat, I think that I am going to can this image and restart apt is very broken at this point
13:18<taupehat>why do you say it's broken?
13:18<taupehat>use if needed
13:19<flint>here ya go.
13:19<flint>Some packages could not be installed. This may mean that you have
13:19<flint>requested an impossible situation or if you are using the unstable
13:19<flint>distribution that some required packages have not yet been created
13:19<flint>or been moved out of Incoming.
13:19<flint>Since you only requested a single operation it is extremely likely that
13:19<flint>the package is simply not installable and a bug report against
13:19<flint>that package should be filed.
13:19<flint>The following information may help to resolve the situation:
13:19<flint>The following packages have unmet dependencies:
13:19<flint> lynx: Depends: libgnutls11 (>= 1.0.16) but it is not going to be installed
13:19<flint>E: Broken packages
13:19<flint>and on and on...
13:19<flint>The following packages have unmet dependencies:
13:19<flint> libgnutls11: Depends: libgcrypt11 but it is not installable
13:19<flint> Depends: libgpg-error0 (>= 1.0) but 0.7-1 is to be installed
13:19<flint> Depends: libopencdk8 (>= 0.5.5) but 0.5.3-1 is to be installed
13:19<flint> Depends: libtasn1-2 (>= 0.2.8) but 0.2.7-2 is to be installed
13:20<flint> Depends: libtasn1-2 (>= 0.2.10) but 0.2.7-2 is to be installed
13:20<taupehat>flint: paste all of that into
13:20<taupehat>and stop spamming the channel!
13:20<flint>taupehat, ok, i do not know how to do than as I am a bit of a newbie on xchat...
13:21<taupehat>open firefox
13:21<taupehat>now paste the URL into here
13:22<flint>there is indeed more.... standby...
13:23<flint>and that is what happened when I merely tried to install lynx!!!
13:23<taupehat>flint: try this
13:23<taupehat>apt-get -f install
13:24<flint>now I have been down the road of fixing aptitiude, and it is not any fun...
13:24<taupehat>forget aptitude for the moment and just stick with the CLI apt
13:24<@linbot>I've never heard of aptitude for the moment and just stick with the CLI apt, taupehat!
13:24<taupehat>linbot: shaddup
13:24<taupehat>11:24 -!- Irssi: Starting query in oftc with linbot
13:24<@linbot>I don't have a clue!
13:24<taupehat>11:24 <linbot> Error: 'shaddup' is not a valid command.
13:24<flint>linbot, apt := aptitiude
13:24<taupehat>linbot: apt != aptitude
13:25<flint>that was the impression I got at some damn lecture... sorry :^)
13:25<taupehat>aptitude is just a graphical interface for apt
13:25<taupehat>you use a terminal to run apt =]
13:26<taupehat>as root, "apt-get -f install" and see what happens
13:26<flint> is the result
13:26<taupehat>oh right
13:26<taupehat>you need to install the heldback packages
13:27<flint>graphical interfaces... WIMPS := WIndows Mice, Pointer Systems...
13:27<flint>taupehat, that sounds logical :^) wonder what packages these are? The nuclear option gets appealing...
13:27<taupehat>apt-get install iptables libgcrypt7 libgnutls10 libssl0.9.7 perl-base sudo wget
13:27<taupehat>do that by copy-paste =]
13:28<taupehat>apt's usually pretty easy to fix
13:28<flint>ah boy I tried that one.. but will again an pastebin the result..
13:29<flint>this is not impossible... it was actually quite encouraging...
13:30<taupehat>apt-cache search libgcrypt
13:32<flint>taupehat, the easy way out of this is to banana the box and let you at it. Want to do this thing?
13:33<taupehat>blow it out =]
13:33<flint>verily... the wheel turns and sysiphus has a brand new day. Thanks for the excellent assist and the lesson in pastebin
13:33<taupehat>good luck
13:33<flint>this will not be forgotten by me.
13:34|-|flint [] has quit [Quit: Leaving]
13:57<Ciaran>I need to go for a bit. Back later.
13:58|-|Ciaran [] has quit [Quit: Leaving]
14:28|-|Dreamr_3 [] has joined #linode
14:28|-|Dreamr3 [] has quit [Ping timeout: 480 seconds]
14:37|-|predius [] has quit [Quit: rofl bai]
14:41|-|jekil [~alessandr@] has quit [Quit: Leaving]
14:42|-|spr [] has joined #linode
14:47|-|jekil [~alessandr@] has joined #linode
14:50<@linbot>New news from forums: Problem with removing postfix in Email/SMTP Related Forum <>
14:51|-|[|^__^|] [] has quit [Quit: leaving]
14:51|-|[|^__^|] [] has joined #linode
15:12|-|[Erik] [] has quit [Ping timeout: 480 seconds]
15:15|-|jekil [~alessandr@] has quit [Ping timeout: 480 seconds]
15:19|-|jekil [~alessandr@] has joined #linode
15:36|-|jekil [~alessandr@] has quit [Ping timeout: 480 seconds]
15:54|-|Battousai [] has joined #linode
15:54|-|jekil [~alessandr@] has joined #linode
16:44|-|internat [] has joined #linode
17:00|-|yarrumretep [] has joined #linode
17:00|-|Battousai [] has quit [Ping timeout: 480 seconds]
17:01|-|yarrumretep [] has quit [Quit: ]
17:01|-|Twist- [] has quit [Ping timeout: 480 seconds]
17:05|-|hotnikks [] has joined #linode
17:05<hotnikks>does anyone else experience high packet loss and latency?
17:06<hotnikks>connectivity to my virtual server (from multiple isps) just cuts out all the time
17:06<hotnikks>started a few months ago
17:11<internat>i do on the odd occasion but it depends on what im doing
17:12<errorlevel>I noticed that when uploading to my virtual server that the speeds would gradually increase and then stall repeatedly.
17:13<Karnaugh>I've never had any of that
17:13<Karnaugh>I'm inclined to think its on your client side
17:13<internat>yeah ive never had that problem with uploading.. or downloadingg
17:13<errorlevel>Hey Karnaugh, I like your maps. ;-)
17:13<Karnaugh>errorlevel: that will happen if you're uploading behind an ethernet segment with a higher capacity than your internet bandwidth
17:13<errorlevel>It quite possibly could be my connection. =)
17:14[~]errorlevel wonders if Karnaugh is familiar with Karnaugh maps.
17:15[~]Karnaugh yawns
17:18<hotnikks>internat; nah not on client side
17:18<hotnikks>im just talking about ssh
17:18<hotnikks>no upload/download at all
17:18<hotnikks>just command line stuff
17:18[~]errorlevel goes back to working on his site.
17:25<hotnikks>karnaugh; i employ frts anyway
17:25<hotnikks>on my pvc to linode
17:26|-|[Erik] [] has joined #linode
17:37|-|jekil [~alessandr@] has quit [Quit: Leaving]
17:38<Karnaugh>you have an ATM PVC to Linode?
17:43<@linbot>New news from wiki: AppInfo: screen <>
17:43<@linbot>New news from forums: Problem with removing postfix in Email/SMTP Related Forum <> || Getting random mysql errors intermitently and ideas? in Linux, Apache, Mysql and PHP (LAMP) Forum <> || Bind Help or Tutorial in Linux Networking <> || Precondition Failed in Linux, Apache, Mysql and PHP (LAMP) Forum <h
17:57|-|besonen [] has quit [Quit: Leaving]
18:27|-|besonen [] has joined #linode
18:35|-|predius [] has joined #linode
19:12|-|yarrumretep [] has joined #linode
19:19<warewolf>PVC "private virtual circuit"
19:21<yarrumretep>greetings folks
19:21<taupehat>sup peter
19:21<yarrumretep>i know it's jan1 and Sun, was wondering if anyone knew lead time for activation of new linode?
19:21<taupehat>depends, usually pretty darn quick
19:22<yarrumretep>yeh - that's the impression i've got
19:22<taupehat>admins may well be having a day off
19:22|-|irgeek [] has joined #linode
19:22<taupehat>which would be well-earned
19:22<internat>lol u guys are behind!
19:22<internat>its monday the 2nd here :P
19:22<yarrumretep>i signed up a couple/few hours ago - was hoping to get on tonight.. maybe beyond all hope
19:23<taupehat>maybe not =]
19:23<yarrumretep>i'm still hoping... mikegrb, any hope for the flowers?
19:23<internat>never know u might get service at some point
19:24<internat>mine came up pretty quickly when i reged it
19:24<taupehat>think mine was going in about seven minutes
19:24<yarrumretep>now that's fast
19:24<internat>yeah.. i guess it depends on the time of day etc
19:24<taupehat>Jan1 is probably not the best day =]
19:24<internat>cause i dont expect them to get up at 3am in the morning and answer my request :P
19:25<internat>tho i do feel sorry for them, getting paged for EVERY ticket request
19:25<taupehat>although sometimes they surprise people like that
19:25<taupehat>internat: really? sheesh
19:25<JasonF>it's 8:25 around their way
19:25<JasonF>so, yeah, it's not early here
19:25<internat>even if its just someone wanting to upgrade or something such.. they get paged
19:26<yarrumretep>yikes - that's some service
19:26<internat>i tell uwhat id be pissy if someone woke me up at 1am in the morning cause they wanted to upgrade
19:26<internat>upgrade denied! back to sleep
19:28<taupehat>When I interviewed for my current job, the question was asked, "What about calls during the weekend?' and I said that was pretty much part of the job. I did say this also: 'On the other hand, if you call me at 3AM, well... don't do that.'
19:29<internat>and u got the job i take it
19:29<internat>what position, if u dont mind me asking
19:30<taupehat>I run tech for a school district.
19:30<taupehat>there's really no justification for a 3AM call in that environment
19:33<internat>is there much work involveD? cause the only work i can think of in a school enviroment is fixing the computers that the kids destory
19:33<taupehat>I never stop working
19:33<yarrumretep>don't mean to pester, mikegrb - is there any hope for tonight, or should i sign off and wait for the morning?
19:33<taupehat>it's insanely busy
19:33<internat>i dont think mike is here..
19:34<internat>his scripts were firing before.. not him
19:34<@mikegrb>mmm cake
19:34<internat>u know ull goto bed and then get the email saying its been activated ;)
19:35<internat>murphays law
19:38<taupehat>anyhow internat
19:39<taupehat>I'm constantly fighting to get enough done at work
19:39<[|^__^|]>are you guys doing that on purpose?
19:39<taupehat>there's no way
19:39<taupehat>SupaZubon: wha?
19:39<[|^__^|]>taupehat: internat and yarrumretep's goofy misspellings
19:39<internat>yeah i cant spell at the best of times
19:39<taupehat>internat: you have to understand, I am the only person in charge of a few hundred computers, printers, switches, media converters, etc.
19:40<taupehat>lots of windows boxes
19:40<internat>yeah... theres the problem, windoze :P
19:40<taupehat>which I inherited sans antivirus software =[
19:40<taupehat>no management tools in place
19:40<internat>format reinstall
19:40<taupehat>it's a fun challenge though
19:40[~]taupehat is trying to figure out the magic combination of tools that will make his job easier
19:40<internat>yeah.. not having management tools.. would be.. umm painful
19:41<taupehat>it is a Samba shop though, which is nice - all my servers are debian
19:41<internat>i suppose that would be interesting with network logins and stuff
19:41<taupehat>eh, it's pretty simple
19:42<taupehat>the windows computers think they're talking to an NT server
19:42<internat>ah ok.. see ive never done anything with that
19:42<taupehat>roaming profiles and network homes and all that
19:42<internat>very nice
19:43<[|^__^|]>okay, so it was deliberate
19:44<internat>is it hard todo stuff like group policys and stuff via samba?
19:44<warewolf>god my coworkers are such fucking idiots
19:44<warewolf>god damn
19:44<internat>lol i have that feeling as well warewolf , what happened?
19:44<taupehat>internat: somewhat, but you just get a copy of poledit.exe and vmware
19:45<internat>oh ok
19:45<warewolf>internat: one of our IDS (intrusion detection systems) console boxes ran out of disk space while I was off on vacation
19:45[~]taupehat chuckles waiting for the punchline
19:45<internat>thats.. kinda.. painful
19:45<internat>how did that happen
19:45<warewolf>internat: I discovered this while on vacation, and provided THE ENTIRE FUCKIGN TEAM instructions on how to fix it.
19:45<taupehat>warewolf: so they left it flailing?
19:45<internat>how did it fill up? just wit logs?
19:45<warewolf>internat: yep
19:46<warewolf>actually daily 2+g backups
19:46<taupehat>go kill them
19:46<internat>kknd :)
19:46<warewolf>I sent a mildly scathing email in response to my own email "Since nobody stepped in on this, I'm fixing it now."
19:46<taupehat>then take the survivors, prop their eyes open with toothpicks while they're strapped to a chair, and force them to watch Vincent Price read the manpage for "logrotate."
19:54<yarrumretep>ok - folks, I'm off - rok on, all!
19:55|-|yarrumretep [] has quit [Quit: yarrumretep]
20:22|-|Battousai [] has joined #linode
20:23|-|Netsplit <-> quits: weasel
20:24|-|Netsplit over, joins: weasel
20:31|-|Luana [] has joined #linode
20:32|-|internat [] has quit [Quit: This computer has gone to sleep]
20:44|-|sprouse [] has joined #linode
21:16|-|sprouse [] has quit [Quit: [BX] For a good time, call 1-900-4BitchX]
21:18|-|Luana [] has quit [Quit: ]
21:52|-|predius [] has quit [Ping timeout: 480 seconds]
21:53|-|predius [] has joined #linode
21:57[~]fo0bar needs fewd
21:57<fo0bar>the fridge is empty
21:57<fo0bar>I wonder if anything's open
21:58<taupehat>there's always 7/11
21:58<taupehat>you can dine on pork rinds and cheetos
22:14<@linbot>New news from forums: apt-get unable to parse status file in General Discussion <>
22:19<warewolf>oh man
22:19<warewolf>I love me some pork rinds
22:32<@linbot>New news from forums: How much should I trust a registrar? in General Discussion <>
22:48<Beirdo>Windows sucks the dong.
22:48<Beirdo>in case y'all had forgotten :)
22:58<taupehat>yeah, haven't forgotten
22:58<taupehat>WMF makes it kind of hard to forget eh
22:59|-|VS_ChanLog [] has left #linode [Rotating Logs]
22:59|-|VS_ChanLog [] has joined #linode
23:26<Beirdo>well, I have the fun of msiexec and iexplore both not working
23:26<Beirdo>can't uninstall, can't do updates, etc.
23:26<Beirdo>it's so fun
23:40|-|irgeek [] has quit [Quit: irgeek]
23:43|-|tierra [] has quit [Quit: leaving]
23:45<chris>Anyone have a rather large lootlink database I can leech?
23:53<tierra>caker, mikegrb?
23:54<@caker>Happy New Year, all
23:54<tierra>any chance I can get a quick token refill? (copying over disk image)
23:58<tierra>I think this is one of the first times I've put netcat to good use I think
23:59<tierra>dd if=/dev/sda3 | gzip | nc
---Logclosed Mon Jan 02 00:00:12 2006