--- Log opened Mon May 07 00:00:11 2018
00:24 < spaces> how is this possible ? * ChanServ sets mode: +v imMute^
00:24 < spaces> he is Mute :P
00:25 <+catphish> lol
00:25 < spaces> catphish like #mysql and #httpd ?
00:25 <+catphish> it's a miracle
00:25 < spaces> yes they exist!
00:27 < spaces> seriously I messed up my day/nightschedule
00:27 < ^7heo> so you're 21
00:28 < ^7heo> welcometo your twenties
00:28 < ^7heo> you're gonna discover lots of new emotions as well
00:29 < ^7heo> and drinking alone at home at night in front of the tv
00:29 < spaces> ^7heo no sorry I'm not in your group of age, find someone else ;)
00:30 < ^7heo> and lots of crying because you don't have your mommy to do everything for you anymore
00:30 < ^7heo> but do not fear
00:30 < ^7heo> it gets better
00:30 < ^7heo> if you play your cards right, by 30.you can actually get good moneys
00:31 < spaces> ^7heo wtf are you drunk or on drugs ? Find yourself a life maybe
00:31 < spaces> next ignore here
00:31 < ^7heo> and by 40 you can get a family
00:31 < turtle> if you were smart you'd start smoking crack rocks
00:31 < ^7heo> indeed
00:31 < turtle> get a head start to adulthood
00:32 <+catphish> but they're so expensive :(
00:32 < ^7heo> the only thing worth anything is drugs
00:32 < spaces> catphish who said you needed to pay for whatever what's expensive
00:32 < ^7heo> they are much more reliable than humans
00:33 < ^7heo> turtle: apparently you've been ignored too
00:33 < ^7heo> kids these days
00:33 < ^7heo> so web addicted
00:33 < ^7heo> they can't even IRC.
00:33 <+catphish> spaces: i don't think that sentence makes sense
00:33 < turtle> :-(
00:33 < ^7heo> catphish: dude, what  do you know about English anyway?
00:34 < spaces> catphish you said something is expensive, who said you needed to pay for them ?
00:34 <+catphish> ^7heo: i only know british english, not proper english :(
00:34 < ^7heo> everybody knows the frenchs invented english
00:34 < ^7heo> that's why the wars
00:34 <+catphish> spaces: i was talking about crack rocks, you know somewhere i can get them for free?
00:34 < ^7heo> catphish: duuuh obviously he does
00:35 < spaces> catphish dunno but don't people rip each other off in that world on a daily base ? so just pick someone :P
00:35 < ^7heo> catphish: why else would he write such uncomprehensible stuff?
00:35 <+catphish> spaces: that's on my list of "unwise courses of action"
00:36 < spaces> catphish you second bucketlist when you become a total failure of the bucketlist everyone should say you must have ?
00:36 < ^7heo> bbl, the person I locked in my basement is making too much noise
00:36 < spaces> indeed, doesn't matter in that case anymore what you do... :P
00:36 < ^7heo> gotta sedate them before the cops show up
00:36 <+catphish> anyway, bach to work
00:36 < ^7heo> indeed
00:37 < ^7heo> o/
00:39 < spaces> catphish back created a great piece of work!
00:39 < spaces> bach
00:39 < SporkWitch> catphish: this is what i get for trying to help someone: http://termbin.com/g9t5 (his output here: https://pastebin.com/knc8adgV)
03:37 < cheers> im replacing my spinal cord with an infiniband cable
04:03 < hanna> Are there any good programs for debugging DHCPv6? Say I want to send my DHCPv6 server a specially crafted packet (containing a custom DUID, MAC etc.) and print out what reply I get
04:03 < hanna> I tried using dhclient's -n (“no op”) mode but apparently it doesn't even work, running dhclient -6 -1 -d -n -w just removed my interface's existing IPv6 and thus broke networking for me
04:04 < hanna> And in either case, dhclient doesn't allow passing your own DUID
04:04 < hanna> I could in principle write my own tool from scratch by implementing the DHCPv6 RFC but that's going to be much more time consuming than using any existing tool
04:13 < hanna> Oh actually I don't even need to generate my own DUID
04:37 < hanna> I think ideally what I want is an IPv6 version of `dhcping`
06:47 < pabed> hi guys , I run arpwatch but I dont know why it is listening on virbr0 instead of ens160 while I command
06:48 < pabed> hi guys , I run arpwatch but I dont know why it is listening on virbr0 instead of ens160 while I command
06:48 < pabed> "arpwatch -i ens160"?
06:53 < precise> pabed: What's the host OS?
06:53 < pabed> centos 7
06:54 < precise> Does it need root to access the physical NIC?
06:54 < pabed> I gave it root access
06:55 < precise> pabed: It may sound stupid, but take root access away, see if that helps...
06:56 < CuriousMind> Hello, I have many questions about networking and Wireshark
06:56 < CuriousMind> I am relatively new to networking. I am a student and I don't understand a lot
06:58 < SporkWitch> Curioismind the wireshark Wiki is very good and has sample pcaps of different types of traffic that you can download and analyse. While we can and will certainly help beginners as well as other experts, you do need to have a reasonably specific query for us to help.
06:59 < SporkWitch> Pardon the typos, stupid phone
07:00 < CuriousMind> SporkWitch: Hi, I was thinking of a questio
07:00 < pabed> precise: I took root access , It  says arpwatch: lookup_device: no suitable interface found after this command $ arpwatch -i ifcfg-ens160
07:00 < light> ifcfg-ens160 isn't an interface
07:01 < precise> light: ++
07:01 < precise> I was just thinking that
07:01 < precise> I forget where to find the interface name tho
07:01 < CuriousMind> SporkWitch: Ok, I got one now. You said the Wireshark wiki has sample pcaps. What is a pcap? From what I just read on a Quora page, pcap is an API that Wireshark uses
07:01 < light> ip a
07:01 < CuriousMind> Am I somewhat right?
07:01 < light> A pcap file is a dump of captured traffic.
07:02 < CuriousMind> light: It's not an API?
07:02 < precise> No
07:02 < pabed> light: ens160 is not interface?
07:02 < light> it is
07:03 < CuriousMind> light: It is or it isn't?
07:03 < light> that wasn't to you
07:03 < precise> CuriousMind: He was talking to pabed
07:03 < CuriousMind> precise: Ok thanks
07:04 < CuriousMind> https://goo.gl/QxvJUm  I'm reading this Quora page and the last sentence of the first answer said that Wireshark uses an API. So this guy is wrong?
07:05 < SporkWitch> Curiousmind "what is a pcap" is a google question, not one you need a human for.
07:05 < CuriousMind> SporkWitch: You are right. I'll google it
07:06 < pabed> precise: it is listening to ens160 but not my network (192.168.0.0/24) and it listen to 169.254.231.18
07:06 < precise> CuriousMind: I'm sure the Wireshark wiki that was mentioned earlier would have the answers you are looking for.
07:06 < SporkWitch> Someone else already answered it, but your sequence should always be google/documentation first, and then if you don't find anything or don't understand something, ask the specific thing you don't understand here.
07:07 < precise> pabed: 169.254 is an APIPA range, means the interface it is listening on doesn't have an IP and automatically assigned one from that range.
07:08 < SporkWitch> Curiousmind the more specific the question, the easier it is to help with; broad stuff is really difficult, because we have no way to know what you actually need.
07:08 < CuriousMind> precise: I will check that out now, thank you
07:09 < CuriousMind> SporkWitch: Yes I see. Ok I will google first, thank you
07:10 < SporkWitch> Not trying to turn you away, mind you, just trying to help you build good questions that will get you good answers.
07:10 < precise> SporkWitch: ++
07:11 < SporkWitch> We like good questions, because that's how we learn too
07:11 < precise> CuriousMind: ^
07:11 < pabed> precise: https://paste.debian.net/1023637/
07:12 < precise> pabed: checking now
07:12 < CuriousMind> You guys are right. I will try my best to think of good concise intelligent questions to ask and not vague. I appreciate you explaining to me
07:12 < precise> pabed: Can you post the output of the arpwatch command?
07:14 < SporkWitch> (I've learned far more over the years from answering questions than asking them lol)
07:15 < SporkWitch> Curiousmind can't think of anything for true "I know nothing and want to start" but once you get to a point of being able to play with things and experiment, cisco's packet tracer is free now. It lets you simulate a network and traffic. Really great tool
07:16 < pabed> IPV6_PEERROUTES=yes
07:16 < pabed> DNS2=8.8.8.8
07:16 < pabed> PEERROUTES=yes
07:16 < pabed> DNS1=4.2.2.4
07:16 < pabed> UUID=338a8645-9e32-4f73-afaa-39127edb4328
07:16 < pabed> NAME=ens160
07:16 < pabed> BOOTPROTO=static
07:16 < pabed> NM_CONTROLLED=no
07:16 < pabed> IPV6_FAILURE_FATAL=no
07:16 < pabed> TYPE=Ethernet
07:16 < pabed> DEVICE=ens160
07:16 < pabed> IPV6_AUTOCONF=yes
07:16 < pabed> NETMASK=255.255.255.0
07:16 < pabed> IPV6_DEFROUTE=yes
07:16 < SporkWitch> I used it a bunch in uni when I didn't feel like driving to campus to use the physical lab (to be clear, I already had enough experience and knowledge I didn't need to learn the physical hookups and cable requirements)
07:16 < pabed> DEFROUTE=yes
07:16 < pabed> IPADDR=192.168.0.244
07:16 < pabed> IPV4_FAILURE_FATAL=no
07:17 < pabed> ONBOOT=yes
07:17 < pabed> IPV6_PEERDNS=yes
07:17 < SporkWitch> Pabed use pastebin, Holy fuck
07:17 < pabed> ah sorry
07:17 < pabed> https://paste.debian.net/1023638/
07:17 < precise> damn son
07:17 < SporkWitch> More than 4 lines: pastebin
07:17 < precise> lol
07:17 < CuriousMind> SporkWitch: Right. I seen this software before, it's good. I understand what you're saying
07:18 < SporkWitch> I half joked earlier about being lucky not to get a kline, what client is he using? I almost want to ban it for throttling it's floods to avoid autokline
07:18 < pabed> precise: https://paste.debian.net/1023639/
07:19 < SporkWitch> Stupid auto-incorrect, *its
07:19 < precise> pabed: run "ip a" in terminal, find the interface with the same IP address, use that label
07:19 < precise> It should be eth0 or eth1
07:20 < precise> Or something of the like
07:20 < SporkWitch> Should be a persistent name *grumbles*
07:20 < precise> SporkWitch: rite?
07:21 < pabed> precise: https://paste.debian.net/1023640/
07:22 < SporkWitch> While we're on the topic, repos need to purge net-tools; shit's been abandoned and deprecated for what, a decade now?
07:22  * precise clicks
07:22 < precise> lol
07:22 < precise> huh
07:23 < precise> pabed: I'm just curious, can you cat /etc/network/interfaces and verify if it is called ens160 there as well?
07:23 < precise> No need to paste
07:23 < precise> Just let me know :P
07:24 < SporkWitch> That poor enter key; your comma and period keys are lonely
07:24 < precise> SporkWitch: \n masterrace
07:25 < pabed> precise: https://paste.debian.net/1023641/
07:25 < precise> Oh, ok
07:25  * SporkWitch glares
07:26 < precise> Aight, so I'm beginning to wonder if it is a driver issue. Does arpwatch require promiscuous mode? Does your NIC support it?
07:26 < precise> pabed: ^
07:29 < realbadhorse> okay so something weird has been happening since yesterday midnight... all of the sudden, all the ports on my tplink router have stopped forwarding
07:29 < precise> realbadhorse: Have you checked the configs and rebooted the router?/
07:29 < realbadhorse> not a single one is working, not even the new ones i added this morning for testing
07:29 < realbadhorse> rebooted the router with both the webclient dashboard and the wallsocket
07:30 < pabed> precise: it worked
07:30 < precise> pabed: Yay! watchudo?
07:30 < precise> realbadhorse: What model?
07:30 < realbadhorse> canyouseeme.org returns `no route to host`
07:30 < realbadhorse> Model No. TL-WR840N / TL-WR840ND
07:31 < precise> realbadhorse: You verified it worked before?
07:31 < pabed> but I dont know what is happend to it righ now
07:31 < realbadhorse> yes, for atleast an year
07:31 < precise> pabed: Keep us informed :)
07:31 < realbadhorse> all my devices have static ips, but ive doublechecked those too
07:32 < realbadhorse> kinda going crazy..
07:32 < SporkWitch> Random problems on dirt brand hardware? Colour me surprised
07:32 < precise> lol
07:32 < precise> realbadhorse: Backup config and do a factory reset
07:32 < realbadhorse> wew
07:32 < precise> Check for firmware upadte while ur at it
07:33 < precise> Out of curiosity, what ports?
07:33 < SporkWitch> Joking aside, it may well just be crazy. It's not exactly a great brand. You're talking about people that make stuff that sells for 20 bucks at a brick and mortar
07:34 < realbadhorse> irc 6667+ssl,80,81,minecraft(unironically),ssh
07:34 < SporkWitch> That's also a good question, some ISPs are evil, they might have started blocking
07:34 < realbadhorse> and a few random ones for my listeners
07:34 < precise> SporkWitch: My thoughts exactly
07:35 < precise> realbadhorse: You run an IRC server?
07:35 < realbadhorse> my isp is a small local company who cant even cap p2p speeds properly
07:35 < realbadhorse> i doubt thats a problem
07:35 < realbadhorse> yes precise
07:35 < precise> ok
07:35 < precise> Just making sure you weren't forwarding 6667 for your IRC client
07:35 < precise> lol
07:35 < realbadhorse> wew
07:36 < precise> realbadhorse: Yeah, I can't' tell without more info. I'd suggest backing up config and factory reset + firmware upgrade and check back
07:36 < realbadhorse> alright.. thanks for trying guys
07:36 < precise> realbadhorse: I speak for myself
07:36 < precise> realbadhorse: Someone else may be able to help :)
07:37 < realbadhorse> well theres 2 options, one for restoring default configs and other for factry reset.. ill try the factory config first
07:37  * precise waits for realbadhorse to ping timeout
07:41 < precise> there we go
07:45 < SporkWitch> No, on tplink or any other bargain brand, that's a good first step
07:46 < SporkWitch> Hell, it's a good first step on juniper; never anything but problems with their garbage
08:03 < winsoff_> Alright, why can't I vnc my machine half the time I try to
08:03 < winsoff_> I'm literally on the same networ--Oh wait.
08:04 < winsoff_> Okay, that's weird as hell, and interesting.
08:04 <+pppingme> are you on the same network/
08:04 < winsoff_> Yeah, theoretically. So the asuswrt vpn client is at 192.168.10.2, and I'm on 192.168.1.1/24, i suppose
08:05 < winsoff_> And I couldn't vnc into my machine (which is the vpn client_
08:05 < winsoff_> )**
08:05 < winsoff_> But then I just connected to this network's vpn (lol?) and it lets me vnc in.
08:05 < winsoff_> let me dc from the vpn and see if it's still a problem. I didn't think I had this problem before, though.
08:12 < toxync19> [0ff0c4@tox] hello.
08:13 < toxync19> [0ff0c4@tox] how to avoid connect trough tor to LAN address?
08:55 < koops> I need to forward all traffic through a SOCKS5 proxy running on LAN using pfSense. Search did not help.
08:57 < mAniAk-_-> koops: source and destination NAT
08:58 < koops> @mAniAk-_- Can you explain in more detail?
09:00 < mAniAk-_-> use source and destination nat
09:03 < koops> That's not very helpful.
09:03 < koops> What source, what destination?
09:08 < mAniAk-_-> PF, proxy server
09:20 < koops> And will it automatically add SOCKS headers to requests or will it simply forward the packets to the server?
09:21 < koops> Since if they are simply forwarded to the server it will most likely forward them back to PF.
09:50 < mAniAk-_-> koops: nope, youll have to use a webproxy
10:22 < winsoff_> pppingme: Did we already discuss good resources for preparing for a networking job? I can't remember if you were here.
10:26 <+pppingme> winsoff_ nope, doesn't sound familiar, at least not recently
10:27 < winsoff_> pppingme: Damn. Do you have any recommendations?
10:33 <+pppingme> know the job, and know the company..
10:48 < winsoff_> pppingme: The hard part is the steps to completing those two items, though.
10:55 < CuriousMind> Hi, I am trying to establish a Telnet connection from my windows computer to my mac
10:55 < CuriousMind> I installed telnet on my mac using Homebrew and I enabled Telnet on my windows computer
10:55 < CuriousMind> I tried connecting to my mac but it isn't letting me
10:56 < CuriousMind> According to a video that I am watching, it seems to me that I need to enter the router's IP and configure but I cannot do that because it isn't my internet
10:59 < djph> if they're in the same place (e.g. your apartment), the router doesn't come into play at all.
10:59 < djph> if they're not in the same place (e.g. you're at work, mac's at home) - telnet is fucking stupid.
11:03 < CuriousMind> djph: They are in the same place
11:03 < CuriousMind> Trying to access my mac
11:04 < djph> then it's just 'telnet ip.of.mac' (assuming, of course, the mac is running a telnet *server*) -- although, ssh is still probably the better choice.
11:06 < CuriousMind> Ah ok so I have to set up a telnet server on my mac. That won't be hard right?
11:07 < djph> no idea
11:07 < CuriousMind> djph: ok no problem, thanks
11:07 < djph> but telnet is pretty well a bad idea, ever since about 1998
11:10 < CuriousMind> djph: Doing a project real quick
11:18 < E1ephant> yeah so use ssh
11:20 < CuriousMind> E1ephant: Hi, I have a problem
11:20 < CuriousMind> E1ephant: I try to start telnet by doing "brew services start telnet". Everything was looking ok until I got an error which says "Error: Formula `telnet` has not implemented #plist or installed a locatable .plist file"
11:20 < E1ephant> use ssh
11:21 < CuriousMind> E1ephant: Ok one second
11:24 < CuriousMind> E1ephant: I am trying to use telnet because I am trying to capture packets. I am doing a project
11:24 < E1ephant> use netcat instead then
11:24 < E1ephant> probably better suited to the task in general
11:24 < E1ephant> if not just wireshark/tshark
11:24 < CuriousMind> E1ephant: Can you help me with this please?  You said netcat?
11:25 < E1ephant> yeah netcat is a cool little tool that will read/write to sockets
11:25 < E1ephant> probably easily found in bew
11:25 < E1ephant> brew even
11:25 < CuriousMind> E1ephant: I already did this. https://medium.com/ayuth/bring-telnet-back-on-macos-high-sierra-11de98de1544
11:26 < CuriousMind> Should I uninstall this?
11:26 < E1ephant> wireshark and tshark will greatly help in analyzing traffic
11:26 < CuriousMind> E1ephant: Yes. :)
11:26 < E1ephant> lol, that article mentions that nc is built into macos now :)
11:27 < E1ephant> cool beans
11:28 < CuriousMind> E1ephant: ok so uninstall telnet and instal netcat?
11:28 < E1ephant> I mean it sounds like nc should be there already
11:28 < E1ephant> not much harm in having the telnet client installed
11:28 < CuriousMind> E1ephant: I see. Ok what do I do next to get this server running
11:28 < E1ephant> it's the telnet server or "telnet daemon" you don't want anything to do with
11:29 < CuriousMind> E1ephant: Oh why?
11:29 < E1ephant> because everything, passwords included is plaintext
11:29 < CuriousMind> E1ephant: That is exactly what I want! :)
11:29 < CuriousMind> I am doing a project on this exactly bahaha
11:30 < CuriousMind> I already changed my computer password to a trival password then I will change it back
11:30 < djph> a project on "yes, really, telnet is fucking stupid in 2018" ?
11:30 < E1ephant> yeah
11:30 < E1ephant> really stretching the brain on this one?
11:30 < CuriousMind> I'm trying pass my class, please. I wanna get this done, I wanna go to sleep
11:31 < E1ephant> one sentence powerpoints are cool
11:31 < E1ephant> just get some cat gifs
11:31 < E1ephant> and write "
11:31 < E1ephant> PLAINTEXT == BAD"
11:31 < djph> ohh, so this is homework?  Why didn't you *say* it was a homework project?
11:31 < djph> and then, the *requirements* of the project
11:31 < djph> rather than ... whatever limited info you've given us thusfar
11:32 < CuriousMind> djph: I said this like many times
11:32 < CuriousMind> ok sorry
11:32 < E1ephant> example presentation: https://ripe65.ripe.net/presentations/105-RIPE65_NLNOG_RING_Job_Snijders.pdf
11:32 < djph>  < CuriousMind> Hi, I am trying to establish a Telnet connection [...]
11:32 < djph> < CuriousMind> According to a video that I am watching,
11:32 < E1ephant> this is doing it right ^
11:32 < djph> < CuriousMind> djph: Doing a project real quick
11:33 < CuriousMind> djph: Ok sorry. Now you know it is a project
11:33 < djph> "a project" could mean many different things
11:33 < djph> e.g. I have a "project" right now to turn this pile of LEDs into an art project.
11:33 < CuriousMind> djph: You are right, I understand
11:33 < djph> *art piece ... ffs
11:34 < djph> what is the *requirement* of the homework?
11:35 < CuriousMind> The requirement that I am on is writing the steps on how to do this connection
11:35 < MrLawrence> Hello, I have programmed this server and this client in C using TCP sockets - however I have always ran both in the same computer so I just set the IP to loopback - if I have the server running in a computer in my LAN, and I run the client in another computer in the LAN, what IP should I give the server?
11:36 < E1ephant> is this a trick question?
11:36 < djph> MrLawrence: one in your LAN
11:36 < E1ephant> the other IP?
11:36 < E1ephant> whichever one isn't local, would be the destination
11:36 < E1ephant> I think I  need some sleep
11:37 < MrLawrence> Thing is I am doing this demonstration for someone else and it is the first time I am running both in different computers across a a network, and I am not sure what IP to give it.
11:37 < MrLawrence> It's a university network so I doubt I can just pick a random IP address and it'll work
11:37 < djph> MrLawrence: any valid IP for the network in question.
11:37 < djph> as long as it's not already used, ofc.
11:38 < djph> CuriousMind: "write the steps to telnet to a server" is the requirement?  Answer -> you don't telnet is fucking stupid.  WTF prof, are you retarded?
11:38 < djph> s/don't/don't,/
11:40 < CuriousMind> djph: The purpose of telnet to a server is to retrieve packets which contain the password when logging in
11:40 < CuriousMind> I'm working on the steps so if someone else wanted to do it then they could
11:41 < CuriousMind> It's a computer security class
11:41 < djph> For the fourth or fifth time now, what is the homework requirement.  I.e. what did the professor tell you to do?
11:42 < E1ephant> you can't do some image steno or something actually cool?
11:43 < CuriousMind> djph: The professor wasn't specific, he told us to pick a subject. I picked Wireshark. He wants to know whatever we can find about it. The requirement that I am working on is the connection with two computers and retrieve packets via telnet connection. I also must list steps
11:44 < djph> I mean, it kinda sounds like a "I told you in class it's bad, but you probably don't believe me; so now go see for yourself that it's bad" type assignment.
11:44 < CuriousMind> djph: Are you able to help me or not?
11:45 < djph> ahh, so instead of doing something "easy" like "view packets traversing the network" and then (as we said), using netcat or ssh (or hell, http, ftp, etc.) for the proof-of-concept... you decided on telnet.
11:46 < djph> see, now that's what we needed to know, so we wouldn't just tell you you're a dumbass for wanting to run telnet.  Install a telnet server on one box or the other.  Connect to it while running wireshark.  capture the packets, have a good day.
11:47 < CuriousMind> djph: lmao thanks a lot I appreciate your help
11:49 < djph> note that it might be hard to actually *find* a telnet server, because, well, it's a bad idea.  You *may* end up having to install *nix somewhere (so you can avoid the "hand-holdy" nature of mac / windows stopping you from doing it)
11:51 < CuriousMind> djph: I'm trying to run my mac as a telnet server.
11:51 < CuriousMind> My windows computer is the client
11:52 < djph> CuriousMind: and, given that macOS is hand-holdy, it may not include a server (dunno, I'm not a mac guy at all, and only know win because of work...)
11:52 < djph> assuming it does have a server, you fire up the server, then from win, telent ip_of_mac
11:53 < CuriousMind> djph: How
11:53 < CuriousMind> What commands
11:53 < CuriousMind> You say you don't know though so I understand
11:54 < djph> I would assume "telnetd" on the mac box (or whatever the executable of the telnet server is)
11:54 < djph> then from windows, telnet ip.of.mac
11:55 < CuriousMind> telnetd: command not found djph
11:55 < CuriousMind> djph: I already did that for my windows but I couldn't establish the connection
11:55 < djph> CuriousMind: was the telnet server running on the mac?
11:56 < CuriousMind> djph: No, I am trying to run it
11:56 < CuriousMind> I did this command
11:56 < djph> well, with no server running on the mac, you're not going to establish a connection ...
11:56 < CuriousMind> djph: Yes I know. I did this "brew services start telnet"
11:57 < CuriousMind> And I got an error which says "Formula `telnet` has not implemented #plist or installed a locatable .plist file"
11:58 < djph> sounds like a mac problem then, whatever #plist is
11:58 < CuriousMind> djph: Then someone said to use netcat in order to make this happen. I don't know about netcat
11:59 < audia5> how much money you spend on candies
11:59 < djph> netcat would be a potentially better approach
11:59 < CuriousMind> djph: Ok great. How can I get started using netca
11:59 < CuriousMind> netcat*
12:00 < djph> man netcat
12:00 < CuriousMind> djph: ok thanks
12:00 < CuriousMind> djph: No manual entry for netcat
12:01 < CuriousMind> I just got this macbook like last week
12:01 < djph> should be like 'nc -l' on the mac, then 'nc ip.of.mac' from the win box.  NOTE that you may need to FIND a netcat client for win
12:01 < djph> ugh, wtf, no manpages :(
12:01 < CuriousMind> djph: I got it, I did man nc. It's good
12:02 < djph> ah
12:02 < CuriousMind> So my windows has to have netcat too right?
12:02 < djph> annoying they didn't link 'man netcat' to 'man nc'
12:02 < djph> yes
12:03 < CuriousMind> ok np
12:04 < djph> anyway, cygwin or nmap projects would probably be the easiest options for getting nc over on win
12:04 < CuriousMind> djph: I see
12:10 < cluelessperson> CuriousMind: what exactly are you trying to do?
12:11  * cluelessperson checked scrollback but is confused still
12:11 < CuriousMind> cluelessperson: Hi
12:12 < cluelessperson> sup
12:12 < CuriousMind> cluelessperson: I am trying to run a telnet server on my macbook. I will connect to it using my windows computer
12:12 < cluelessperson> CuriousMind: okay, with what goal
12:12 < cluelessperson> or just start a telnet server and that's all
12:13 < CuriousMind> Get telnet server running on my macbook then successfully connect to it with my windows computer
12:13 < CuriousMind> if I can do that, I will praise jesus
12:15 < CuriousMind> cluelessperson: Someone recommended I use netcat and that's what I am trying to do now
12:15 < cluelessperson> CuriousMind: netcat is usually used for port scanning, checking if ports are even open
12:16 < cluelessperson> CuriousMind: but looks like netcat CAN be used to open a socket.
12:16 < cluelessperson> CuriousMind: so, keep in mind that telnet is very basic.  Literally all it does is open a port and wait for connections/data to come in.
12:17 < cluelessperson> CuriousMind: To use netcat, you should probably start by running,
12:17 < cluelessperson> netcat --help
12:17 < cluelessperson> (I'm not familiar with Mac, but it's based on linux, so some things are similar/same)
12:17 < CuriousMind> cluelessperson: I got man netcat open, but I don't know how to use commands
12:18 < CuriousMind> I think it's nc -l <port>?
12:18 < CuriousMind> I was watching a video couple minutes ago
12:18  * cluelessperson tries it out
12:18 < ^7heo> depending on the netcat versions, it's either nc -l $port; or nc -l -p $port
12:18 < cluelessperson>      -l      Used to specify that nc should listen for an incoming connection rather than initiate a connection to a remote host.
12:19 < cluelessperson> It is an error to use this option in conjunction with the -p, -s, or -z
12:19 < cluelessperson> CuriousMind:    so, looks like.    nc -l <port>    sure
12:19 < CuriousMind> ^7heo: Thank you
12:19 < CuriousMind> cluelessperson: Ok grea
12:19 < cluelessperson> CuriousMind: works for me
12:20 < cluelessperson>     nc -l 8000     and then     telnet localhost 8000
12:20 < cluelessperson> in another window
12:20 < CuriousMind> nc for mac and telnet for windows right?
12:21 < cluelessperson> CuriousMind:   on my machine,   both commands work for me.
12:22 < cluelessperson> CuriousMind: windows, you might have to install telnet
12:22 < cluelessperson> CuriousMind: try it just on the one machine first.
12:22 < cluelessperson> two shell/command windows.
12:22 < CuriousMind> cluelessperson: I install telnet already :)
12:22 < cluelessperson> create the "server"/"listener",    then in the other window, attempt to connect to self on that port
12:22 < mAniAk-_-> CuriousMind: whats the point of this?
12:22 < CuriousMind> mAniAk-_-: school project
12:22 < cluelessperson> mAniAk-_-: School assignment/learning apparently
12:23 < CuriousMind> cluelessperson: Yes I see, ok thank you
12:24 < CuriousMind> cluelessperson: Sorry I am a little confused
12:24 < CuriousMind> I gotta install netcat on my windows computer too right? I just did that
12:24 < E1ephant> http://this.is.a.verylegit.link/server1337$113notice__install-now.msi.exe
12:24 < E1ephant> use this exe
12:24 < cluelessperson> CuriousMind: it's okay to be confused.
12:25 < cluelessperson> CuriousMind: You probably want to begin by determining what you need to do, write it down, take it a step at a time
12:25 < cluelessperson> CuriousMind: make sure that you first look up the terminology, definitions.
12:26 < CuriousMind> cluelessperson: Confused, one second. I see what you are sayin
12:27 < CuriousMind> saying*
12:27 < cluelessperson> CuriousMind: example.   You already know you want to create a telnet server on one machine, and a client on the other machine, see data go through
12:28 < cluelessperson> CuriousMind: okay, why telnet, what is telnet?   See data go through?  Through what?
12:28 < cluelessperson> What are common telnet applications?
12:28 < cluelessperson> You've discovered netcat and telnet themselves. :)
12:28 < CuriousMind> With your guys help
12:28 < CuriousMind> Going to write this in my project. One second
12:30 < CuriousMind> cluelessperson: I got two command prompts open right
12:31 < CuriousMind> I type telnet localhost 8000 and connection failed
12:31 < CuriousMind> This is on my windows computer
12:32 < cluelessperson> CuriousMind: localhost refers to that computer itself it's on
12:32 < cluelessperson> CuriousMind: so if you're trying to connect to the mac, it won't.
12:32 < CuriousMind> aahh right
12:33 < CuriousMind> ok I did nc -l 8000 on mac, its working
12:33 < CuriousMind> that means that my mac is now the server/listener right
12:33 < cluelessperson> CuriousMind: some of this comes with familiarity, but certain ranges of ip addresses are just marked off from use, because they're used by our computers for housekeeping and internal tasks
12:34 < CuriousMind> cluelessperson: Yes I see
12:34 < cluelessperson> CuriousMind: Example,   127.0.0.0/8  is used to refer to localhost,
12:34 < cluelessperson> 127.0.0.1 - 127.255.255.255
12:34 < CuriousMind> cluelessperson: Yes, I've seen 127.0.0.1 in networking class before
12:34 < cluelessperson> CuriousMind: another one you'll likely recognize is,   192.168.0.0/16
12:34 < CuriousMind> Nope not that one
12:35 < cluelessperson> well that one is commonly what home/consumer routers are automatically set to by default
12:35 < cluelessperson> they aren't the "local" machine, but are a private network
12:35 < CuriousMind> Mhm I see
12:35 < cluelessperson> CuriousMind: anyway,  localhost obviously fails.   So, replace that with the ip address, or hostname, of your Mac.
12:36 < CuriousMind> Ok will do, one second please cluelessperson
12:37 < CuriousMind> cluelessperson: I did telnet <macbook's ip> and it says connection failed
12:38 < cluelessperson> CuriousMind: keep in mind, you specificied a specific port for your Mac to listen on, so that's the port you'll want to connect to
12:38 < CuriousMind> hmmm right
12:38 < cluelessperson> I'm unfamilmiar with the syntax in windows,   but likely,   telnet <mac_ip> 8000
12:38 < CuriousMind> Ah ok I will try that. Ok thank you for being so patient with me lol cluelessperson
12:39 < cluelessperson> CuriousMind: btw, this is what firewalls are used for.  Even if bad software/malware on a computer listens on a port, or tries to connect out, a firewall can prevent connections to those ports.
12:39 < cluelessperson> CuriousMind: We're all learning.
12:39 < CuriousMind> Yes I see
12:39 < CuriousMind> cluelessperson: I works!
12:40 < CuriousMind> But what now? No login prompt so I can access the files and stuff like I saw in the videos?
12:40 < cluelessperson> CuriousMind: all netcat does is open a port, and display things it received, but it can be used to test if ports are open and connections and stuff
12:41 < grawity> what was your goal here
12:41 < cluelessperson> CuriousMind: telnet is merely for connecting to a port and sending pretty raw data
12:41 < grawity> because if your goal was to access files and stuff, then telnetd is a pretty poor choice
12:41 < cluelessperson> CuriousMind: Either way, none of that software is made to provide remote access to a computer.
12:41 < CuriousMind> ohhh cluelessperson
12:41 < cluelessperson> CuriousMind: I originally entered this conversation when you were asking to create a telnet server, and client,  we've done that. :)
12:42 < CuriousMind> cluelessperson: right lol dang it
12:42 < grawity> well that's kind of a lie, telnet isn't *for* sending raw data, its protocol just happens to be fairly close
12:42 < cluelessperson> CuriousMind: There is other software made to setup a listener/port, and allow people to securely connect, login, and enter commands.
12:43 < CuriousMind> cluelessperson: Yes I see. Ok can we do that? Will that take long?
12:43 < cluelessperson> CuriousMind: So, the added complexity is that you want things to be SECURE.  Other software basically does the listener part, but mixes in cryptography, codes, logins, and then access to system data/files/commands.
12:43 < cluelessperson> CuriousMind: doesn't take long.
12:43 < djph> CuriousMind: "ssh" - install ssh server on the mac, grab PuTTY for the windows box, call it a day.
12:43 < CuriousMind> cluelessperson: Yes, I think this is what I want
12:44 < djph> although, that completely thwarts your "and I want to see what's in the packets" bit.
12:44 < cluelessperson> CuriousMind: the most common software and protocol used to remotely manage over the command line is definitely called "SSH"
12:44 < cluelessperson> CuriousMind: on linux the software package/combination would be called, "openssh-server"
12:44 < cluelessperson> On linux, I type the command.    ssh user@<server>
12:45 < grawity> macOS already has ssh, just enable in Settings -> Sharing
12:45 < cluelessperson> djph: ^ :)
12:45 < CuriousMind> cluelessperson: yes
12:45 < CuriousMind> and yes djph
12:45 < cluelessperson> CuriousMind: Windwos does not natively support SSH, but there is a very common Windows binary used that handles SSH stuff and similar connections.  It's called "Putty"
12:46 < CuriousMind> cluelessperson: Yes I have Putty, I use it for my AWS virtual machine for my other class
12:46 < cluelessperson> CuriousMind: Google search for "putty" it should be the first result.
12:46 < grawity> well if you already have it, then use it for macOS, if you're trying to work remotely
12:46 < cluelessperson> CuriousMind: sweet.  You'll notice that putty itself even acts as a telnet, ssh, and even serial client.
12:46 < CuriousMind> cluelessperson: wait
12:46 < grawity> (though for what it's worth, Windows will have built-in SSH sometime in the future as well)
12:47 < CuriousMind> But the thing is. Ugh I'm just...
12:47 < cluelessperson> grawity: Windows is complete and utter garbage.
12:47 < cluelessperson> CuriousMind: You're just what?
12:47 < CuriousMind> SSH is secure so I won't be able to see the content of the packets right?
12:47 < djph> CuriousMind: that's the idea
12:47 < grawity> cluelessperson: I wasn't asking, but thanks for the opinion?
12:47 < CuriousMind> cluelessperson: One second, I want to show you what I want to do
12:48 < cluelessperson> CuriousMind: so here's the neat part, you might be able to export your ssh connection's encryption keys, load them into wireshark, and have wireshark read the encrypted data anyway. :)
12:48 < cluelessperson> but honestly, I'm unfamiliar with that.
12:48 < grawity> that's supported for tls/ssl, but not for ssh
12:49 < grawity> not technically impossible, but... neither clients nor wireshark have that feature, afaik
12:49 < djph> Unlike the SSL dissector, no code has been written to decrypt encrypted SSH packets/payload. This is also not possible unless the shared secret (from the Diffie-Hellman key exchange) is extracted from the SSH server or client (the "SSLKEYLOGFILE" method in SSL).
12:49 < CuriousMind> cluelessperson: Yes I see what you are saying and that is ok
12:49 < djph> ^ straight from the wireshark wiki
12:50 < CuriousMind> cluelessperson: Look like this https://www.youtube.com/watch?v=xShwyUq-uHk
12:50 < cluelessperson> CuriousMind: it looks like that's not going to be an available option to you, while technically possible to do, it's outside the scope for your assignment
12:50 < cluelessperson> CuriousMind: what is your specific goal?
12:50 < cluelessperson> CuriousMind: WAIT
12:51 < cluelessperson> CuriousMind: Let's step back.  If you're in a networking class, and you want to learn to use wireshark to look at packets, you can just do that telnet thing and use wireshark to watch it, no problem
12:51 < CuriousMind> cluelessperson: Yes. But I want to get the password
12:51 < cluelessperson> CuriousMind: get what password.
12:51 < CuriousMind> That is what the teacher wants, it is a network security class
12:51 < CuriousMind> Yes cluelessperson
12:52 < spare> ngrep is pretty good
12:52 < CuriousMind> even though we did the connection with the mac and windows, that was good cluelessperson. No regrets
12:52 < djph> huh?
12:52 < cluelessperson> CuriousMind: What password are you trying to determine/capture?
12:52 < cluelessperson> Different software uses different password mechanisms.
12:53 < CuriousMind> cluelessperson: Hmmm
12:53 < djph> your assignment before was "pick a subject, tell me whatever you can find out about it."  You chose "wireshark".
12:53 < CuriousMind> cluelessperson: Not sure. I am thinking if there are any telnet servers out on the web so I can log in easy
12:53 < CuriousMind> djph: and the requirements
12:53 < cluelessperson> CuriousMind: not really.  Why would someone just leave their server open on an insecure channel, to unknown connections, to login randomly without control?
12:54 < djph> *you* appear to be the nitwit making up the "I wanna see passwords" requirement.
12:54 < bezaban> telnet nethack.alt.org
12:54 < CuriousMind> cluelessperson: LOL right
12:54 < grawity> there's mono.org (a BBS), sdf.org (an old public-access system)
12:54 < bezaban> because it's public access :)
12:54 < bezaban> sdf use ssh :)
12:54 < grawity> that doesn't stop them from running a telnetd
12:54 < bezaban> ah, didn't think they still did
12:54 < cluelessperson> CuriousMind:   I have an idea.
12:54 < CuriousMind> cluelessperson: Yes! I'm all ears
12:54 < djph> telnet towel.blinkenlights.nl <- there's one :)
12:54 < grawity> they're probably the last ones to still do so
12:55 < cluelessperson> CuriousMind: So, you won't be using telnet, all telnet does is a low level network protocol or something.    It sounds ike you want to demo an INSECURE channel and demonstrate capturing a password.
12:55 < Forst> FTP
12:55 < cluelessperson> CuriousMind: For example, if you connect to an HTTP://example.com    it will be unencrypted, and you can totally capture any password your web browser sends
12:55 < CuriousMind> cluelessperson: I'm here listening
12:55 < bezaban> cluelessperson: no, telnet is a protocol for remote shells.  It just happens to be used a lot in basic network troubleshooting in the place of nc because it is a very simple protocol and readily available
12:56 < CuriousMind> cluelessperson: Yes I know what you are talking about
12:56 < cluelessperson> bezaban: sure, I'm putting it into language the guy understands.
12:56 < cluelessperson> :)
12:57 < cluelessperson> CuriousMind: so, it really depends on your goal/assignment.  If your goal is all over the place, or you ignorantly pick something impossible/impractical, we can't really help you.
12:57 < bezaban> the video he linked is connecting to a telnet server, getting the password from that session
12:57 < CuriousMind> cluelessperson: That is a good idea
12:58 < CuriousMind> That will work! He said telnet, but hey HTTP is a protocol. It has to do with networking and I can get the password
12:58 < cluelessperson> CuriousMind: AH, another step back.
12:58 < bezaban> ocf any unecrypted protocol is good for the purpose of the demonstration
12:58 < CuriousMind> Good idea cluelessperson !
12:58 < CuriousMind> bezaban: yes
12:58 < cluelessperson> CuriousMind:   Before you run off and do, that, let's focus on TELNET first.
12:58 < CuriousMind> cluelessperson: Sure. I am right here :)
12:58 < djph> cluelessperson: unless the assignment's changed (again) ... the most coherent version was "pick a topic, and tell me what you've learned about it."  The topic chosen was "wireshark".  All this extra about telnet seems to be extra (or "wireshark" wasn't actually "the topic")
12:58 < cluelessperson> CuriousMind: When you login to a network device/router/firewall whatever.  They have software configured to be connectable via telnet, that sends you a login
12:59 < cluelessperson> CuriousMind: When you run the two commands in the two different windows, once you connect telnet
12:59 < cluelessperson> CuriousMind: just goto the  "nc -l 8000" window, and type in, "Login?"
12:59 < cluelessperson> CuriousMind: then from the windows/telnet side, just type in "hunter2"
12:59 < cluelessperson> CuriousMind: There, then you can use wireshark to capture that exchange of data
13:00 < CuriousMind> cluelessperson: I am reading what you are saying, one second please
13:00 < cluelessperson> you should find "hunter2" in the payload/packet data through wireshark no problem.
13:01 < CuriousMind> cluelessperson: Ah I see! ok will do one second please
13:01 < cluelessperson> CuriousMind: it sounds like you're interersted in "capturing a password" because that sounds all l88t hackery, but really it sounds like the assignment is to make sure you can use wireshark to look at the data stream of an insecure stream
13:01 < cluelessperson> go nuts
13:02 < cluelessperson> djph: Keep in mind that people don't know what they're talking about.  He may just be describing it as to how his developing view understands it.  Now that we've taught him what telnet/ssh are, he now understands their place in his assignment, so the target will be moving.
13:02 < CuriousMind> cluelessperson: Correct
13:03 < cluelessperson> that's okay. :) just frustrating for people that want to directly answer his questions and be done. :P
13:03 < CuriousMind> cluelessperson: Man I swear thank you for the help. You actually help me with what I needed thank you
13:03 < CuriousMind> cluelessperson: OMG THANK YOU
13:03 < CuriousMind> I'm weak lol
13:03 < CuriousMind> cluelessperson: You understand right? I just want answers, what to do and you give them
13:04 < cluelessperson> CuriousMind: don't worry about it, we've all been there.   However, keep in mind, the IT world is complicated.  It's basically about dealing with new technology and slowly making it easier and easier to use.
13:04 < CuriousMind> And you help me very nice. You don't insult me
13:04 < CuriousMind> cluelessperson: I understand that some technology is complicated. But why add to the complication with your negativity and nonsense. I'm sitting here like, "are you going to help me or not?"
13:04 < djph> cluelessperson: suppose.  But the amount of teeth-pulling it took to get to "oh, this is homework"; and now the further moving targets are frustrating as fuck.  We've been at this for two hours, and still don't have a concrete description of anything.
13:05 < cluelessperson> CuriousMind: Things like OpenSSH are designed to be as secure as possible.  they're basically used to secure military satelites, NSA and google.  Very widely used.  If you're learning about things, you can't always just know what to do.
13:05 < CuriousMind> "Oh I wanna make sure you're not a dumb ass" I'm thinking like jesus next guy
13:05 < cluelessperson> CuriousMind: sometimes 12 year olds wander in here hoping to learn how to hack overnight like they would play minecraft.
13:05 < djph> ^
13:06 < CuriousMind> cluelessperson: Ok I see. Well I am not 12, I am way older than that
13:06 < CuriousMind> I'm a college student trying to get this thing done. i wanna sleep bro
13:06 < cluelessperson> CuriousMind: This is a place where people talk about, discover, and even build new technology for the world to use.  It's not going to be so easy to learn.  It demands a lot of time and patience.
13:07 < cluelessperson> CuriousMind: Are you saying I'm too old for minecraft?
13:07 < CuriousMind> cluelessperson: True. That is true. You are right. And again djph Thank you for the help. but cluelessperson really did it for me
13:07 < CuriousMind> cluelessperson: No. I'm just saying I am not 12 or anything like that. Not no script kiddie trying to hack
13:07 < CuriousMind> My motive is to complete homework
13:07 < cluelessperson> CuriousMind: Different people work differently with different people.  Maybe he's a more technical expert that is better about answering direct questions someone like me might have.
13:08 < cluelessperson> CuriousMind: I work in fields that require my bringing technology to laymen.
13:08 < marktiell0> I've coded a Socks5 server that works correctly with HTTP requests, but doesn't work with HTTPS sites. Curl error is curl: (35) error:1409442E:SSL routines:SSL3_READ_BYTES:tlsv1 alert protocol version, what should I do?
13:08 < djph> you don't need to make apologies or anything, sometimes it takes someone else saying it slightly different like to get it.
13:08 < cluelessperson> marktiell0: what is the exact alert.  TLSV1 Alert.
13:08 < cluelessperson> marktiell0: sounds like you're using an obsolete version of TLS.
13:09 < cluelessperson> aren't we on TLS1.2/3?
13:09 < djph> cluelessperson: nah, I just don't deal with "bullshit scenarios" very well.
13:09 < marktiell0> cluelessperson: in the Java server, I just open a socket to google.com:443 and forward client's request to it, is that correct?
13:09 < cluelessperson> djph: CuriousMind     Well, at a certain point, you have some manager trying to do something stupid and backwards, and we definitely get the attitude of, "fuck off and let me do my job"
13:09 < CuriousMind> cluelessperson: Yes I see
13:10 < cluelessperson> but that doesn't teach the manager to handle the problem
13:10 < cluelessperson> :D
13:10 < CuriousMind> cluelessperson: Bro. if I was in that position, I would let the manager do whatever he wants to do. Boss please go ahead, I get my money
13:10 < CuriousMind> No responsibility there right?
13:10 < djph> cluelessperson: telling the manager to fuckoff and let me do my job does teach him how to handle it -- "fuckoff and lemme do my job" is the correct approach :)
13:11 < djph> CuriousMind: absofuckinglutely not.  Shit rolls downhill.
13:11 < cluelessperson> CuriousMind: lol, these aren't MY managers, and these are in jobs where I'm responsible for security of patient records and intellectual property.
13:12 < CuriousMind> cluelessperson: Oh ok I see. That's cool. I read in my computer security book about what you do
13:12 < CuriousMind> Your job is to protect the company's assets
13:12 < cluelessperson> CuriousMind: That manager better follow my orders or I'll make sure he's fired and fined by government authorities for willfully breaking the law.
13:12 < CuriousMind> And there is a certain confidentiality thing you must follow. And ethics. And stuff like that. C.I.A
13:12 < cluelessperson> I don't care about the law, but I care about people's privacy, and doing my job correctly to the point of not making exceptions for dipshits.
13:13 < CuriousMind> cluelessperson: Ah yes! The laws too! I read about that in my book. There are laws the company must follow
13:13 < CuriousMind> cluelessperson: That is very good. You have a conscience
13:14 < cluelessperson> CuriousMind: So, usually you'll have a lawyer familiar with the laws give your Vice President of Development paperwork on what technical rules to follow, then the VP hands people like ME assignments to make sure the organization is afe.
13:14 < cluelessperson> sometimes teams of lawyers.
13:14 < cluelessperson> sometimes teams of me
13:15 < cluelessperson> Then ME/VP discus other basic rules that the lawyer didn't think off, and we altogether watch the company's back.
13:15 < djph> cluelessperson: contractor?
13:15 < CuriousMind> cluelessperson: Wow that's cool
13:16 < djph> cluelessperson: you watch the company stick their fingers in their ears and go "lalalalala it'll never happen to us" too?
13:16 < CuriousMind> cluelessperson: You are legit like responsible for the company. Partially, somewhat responsible. That is what you get paid for
13:16 < CuriousMind> Besides from the technical, you gotta also know the law too. And ethics and all that
13:16 < cluelessperson> djph: Haven't had that yet.  My biggest problem is that being young, I stupidly awaited my VP to give me permission before I took any responsibility.
13:17 < djph> ethics is easy.  It's all the basic stuff mom and dad (should have) taught you as a child
13:17 < cluelessperson> djph: Basically, I don't assume authority over other people unless granted it.  So, all my ideas were "suggestions" even if they were good ideas.
13:17 < cluelessperson> djph: I cannot demand my VP do as I say or prioritize certain things.
13:17 < djph> yup, I know that :)
13:17 < djph> in the same boat with 'young and its all a "suggestion"'
13:17 < cluelessperson> djph: Honestly, things became a standstill and I was the last person laid off with half the company.  Now I've moved to Seattle. :)
13:18 < cluelessperson> djph: I also am very careful about whta I tell people.   "I THINK this"  "I KNOW this" and "You MUST do this"
13:18 < CuriousMind> cluelessperson: You got laid off? That's a thing too?
13:19 < CuriousMind> I don't know what it's like to get laid off. I got laid off once but it was from a little job, nothing serious
13:19 < cluelessperson> CuriousMind: when your company is -$16 million/year for 10 years, sure
13:19 < cluelessperson> "we can't afford you anymore"
13:19 < cluelessperson> +
13:19 < cluelessperson> "You fixed everything so well it doesn't need you"
13:19 < CuriousMind> cluelessperson: Did they give you a package
13:20 < CuriousMind> I heard about that in my class. When they lay off people, they give you package right? An incentive or something so you can go
13:20 < cluelessperson> CuriousMind: it's more like, "we hope give you enough of a package that you won't be angry enough to destroy our entire company"
13:21 < cluelessperson> god, english
13:21 < cluelessperson> "We hope you're not angry, and hopefully this will keep you from destroying the company"
13:22 < cluelessperson> djph:   Anyway, I make it very clear what concepts and areas I'm "thinking about" versus, "stfu and listen to me"
13:23 < CuriousMind> cluelessperson: Wow it is true. People do get angry. My teacher spoke about how people get fired. Have a job once and the next day security is escorting them out the company
13:23 < CuriousMind> They feel mad enough to destroy the company. It is true. I don't know about all this
13:23 < cluelessperson> CuriousMind: so most of the companies that you are probably familiar enough, are simply so large and massive that you haven't seen their headquarters, or how they built up and stuff.
13:24 < djph> cluelessperson: yeah, it depends on who I'm talking to.  Direct to bossman - "stfu, and lemme do my job".  Other people - "yeah, we suggest ... "
13:24 < djph> *we suggest ... you stfu and let us do our job"
13:24 < djph> :D
13:25 < cluelessperson> CuriousMind: a lot of companies start out in a garage, then move to a small office, then a bigger office, or have a new part of the building added on.   When you're responsible for building a company, or maintaining them, you tend to know all the ways to "unbuild" it.
13:25 < djph> although, generally in more nice terms, because the huggy-feely brigade.
13:25 < cluelessperson> I'm particularly good in Startups, small-> Medium size companies.
13:25 < CuriousMind> cluelessperson: I get what you are saying but what is that to you if you lose a job. You got the skills and stuff, get another one and forget it
13:26 < cluelessperson> djph: I can't wait for some snowflake to not appreciate my telling them how to do their job, that I should respect them or blah blah blah.
13:26 < CuriousMind> The tech field has like a lot of jobs
13:26 < CuriousMind> Why angry
13:26 < cluelessperson> CuriousMind: because, sometimes people feel they're treated unfairly, not paid enough, not promoted, not recognized.  Maybe their ideas were stolen, maybe they are fired when they're not ready to lose money.
13:27 < cluelessperson> CuriousMind: People have bills to pay.  If your house costs $1000/month, and your job is $2000/month, and you lose your job, you need some way to pay your $1000/month house, right?
13:27 < cluelessperson> if you're not ready, careful, it can be dangerous, painful, emotional
13:28 < CuriousMind> cluelessperson: True yes
13:28 < cluelessperson> CuriousMind: Not to mention, sometimes people feel that they should own part of the company becaues they spent so long of their life there.
13:28 < cluelessperson> CuriousMind: You sound like a young college student.
13:28 < cluelessperson> Maybe even high school student taking college classes
13:28 < djph> CuriousMind: also, *really* take a look at the jobs sometime. They're pretty fucked -- 10 years of experience with A, 5 with B, other big stuff .... and we only wanna pay peanuts.
13:28 < CuriousMind> cluelessperson: Yeah I am in college
13:29 < cluelessperson> CuriousMind: I'm self taught.  It gets worse when dumb managers are like, "well they went to college, you didn't"
13:29 < CuriousMind> cluelessperson: I see
13:29 < cluelessperson> well, that "bachelors degree" was probably lying, because how the heck do you make these stupid mistakes.
13:30 < djph> cluelessperson: "bachelor's degree" in underwater-basket-weaving; and then a MBA (which also isn't worth the paper it's printed on)
13:30 < CuriousMind> djph: LMAO
13:31 < djph> cluelessperson: not to mention the cultural acceptance of "I'm not a computer person"
13:31 < CuriousMind> "underwater-basket-weaving"
13:31 < cluelessperson> djph: Don't get me wrong, I've met some Bachelors/Masters/PHDs who are legitimate geniuses.  It's fascinating seeing experienced people work.
13:31 < djph> cluelessperson: well, yeah; but *they* aren't PHBs
13:32 < cluelessperson> CuriousMind: degrees tend to get paid more, but you can learn everything at home most of the time
13:32 < cluelessperson> depends.
13:32 < CuriousMind> cluelessperson: I see
13:33 < CuriousMind> cluelessperson: I see what you saying though. Ideas getting stolen and stuff. Yeah it's an insane world no doubt
13:33 < cluelessperson> CuriousMind: you sound fresh out of high school. :)
13:33 < CuriousMind> cluelessperson: Eh not really lol
13:34 < cluelessperson> CuriousMind: companies like google are so massive, and work on so many things, and require contracts with employees,   that sometimes employees have to ask their employer for permission to build their own product at home, because it might conflict with something that company makes.
13:34 < cluelessperson> CuriousMind: even worse, if that large company makes something similar, they could sue that worker for the idea they built, because it uses ideas from the company.
13:35 < CuriousMind> cluelessperson: Oh I see
13:36 < CuriousMind> I don't know what to say. This is what it is
13:37 < CuriousMind> To be honest, I'm trying do freelance. I ain't got time for this bs lol
13:37 < CuriousMind> All this suing and exploitation. Not my nature
13:37 < CuriousMind> cluelessperson: I look at wireshark and I don't see Telnet packets. How come?
13:38 < cluelessperson> CuriousMind: telnet packets on which machine
13:38 < grawity> Wireshark won't call it "telnet" unless it's on port 23
13:38 < cluelessperson> CuriousMind: you have to 1. start the listener, 2. Start wireshark.  3. connect to the server from the client.  4. look in wireshark at the right port for the data
13:39 < cluelessperson> In wireshark, it'd show source/destination as your,   <mac_ip>   <windows_ip>  and port 8000
13:39 < cluelessperson> given previous examples/information.
13:39 < CuriousMind> I have all this set up lol
13:39 < cluelessperson> djph: sometimes I'm a fool.
13:39 < cluelessperson> djph: I'm stuck in this place, where I don't want to grow up, but I need to be grown up for certain things
13:40 < cluelessperson> it sucks
13:40 < bezaban> just grow up in your own way and ignore what others think you should be doing
13:40 < CuriousMind> 1. I did nc -l 8000 on mac, then 2. telnet <mac ip> <port> on pc, 3. "Login?" on mac, 4. "hunter2" on PC. 5. Search Wireshark for Telnet. None
13:41 < grawity> as I mentioned, Wireshark won't call it "telnet" unless it's on port 23
13:41 < grawity> (the protocol has very few distinguishing features, so Wireshark doesn't guess)
13:41 < winsoff> New problem! Probably not even a ##networking question, but I'm getting horrific throughput and latency from my desktop (it's on wifi with a USB dongle), and I can tell it's that problem because a simultaneous test from my laptop is doing fine.
13:41 < grawity> on any other port, it'll show up as a bare TCP connection
13:41 < winsoff> Pings as high as 2 seconds, sustained for multiple minutes.
13:41 < cluelessperson> CuriousMind: wireshark has to be be recording when you send the data.   You also don't want to search for "telnet" you want to filter for the port you're using
13:41 < CuriousMind> cluelessperson: I can relate
13:41 < cluelessperson> CuriousMind: You can set the telnet server to use   nc -l 23  instead, and maybe wireshark would work as he said? ^
13:42 < winsoff> Actually, be right back. I have an idar.
13:42 < cluelessperson> winsoff: pings to where
13:42 < cluelessperson> ass
13:42 < CuriousMind> cluelessperson: Ah ok. Thank you
13:43 < CuriousMind> cluelessperson: Yeah I can relate. But you either grow up or down. Immature or Mature
13:43 < cluelessperson> CuriousMind: why not both?
13:44 < CuriousMind> cluelessperson: We were born immature. We had that time, but now we have to be mature right?
13:45 < cluelessperson> CuriousMind: Nah.
13:45 < cluelessperson> CuriousMind: Better to be a warrier in a garden, than a gardner in a war.
13:46 < CuriousMind> cluelessperson: Trying understand
13:47 < Forst> Listening to port 23 or any other port <1024 requires admin privileges btw
13:47 < CuriousMind> I got everything working fine, thanks Forst
13:47 < Forst> Ah, alrighty
13:47 < CuriousMind> I am referring to the warrior in the garden analogy
13:47 < CuriousMind> Forst: Yes thank you :)
13:51 < cluelessperson> CuriousMind: it's better to be skilled, trained, and strong, in peacetime,    than to be weak when needed most.
13:56 < CuriousMind> cluelessperson: Oh sure
13:57 < djph> cluelessperson: get married, have a kid. holy crap do you have to grow up quick :)
13:59 < CuriousMind> I'm going to rest. cluelessperson I appreciate the help, I'll be back in an hour or so. Thank you so much
14:02 < dogbert2> hey djph
14:04 < djph> 'sup dogbert2
14:06 < dogbert2> gonna get in the bathroom in about 15 mins to get all the stubble off the old face...
14:06 < djph> yay for working from home and being able to rock a patchy beard
14:10 < dogbert2> heh...well, weekend wasn't long enuf...went into work at 4:30PM on Friday and left around 6:40AM saturday (bldg power down and solar panel hookup)
14:10 < djph> whee :)
14:10 < djph> wait - you added solar to the building?
14:10 < pihpah> docker run --rm -it -p 12000:12000 -v $(pwd):/usr/src/app node:7.4.0-alpine /bin/sh then curl localhost:12000 from the host gives: curl: (56) Recv failure: Connection reset by peer. Any idea what's wrong?
14:11 < djph> the peer doesn't wanna talk to you.
14:11 < pihpah> djph: why
14:11 < djph> also, docker.
14:11 < djph> no idea, read the logs.
14:12 < pihpah> I am getting: curl: (7) Failed to connect to localhost port 12001: Connection refused if I try to connect to an unallocated port.
14:12 < pihpah> iptables entries look fine.
14:13 < pihpah> What the Dickens
14:13 < dogbert2> yeah...will generate about 600,000 Khw
14:13 < djph> well, yeah, you won't get a connection if the box isn't listening on a port.
14:15 < fiet> Has anyone here have any experience with pocketethernet? Is it any good?
14:17 < drathir> !wth pocketethernet
14:17 < pihpah> djph: it does listen, I can connect to the service on that port from within the Docker container.
14:18 < djph> pihpah: you just said it fails when you try to connect to an unallocated port
14:19 < pihpah> The service listens on 12000.
14:21 < djph> so connecting to 12001 won't work, for hopefully obvious reasons.
14:21 < pihpah> c4a541eeae2a        node:7.4.0-alpine   "/bin/sh"           13 minutes ago      Up 13 minutes       0.0.0.0:12000->12000/tcp   elastic_villani
14:21 < pihpah> That's right.
14:21 < djph> the peer rejecting the connection is another thing entirely; and you would have to look at the peer's log to see why it's rejecting you
14:21 < detha> fiet: is that that network tester that lets you supply your own screen (aka cellphone) ?
14:22 < djph> ... assuming of course, the peer is actually logging why it's rejecting.
14:24 < varesa> Spent quite some time debugging why more or less all my VPN tunnels just flap up and down. Tweaked some timeouts, upgraded router software etc.
14:24 < varesa> Just noticed that some of the routers don't periodically even answer to ping from the internet
14:25 < varesa> Turns out that due to a misconfiguration the new router I added exported a default route via BGP to all the others in the VPN...
14:25 < drathir> varesa: ttl/mtu ?
14:25 < varesa> tunnel goes up -> BGP comes up -> no more traffic over the internet -> tunnels die
14:25 < detha> varesa: now you know what import filters are for ......
14:26 < varesa> detha: yup. Since I control all the ends so far export filters for RFC1918-only have been sufficient
14:26 < varesa> but I guess it wouldn't be a stupid idea to put in import filters for safety as well
14:29 < detha> I have a 'nodefault' filter on all remote nodes - safer. Still weird things can happen. This morning: "huh? why is traffic going A-C-B-Z instead of A-B-Z like it should? Hmm. OSPF between A and B is wedged. No idea why"
14:32 < varesa> I once had a "huh? Why is ping A-B ~300ms while it should be closer to 50ms"
14:32 < detha> Trombone routing?
14:33 < varesa> turns out that the tunnel for the shortest route had a wrong MTU on one end so it wasn't working
14:35 < varesa> and the next IPsec tunnel, for A-X-B was up but wasn't passing any traffic for whatever reason (manual reset fixed it)
14:35 < varesa> so it ended up going through a small site with wireless LTE connections, then going to AWS in the completely "wrong" direction geographically, finally landing at the destination. And the same in reverse
14:36 < detha> It still got through.... good routing
14:37 < djph> something about "the internet routes around problems"
14:38 < detha> 'the network routes around its operator's clumsiness' ? that was me this morning
14:39 < varesa> works most of the time, even with the operators touching it ;)
14:40 < detha> also, grr IPSec. traffic to one part of a /24 goes through. Another part doesn't. Turns out some client had connected to a backup concentrator, then back to main, and the backup for some reason still had a policy for a /29. And problem 1) caused everything to pass through the backup
14:52 < fiet> detha: Yes, that's the one. I currently have a Fluke ethernet tester, which costs about 10 times as much. I was wondering if it's worth its money.
14:54 < detha> fiet: I have no experience with it, I remember when it was announced, and I remember thinking 'no. not practical'
14:55 < fiet> detha: Exactly what I thought. The good thing about the Fluke is that it has a screen. Just turn it on and you're ready to go. The pocketethernet needs a lot of fiddling around before you can use it. I was wondering what the fiddling-around-to-usefullness-ratio is.
14:56 < djph> fiet: err-divide-by-zero
14:56 < fiet> djph: LOL
14:56 < djph> I mean, it's probably more useful than those LED-based testers, but that's about it.
14:57 < fiet> djph: Thos led-based thing are just cable testers. They're fine, but they stop at the physical layer.
14:58 < djph> fiet: that's kind of my point.
14:59 < fiet> djph: I always have one of those led-based things with me. Easy to use and do axactly what they need to do. For more fancy stuff I have the Fluke. But that is big bucks.
15:00 < detha> If it is also a cable certifier, mega big bucks
15:00 < djph> I saw the pocket-ethernet thing as a "I only have the LED testers right now, and can't afford a fluke" -- kinda like the sparkfun "make a $thing" project boards - sure, they're a step up from nothing; but ...
15:01 < djph> detha: IKR. Least I was able to cheap out and only go for the qualifier.
15:01 < HatBLACK> Hi
15:01 < djph> whatsit... the cableiq, I think?
15:13 < momomo> I need some instant help, please look at this email I sent to name.com for a new extension that is ongoing. There are pre sales, and there is a date where they are released to the public. In tiers. However, even later they do not have a the same price for all the domains? Has someone gone through all potential domains and set a fixed price, and what about the renewal fee?
15:13 < momomo> Here is my email to name.com support: https://imgur.com/a/wOGlxQI
15:16 < djph> momomo: none of us care.
15:18 < djph> momomo: and yes, different TLDs have different costs.
15:19 < momomo> djph: you seem to care
15:19 < momomo> can I pm you?
15:19 < djph> no
15:35 < Andrew_0010bit> Man...
15:35 < Andrew_0010bit> Shut down.
15:43 < AlexPortable> My WiFi sometimes stops working (no internet access while connected, or disconnects). Now looking in to the router webpage:  Sent 2759945, TX Packets dropped: 13740.... Received 1360067, RX Packets dropped: 21297, Errors: 94936
15:45 < shtrb> signal strength ?
15:45 < redrabbit> "instant help" never heard that one before
15:45 < AlexPortable> signal strength is good
15:45 < shtrb> noise ?
15:45 < AlexPortable> how to find out noise?
15:47 < shtrb> Check if you have others on the same bands (annoying kids with their gadgets  around you) , check if you have a Microwave/Dect/ feces like that running while the error exist
15:47 < shtrb> Is it reproducable ?
15:47 < AlexPortable> it's more like random
15:47 < AlexPortable> I dont know what devices my neighbours have
15:48 < AlexPortable> also doubt anyone would do that in the middle of the night
15:48 < shtrb> Any chatty appliance in your network ? (WiFi enabled DVR s)
15:48 < AlexPortable> just smartphones
15:48 < shtrb> Scan your net, and check if there are more other routers on the same channel
15:48 < AlexPortable> 'network' or 'wifi network' ?
15:49 < AlexPortable> one mac-address seems to pop up always
15:49 < shtrb> WiFi (like iwlist wlan0 scan )
15:49 < AlexPortable> 04:26:54 mac x associated.
15:50 < AlexPortable> 04:26:54 mac x secured and linked. 04:27:38 mac x disconnected for reason: Received Deauthentication
15:50 < mawk> last time I had to debug something like this in a company I gave up
15:51 < mawk> I made them buy new equipments
15:51 < mawk> with a support contract so that someone else takes care of it
15:51 < AlexPortable> dont really have money for that
15:51 < shtrb> AlexPortable, mid night disconnect from a phone ?  did you annoy some neighbor kid
15:51 < AlexPortable> no idea
15:51 < AlexPortable> is this an externally (neighbour kid) induced disconnect?
15:51 < Echo6> Anyone know what protocol the SonicWall Global VPN Client uses?
15:51 < shtrb> AlexPortable, it could be
15:52 < shtrb> Echo6, ipsec and SSL vpn
15:52 < mawk> you can assume ipsec Echo6
15:52 < Echo6> kk
15:52 < AlexPortable> what can others do to my network?
15:52 < Echo6> I figured that they just branded an existing.
15:52 < shtrb> Echo6, you use the SSLVpn it now works from linux
15:52 < detha> Echo6: ipsec, with some cisco-ish extensions
15:52 < redrabbit> Deauthentication attacks
15:52 < shtrb> AlexPortable, ^
15:53 < AlexPortable> hm
15:53 < AlexPortable> can it also be to a device having a wrong password?
15:53 < AlexPortable> like wifi pass changed and device keeps trying the old one
15:53 < shtrb> Echo6, I think you could do normal ipsec/l2tp client to connect the NSA appliance (their devices have several login options )
15:54 < shtrb> I gave up and used the linux client in a vm and routed network inside it
16:00 < AlexPortable> yep, received deauthentication (for multiple devices)
16:00 < AlexPortable> also my random disconnect is because of this
16:01 < AlexPortable> any way I can find out more?
16:01 < redrabbit> airodump
16:02 < redrabbit> tcpdump
16:02 < AlexPortable> in the middle of the night?
16:02 < shtrb> first step change a channel, second check if you can see that happen with a laptop /tablet or something that listen on the network with a monitor mode
16:05 < AlexPortable> so basically leave phone/laptop listening at night
16:08 < AlexPortable> channel is set to auto
16:10 < shtrb> Set in the router a channel which is not occupied by others , and yes (but you need another card or a device)
16:13 < MrNaz> if selecting between sfp+ modules that use cat6 and sfp+ modules that use fiber, should i have a preference, if the distance to be covered is just between racks, and no more than a couple of meters?
16:14 < MrNaz> i need to establish 10G ethernet links
16:15 < AlexPortable> cat6 is cheaper
16:16 < tds> at that distance, SFP+ DAC might also be worth considering
16:20 < AlexPortable> shtrb: so does the laptop needs to be connected to the wifi network? or can it just listen
16:24 < shtrb> just listen
16:24 < AlexPortable> hm, somehow when wifi is being disabled on a phone the router says the same
16:25 < shtrb> Maybe the client has issues ?
16:34 < djph> MrNaz: Fiber, or DAC.  cat6 SFPs are kinda 'meh'.
16:35 < MrNaz> it's a bit outside DAC range... i think DAC tops out at 3m and we will have quite a few of these links
16:35 < MrNaz> DAC cables are hard to route neatly due to thickness/stiffness
16:35 < djph> MrNaz: then fiber.
16:35 < MrNaz> any quantifiable values of "meh" other than "it's not what the cool kids are doing" ?
16:36 < shtrb> fiber don't really into bending and stuff
16:36 < MrNaz> latency? throughput?
16:36 < djph> I never said it was "easy" to route DAC.  I just said "DAC or fiber" were the best choices.
16:36 < djph> MrNaz: power, heat generation.
16:36 < djph> *power consumption
16:36 < MrNaz> oh wow... do sfp+ rj45 modules use a significan't amount of power?
16:37 < djph> MrNaz: no, but why use a copper one that pulls 2x the power as fiber?
16:37 < djph> (or whatever the difference is, I forget offhand)
16:39 < MrNaz> I don't know, that's why I'm asking =D
16:40 < djph> I mean, it's not a "huge" amount of power in either case (like 5-7W for copper, IIRC vs. 2-3W for fiber/DAC)
16:40 < djph> but hey, them watts add up, both on the power bill, and the cooling load.
16:41 < MrNaz> yea well the cost to acquire isn't meaningfully different
16:41 < MrNaz> well, rj45 patches are cheaper than fiber patches but whatever when you're building 10G networks the cost of patch leads is not the driving factor
16:42 < djph> Honestly, I just stick with SM fiber cards, since yeah, sure they're connecting 3-5m here today, but that doesn't mean I won't need to patch them in to that 150m shot tomorrow
16:43 < djph> excepting a couple DAC connections for "is this really what it's cracked up to be" (yes, yes it is)
16:44 < shtrb> are thermal insulation in server rooms a thing now ? (seen an ad for a company that does Thermal insulation for server rooms)
16:44 < djph> I guess so
16:44 < djph> I just dump all the heat into the receptionist's area.  They apparently want to melt, so happy to oblige :)
16:45 < mAniAk-_-> MrNaz: DAC for in rack connections using ToR or mid-of-rack switches (short DAC are thin), fiber between racks
16:45 < shtrb> What time to be alive :) per rack AC and and now full room isolation
16:45 < djph> shtrb: so, it's 1970 all over again
16:45 < shtrb> What have happened in 1970 ?
16:46 < shtrb> except Ireland wining the eurovision
16:46 < djph> shtrb: mainframe computer systems were typically done like that.  Granted, not "per-rack" AC, since there wasn't really "racks" of computers.
17:16 < shtrb> We are doomed to repeat historical mistakes, maybe someone will build a general purpose computing device
17:16 < shtrb> maybe one with modding options :)
17:24 < detha> shtrb: some would say this has already happened
17:24 < shtrb> By djph , the same was for isolated server rooms
17:25 < skyroveRR> Hi detha
17:25 < shtrb> we now just need to wait little bit and we get ISA again
17:25 < detha> hey skyroveRR
17:26 < detha> shtrb: wait, first we need to fully transform graphics cards into semi-dumb terminals, and disk controllers into FEPs
17:28 < shtrb> SoC and chromebooks ?
17:28 < shtrb> it's not that long we will be running dump terminals (chromebook are a step for that direction)
18:13 < shtrb> That moment when you listen to https://www.youtube.com/watch?v=P1XMyl-0_EE and the first thing you think of is a router being hacked
18:22 < djph> holy hell ssh is a complete nightmare
18:23 < shtrb> what have you done ?
18:24 < E1ephant> what's that?
18:24 < E1ephant> >make it stop
18:24 < E1ephant> observium | Query   | 21006 | updating | delete from syslog WHERE timestamp <= NOW() - INTERVAL 6 WEEK
18:25 < djph> shtrb: I haven't done anything. Server dudes did something crazy as fuck - changes in the test box don't seem to have taken in the same manner as prodbox this past weekend
18:26 < djph> on the upside, all the "this shit is broken" that I'm still fighting them about in test are ... all not a problem in prod
18:46 < E1ephant> gitlab or gogs/gitea?
18:50 < shtrb> why not local (git daemon and others)
18:52 < E1ephant> I have local now
18:52 < E1ephant> looking for offsite/shared (with web access?)
18:52 < shtrb> cgit ?
18:53 < E1ephant> looks p cool
18:54 < shtrb> but you reallly wish to see some cool stuff check phabricator (but with git integration)
18:55 < shtrb> *but if you really wish to see some cool stuff you can check phabricator
19:01 <+xand> I use gitlab... locally
19:01 <+xand> my own install
19:01 <+xand> also we have that at work
19:03 < shtrb> It's also dually licensed if you are into that stuff :)
19:04 < dminuoso> Hi. Is there any official specification from Cisco on the vendor specific attribute used across their hardware..
19:05 < shtrb> @cisco ?
19:05 < dminuoso> This is a sheer nightmare. Ive been going through their website for the better part of 2 hours, it's almost as if I simply have to buy a freaking cisco router and try it out to see what it might accept and send.
19:05 < dminuoso> (talking about RADIUS here)
19:06 < shtrb> What exactly is your question ?
19:06 < shtrb> Radius have AVP , it may expect something you are no sending
19:07 < dminuoso> I want a full specification from CISCOs vendor specific attributes for RADIUS.
19:07 < shtrb> dminuoso, what entity are you in the network ? and did you remember to have the exact secret (case sensetive !) with the other systems ?
19:07 < dminuoso> shtrb: I just want a specification from CISCO defining their exact VSAs used across their entire hardware fleet.
19:08 < shtrb> Cisco create many devices, that devices can operate in many ways
19:08 < shtrb> They do share their AVPs , I guess take radping (it has pre defined request you can play with )
19:09 < dminuoso> shtrb: I want a specification to write an implementation from.
19:09 < dminuoso> Not a gazillion amount of manuals.
19:09 < shtrb> dialin ? NAS ? 3GPP2 ? WiMAX ?
19:09 < dminuoso> Yes.
19:10 < shtrb> You need to develop support for each configuration
19:10 < shtrb> Why build if you can use freeradius ?
19:11 < dminuoso> shtrb: Because I want to avoid freeradius. ;)
19:11 < shtrb> dminuoso, https://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfrdat3.pdf but you need to be very specific with what you wish to do
19:12 < shtrb> that is vendor specific only, but you also need to maintaine the other flows (which you expect to handle)
19:12 < dminuoso> shtrb: Luckily we fleet only cisco hardware. ;)
19:12 < shtrb> no , it's not about other vendors it's about the configuration you need to handle
19:13 < dminuoso> shtrb: Well mostly it'll just be ip and lcp for protocol as far as I can determine at this point.
19:13 < shtrb> 3GPP <> 3GPP2 <> WiMAX <> VPN etc
19:13 < dminuoso> And for now these two protocols will be enough
19:13 < shtrb> you are going to have much fun
19:14 < dminuoso> shtrb: I have. My 300 lines of code server performs quite comparable to freeradius without the retarded hassle of programming arbitrary config.
19:15 < dminuoso> (I strongly believe that programmatic behavior should be modelled with code, not a weird stack of badly documented config, implicit behavior and shoehorned perl scripts)
19:15 < dminuoso> (Which freeradius is)
19:15 < shtrb> dminuoso, there are over two dozens of RFC that need to be handled by your "300 lines of code"
19:15 < shtrb> *RFCs
19:15 < dminuoso> shtrb: My goal is not a "one-size-fits-all" server.
19:16 < dminuoso> My goal is a bespoke radius server.
19:16 < dminuoso> ;)
19:16 < dminuoso> Or rather a library of combinators to quickly write arbitrary radius servers from
19:17 < shtrb> for a client sake , check ntradping
19:17 < dminuoso> shtrb: Im using freeradius client for testing at the moment.
19:17 < shtrb> but if you need just a client, and not sure what you do a simpler tool would be better
19:17 < dminuoso> shtrb: No Im writing a server.
19:19 < detha> dminuoso: alas, that is not how documentation from vendors like cisco works. Each version OS and each platform has its manual, and one little section of each manual may have the info you need. Some assembly required.
19:19 < shtrb> dminuoso, if you don't care to dig for ducmentation open tcpdump and record the requests (hope it's not encrypted) and see the correct flows you need
19:26 < electricmilk> Anyone know if it is possible to have failover VPN's for our wireless p2p on two sites connected via SonicWALL's?  I imagine I just create the site to site VPN's and create a route with a lower metric than the wireless p2p route but wanted to verify before I setup.
19:27 < electricmilk> I apologize I meant a lower administrative distance
19:27 < shtrb> electricmilk, first my condolenses and second you can use a dual wan router before it
19:28 < electricmilk> shtrb,  lol. Why the condolences? Because I'm using SonicWALL?
19:28 < shtrb> yes
19:28 < electricmilk> A dual WAN router?
19:28 < electricmilk> The SonicWALLs only have one WAN port
19:28 < shtrb> exactly
19:28 < electricmilk> hmm I have some reading up to do
19:29 < electricmilk> I'm stuck with the SonicWALLS I'm afraid
19:29 < shtrb> router with vDSL + MPLS ---- sonicwall
19:29 < electricmilk> They were part of a grant we received.  Honestly the new models aren't as bad as I expected
19:29 < electricmilk> Ah no..we can't afford MPLS. Small non-profit
19:30 < shtrb> s/MPLS/what ever you like/g
19:30 < electricmilk> Substitue MPLS with wireless p2p radios?
19:30 < shtrb> Why not ? If you have such a device
19:30 < electricmilk> We do
19:30 < electricmilk> Currently 3 buildings are connected via Ruckus radios
19:31 < shtrb> so if you can strap it with vDSL (or what ever other link you have) plug it into a dual wan router and connect that to your SonicWall device
19:31 < electricmilk> Was hoping to just setup site to site VPNS as a backup that failsover automatically.  What is the benefit of going with dual band?
19:31 < shtrb> I assumed you needed a failover because the wan goes down
19:32 < electricmilk> Nah.  I want a failover in case the wireless p2p goes down
19:32 < electricmilk> They actually work quite nicely but just want to be prepared.
19:33 < E1ephant> yeah floating static, or just dynamic routing protocol?
19:33 < electricmilk> If WAN goes down I just swap them over to the other buildings internet service
19:33 < E1ephant> can you do routed ipsec with gre on  sonicwall?
19:33 < E1ephant> if it'
19:34 < electricmilk> I only have 4 different subnets...should I still implement OSPF?
19:34 < E1ephant> s policy based you may need whatever the platform ahs for sla-tracking?
19:34 < electricmilk> NOt sure if it has GRE
19:34 < E1ephant> idk if it was more than two I would do dynamic routing, but that is just me.
19:34 < electricmilk> I suppose it wouldn't hurt
19:34 < E1ephant> static may very well work better in your environment based  on what and who is on hand
19:35 < electricmilk> Alrighty well I'll try setting up a site to site VPN and give it a go then
19:35 < electricmilk> First time setting it up on SonicWALL
19:36 < electricmilk> Thanks for your input
19:37 < shtrb> I still can't belive your wireless is stable enough that you trust it
19:37 < electricmilk> Especially since our phones are going through
19:37 < electricmilk> We can't afford MPLS though
19:38 < electricmilk> Plus the lack of QOS makes me hesitant to use VPN as primary
19:38 < dminuoso> detha: Mmm...
19:44 < detha> shtrb: wireless P2P can be very stable. However, I don't see how just a lower-priority route could work here, unless there is some magic for the SonicFail to get link state of the P2P
19:45 < shtrb> detha, hearing that *Sonicwall* wireless is stable
19:45 < shtrb> I need to connect at least once a month to the device to reboot it because it has "issues"
19:46 < detha> shtrb: the sonicwall does its own wireless? No. That cannot be stable.
19:47 < detha> It would however mean one does have link state
19:47 < shtrb> some sonicwalls (it's a brand that was resold ) have WiFi
19:49 < detha> I remember some of the older sonicwalls (before they became dell) had an option to have WAN with failover to a 3G USB stick. Can't remember how that worked tho
19:50 < ouemt> anyone got a 802.3at injector they like at a good price?
19:50 < shtrb> electricmilk, I just learned you can use the X ports as failover WAN
19:50 < electricmilk> Ah thanks
19:51 < electricmilk> We are using Ruckus radios for the wireless p2p
19:52 < electricmilk> I setup a route but just realized it only uses the route when accessing the other network....good point though on the SonicWALL getting the link state of the P2p
19:55 < shtrb> electricmilk, just a hint , you know you  should have paid customer service (which you paid for when you got your device) ?
19:56 < electricmilk> Good point
19:56 < electricmilk> God I struggle with understanding Indian accents though
19:56 < electricmilk> Nice people
19:56 < skyroveRR> o.o
19:56 < electricmilk> But for the love of God I can't understand them
19:56 < skyroveRR> We have our own accents....
19:56 < electricmilk> True
19:56 < skyroveRR> And I like it.
19:57 < skyroveRR> You an American, electricmilk ?
19:57 < electricmilk> Yes
19:57 < skyroveRR> You should be understanding us better then....
19:57 < electricmilk> Again, please don't think I'm shitting on Indian people
19:57 < shtrb> electricmilk, Indian accent is ok, having a support bot is a different thing
19:57 < skyroveRR> electricmilk: ok.
19:57 < electricmilk> They are some of the kindest people I've known
19:57  * shtrb after dealing with Dell US customer service 
19:58 < skyroveRR> Dell is BULL.
19:58 < electricmilk> oh god Dell support
19:58 < skyroveRR> :)
19:58 < skyroveRR> I don't buy their shit.
19:58 < electricmilk> Wasted HOURS to return a BROKEN monitor on arrival
19:58 < shtrb> I had excelent dell support (Bangaladesh and India) , the US was an issue
19:58 < electricmilk> Made me go through a million steps to prove it was broken
19:58 < electricmilk> Yea I'll just call SonicWALL
19:58 < skyroveRR> A monitor? Nothing matches AOC or LG.
19:59 < shtrb> It's not a human, it's a bot with some audio software
19:59 < shtrb> electricmilk, you should see the look people get when you say that you need to contact NSA support
20:00 < shtrb> or hear you speak with a support
20:00 < electricmilk> shtrb, look people get?
20:00 < electricmilk> I can always just do email support
20:00 < shtrb> electricmilk, no email if WAN stop working :p you need to call support
20:00 < electricmilk> You think they'd be willing to help out with a complicated setup question like this though?
20:01 < shtrb> electricmilk, https://www.sonicwall.com/en-us/products/firewalls/mid-range
20:01 < shtrb> electricmilk, and yes,they are nice when you get to them
20:01 < electricmilk> I just have a TZ300 and a TZ500
20:01 < electricmilk> I reached out to them once before and were super nice...just couldn't understand on both calls.  I'll try again and stop being such an asshole
20:04 < skyroveRR> :P
20:05 < shtrb> support people should be treated nicly , and answered correctly
20:05 < skyroveRR> Heh.
20:06 < d3l3k_> hey there does someone knows a nice VISUAL guide to iptables newbies?
20:06 < shtrb> do not fear the american cop, fear the forigen tech support that handle your data
20:06 < skyroveRR> If you make it a pain to even REACH them, it makes little sense, shtrb.... by the time he's heard a human voice after 5 mins of dialing numbers, you can be quite sure that you are talking to a customer who JUST WANTS TO TALK and is super-pissed.
20:06 < tds> d3l3k_: there are a few diagrams showing the default tables and chains
20:06 < tds> eg https://upload.wikimedia.org/wikipedia/commons/3/37/Netfilter-packet-flow.svg
20:07 < d3l3k_> tds: wow nice graph... so iptables uses netfilter or something like that?
20:08 < skyroveRR> d3l3k_: yes.
20:08 < shtrb> skyroveRR, I'm not sure you describe police officers or tech support
20:08 < skyroveRR> d3l3k_: iptables is just a front-end tool to netfilter.
20:08 < skyroveRR> shtrb: tech support, obviously.
20:08 < d3l3k_> thanks :)
20:09 < skyroveRR> d3l3k_: and of course, other people weren't completely satisfied with a command-line tool called "iptables", so they wrote their own GUI stuff, that makes stuff even more complicated to understand.
20:10 < electricmilk> I'm actually REALLY polite with support people
20:10 < d3l3k_> hmmm i understand
20:10 < electricmilk> Part of the reason I don't like speaking to people with a foreign accent is because I get embarrassed when I tell them to please repeat themselves
20:11 < djph> skyroveRR: and they weren't happy with that, so they wrote systemd
20:11 < electricmilk> I end up feeling really bad and often pretend that I understand them
20:11 < djph> electricmilk: don't do that.
20:11 < skyroveRR> djph: don't ignite an init holy war in here.
20:11 < djph> skyroveRR: meh, it's alright.  hasn't taken over emacsOS yet.
20:12 < shtrb> please don't talk about The project that shall not be named
20:12 < djph> ... hmm, what other holy wars .... Unity was a good idea! :P
20:12 < detha> djph: and then people weren't happy with things they had to manually configure, so they wrote docker and had it auto-generate chains
20:13 < shtrb> djph, you might get unity on windows now :P
20:13 < djph> detha: and then they were mad with docker, and ... er ... wait, there's a holy war with docker too?
20:14 < shtrb> docker for linux vs docker for windows ?
20:14 < detha> no, just a slight annoyance trying to decipher the iptables mess it generates. But then came k8s, to make an even holier mess
20:15 < djph> I thought docker was universally regarded as bad (well, except by millennials)
20:15 < shtrb> it's better than vbox
20:15 < detha> docker has its uses
20:16 < djph> shtrb: that's not really setting the bar very high
20:16 < detha> (however, downloading a 800MB base image to start with, then installing more cruft into it, and giving it persistent storage is not what docker was meant for...)
20:17 < djph> yeah, that sounds wrong
20:17 < djph> Although I can't really get interested enough in it to dig past the cnady-shell of marketing wank
20:25 < SporkWitch> shtrb: windows support, last i remember, actually runs a linux VM lol
20:25 < shtrb> WSL ?
20:25 < SporkWitch> no
20:25 < SporkWitch> and that's a useless, crippled pile of crap anyway
20:25 < shtrb> vbox/virtualpc ?
20:26 < SporkWitch> shtrb: i mean docker on windows literally runs a windows vm last time i looked it up
20:26 < shtrb> oh yes, docker windows can do stripped out windows (not fully)
20:26 < shtrb> it is also not compatiable with normal docker
20:32 <+catphish> morning
20:33 < admiralspark> morning catphish
20:37 < GenteelBen> Windows Subsystem for Linux: the power of the NT kernel with all your favourite GNU apps.
20:39 < detha> Almost there. Total enlightenment will be reached when windows service manager can be replaced by systemd.
20:42 < at0m> first it needs proper pulse-audio.
20:44 < shtrb> detha, let not talk about The project that shall not be named
20:44 < shtrb> at0m, and It exists (pulse can run under win10)
20:45 < at0m> shtrb: yea i've run pulse on a windows box before. painstakingly.
20:45 < at0m> (and pulse and systemd are both written by, yea)
20:46 < shtrb> some people do base jumps at0m installed pulse on win10 :D
20:47 < at0m> i haven't touched win10.. yet
20:47 < at0m> when i grow up maybe.
20:48 < shtrb> <at0m> shtrb: yea i've run pulse on a windows box ??
20:48 < shtrb> did you setup it on win 8.1 ?
20:48 < at0m> not win10
20:48 < at0m> tried on xp iirc, many years ago
20:48 < shtrb> pulseaudio existed during good old XP days ?!
20:49 < at0m> no, my xp outlasted yours ;p
20:50 < at0m> i needed it for some specific task so dragged it till my hw broke down
21:01 < redrabbit> xp lmao
21:02 < redrabbit> i kept it till eos
21:03 < electricmilk> Ugh I still have to support old XP boxes
21:04 < electricmilk> Aren't a lot of ATM's in third world countries still running off XP?
21:04 < shtrb> wait little bit and it will be as stable as 98
21:05 < shtrb> good luck having a user to handle that or 3.11
21:05 < electricmilk> Luckily the boxes aren't on our network
21:05 < shtrb> even if he logs in he will not know how to handle
21:05 < electricmilk> We provide computers to families in our Shelter and they received old XP boxes to be used for school work.
21:06 < WeirdTolkienishF> a lot of hospital equipment still uses XP
21:07 < fstd> ATMs too
21:08 < shtrb> shelters ?
21:08 < shtrb> like in homeless and help for the need shelters ?
21:14 <+catphish> i always thought XP was an odd choice for embedded devices, but obviously it works well
21:14 < djph> electricmilk: you monster.
21:17 < at0m> sound and lights dude i work with still has a 98 machine for his DMX/lightshow. and don't anyone try to break that machine. does the job.
21:17  * Emperorpenguin feels the itch to run Windows update on that thing
21:18 < Emperorpenguin> Heh remember when windows update ran entirely inside the browser?
21:18 < Emperorpenguin> The madness
21:18 < Emperorpenguin> It was like up to... Xp sp2?
21:20 < shtrb> As if the new one is not a wrapper over cabextract-new-implementation
21:21 < at0m> Emperorpenguin: nope, that machine doesn't do any ##networking
21:23 < ash_work> am I reinventing the wheel by deploying an isc-dhcp-server container to handout specific pxe scripts for specific mac addresses?
21:23 < shtrb> apt-geting is no considered to reinvent the wheel ?
21:23 < Apachez> ash_work: use ipxe and you will have my blessing
21:24 < Apachez> on the third day God invented apt-get
21:24 < Apachez> so he could take a smoke on the 7th day which he then called "Sunday"
21:24 < ash_work> Apachez: I'm not sure what you're getting at exactly... are you encouraging me or saying 'yeah, good luck with that'
21:24 < shtrb> first he had to setup locale and tzdata
21:25 < Apachez> ash_work: whatever floats your boat, I used ipxe successfully in a project not long time ago
21:25 < Apachez> to have linux images to boot over network
21:25 < Apachez> good shit :)
21:25 < Emperorpenguin> Yeah it's great
21:26 < Emperorpenguin> I have clonezilla booting off pxe at home
21:26 < ash_work> ok... so what was your setup exactly? I mean do you have a dedicated dhcp server your clients connect to for the ipxe script?
21:26 < Apachez> but I had to modify casper in ubuntu to make ubuntu http compliant for booting
21:26 < ash_work> Emperorpenguin: same q ^
21:26 < shtrb> what about a good old tft server ?
21:26 < Apachez> dedicated dhcp which tells the clients the pxe stuff
21:26 < ash_work> okay, so that basically sounds like what I'm doing
21:27 < Apachez> they then fetch a precompiled (contains a custom script which then fetches another scrpit through http) pxe boot image (like 100kbyte or so is the pxe image) through tftp
21:27 < Apachez> once it boots it fetches this 2nd script through http which then tells the client which files to fetch and finally boot from
21:27 < ash_work> Apachez: did you have to do anything with `bootp` ?
21:27 < Apachez> this way when I need to change something I dont have to recompile the pxe image
21:27 < Apachez> I just modify this 2nd script
21:28 < Apachez> anyhow
21:28 < Apachez> thanks to switching to http the download is so much faster
21:28 < shtrb> ash_work, you need to install tftpd and put the files on an acceibale location
21:28 < Apachez> so booting a 1.5GB image takes roughly 20 seconds or so
21:28 < Apachez> from poweron of the client until the client have a ubuntu desktop ready to be used
21:29 < ash_work> shtrb: same q ^
21:29 < Apachez> 1) client gets dhcp, through this the client is also informed about pxeboot options
21:29 < Apachez> 2) client fetches pxeboot image from the tftp server (100kbyte or so)
21:29 < Apachez> 3) client then fetches (instructed in pxeboot image) a script from a http server
21:29 < ash_work> Apachez: I'm aware of the logistics, it's the actual conf I am more asking about
21:30 < Apachez> 4) client then fetches whatever files this http based script tells it to and then finally boots it
21:30 < electricmilk> shtrb,  yes.  I work for a non-profit that assists the homeless and poor.
21:31 < ash_work> hmm
21:33 < shtrb> electricmilk, there where some LUGs in the past the assisted such projects so you could get some extra help(and hardware) from there as well
21:33 < Apachez> ash_work: enjoy! https://pastebin.com/xdN25Aca
21:33 < ash_work> Apachez: thanks
21:33 < Apachez> the instructions is for ubuntu 16.10
21:33 < Apachez> but you can probably alter them to whatever linuxdistro you wish to run
21:33 < electricmilk> shtrb,  LUGs?
21:34 < shtrb> linux user group
21:34 < Apachez> I havent verified if casper in 18.04 is fixed yet but since my bugreport is still open I guess ubuntu crew still (2 years later) didnt fix it
21:35 < electricmilk> shtrb,  yea?? Sadly we're all Microsoft based.  Microsoft has been really generous though..and I've had success with some grants from organizations for hardware.  Do you know which groups might help?
21:37 < shtrb> That depend on your area, there also hackathons and install parties , depending on your area you might find something (local to you)
21:39 < electricmilk> Thanks for the tip
21:39 < shtrb> great https://www.linux.org/xfa-groups-home/ give me a 404
21:45 < Apachez> ash_work: was it of any help?
21:46 < ash_work> some what... I'm mapping out a topology right now so I haven't scrutinized it... I'll mainly be using alpine containers on rancherOS
21:46 < ash_work> (for both clients and the server)
21:53 < ash_work> Apachez: I'm thinking about this: http://g.jk.gs/Gp.png
21:54 < Apachez> sidenode: was that graphviz?
21:54 < ash_work> Apachez: yes
21:54 < ash_work> http://g.jk.gs
21:56 < ash_work> Apachez: or possibly this http://g.jk.gs/Gq.png
21:57 < ash_work> with DHCP off on the router
21:57 < ash_work> I guess
22:01 < ash_work> any input on topology would be helpful
22:17 < nojeffrey> Trying to switch over to MST from PVST, when I do I get a few ports put into blocking mode, but I lose connectivity to a 2nd switch, checcking the cables I can only see one link going across to this 2nd switch, any way I can find out what port it thinks it's using to get to this 2nd switch?
22:20 < myth0d> hey guys, can i hot plug an SFP+ adapter?
22:24 < fstd> do you have a spare one at hand to look at?
22:24 < shtrb> Isn't SFP+ like any other cable ?
22:25 < Apachez> depends on the device you are plugging into
22:25 < Apachez> most are hotpluggable
22:25 < Apachez> but some requires reboot
22:26 < Apachez> and even fewer requires you to switch off your device before plugging the module in
22:26 < shtrb> oh nice to know
22:27 < Apachez> so read the manual first before you are burning up modules :P
22:27 < shtrb> What I meant with like any cable is , do not unlplug any cable that could hold a load
22:28 < Apachez> yeah unplug the cable first before you unplug the module
22:29 < Apachez> many modules have like a ehm
22:29 < Apachez> u formed metal piece
22:29 < Apachez> which you pull down before you can unplug the module
22:29 < Apachez> this way you have something to hold onto
22:29 < Apachez> and pulling it down will detach the modules like 2-3mm from the device
22:30 < Apachez> but many highspeed modules have a separate pullthingy
22:30 < Apachez> becuase it turned out to be shitty if that small metal piece broke because you were too violent
22:31 < Rom3oCrash> noobtwork is back: if i have the subnet bla.bla.bla.bla/24 and a firewall rule that allow me to go to an other network. If the subnet become a /23 i need to change the firewall rule or i'm steel able to reach the other network ?
22:34 < Forst> you'll only be able to reach the part that fits into the original x.x.x.x/24
22:35 < Rom3oCrash> I suspected it, thanks
23:04 < luxio> how do games like pubg/fortnite handle 50 concurrent players in the same match?
23:05 < E1ephant> luxio: what resource contraint do you think they would run into first?
23:07 < luxio> I don't know but I'd imagine with more connections there would be more latency
23:07 < WeirdTolkienishF> most processing occurs locally i would guess
23:07 < WeirdTolkienishF> which is why hacks exist
23:07 < WeirdTolkienishF> just the minimum information is exchanged with the central server
23:27 < Apachez> why would it?
23:27 < Apachez> most realtime games have an internal tickcounter
23:27 < Apachez> often around 100 cals/sec
23:27 < Apachez> calcs
23:27 < Apachez> so each user movement is calculated 100 times/sec
23:27 < Apachez> with 50 concurrent users thats 5000 times/sec in total
23:28 < Apachez> sure there is collission detection and objects to interact with etc
23:28 < Apachez> but this isnt really anything hard for a modern cpu
23:28 < Apachez> note that the server doesnt have to render the graphics, only the game engine stuff
23:29 < cluelessperson> Apachez: it's calld a "tick rate" :)
23:29 < Apachez> whatever floats your boat
23:29 < Apachez> in cs its called cmdrate
23:30 < Apachez> anyhow
23:30 < Apachez> latency only increases if the server have too much to do
23:30 < Apachez> like if you have a quad core cpu and runs like more than 8 concurrent servers on this cpu
23:30 < Apachez> with 50 users each
23:31 < Apachez> each user will consume roughly 100kbps
23:31 < Apachez> thats including voip
23:31 < ||cw> back when i ran a UT99 server it took about 16 players to max out a T1 connection, then latency would increase.  the P3 450 didn't stress much over that though
23:31 < Apachez> and then you want some bps for when users downloads maps from the server unless you run with standard maps
23:31 < OmNomDeBonBon> Damn, UT99.
23:31 < Apachez> those were the days :P
23:32 < OmNomDeBonBon> ||cw: I watched a video of UT2k4 yesterday and to me it looked like how I remember UT99 looking.
23:32 < Apachez> back in ut99 you didnt have voip and shit I think?
23:32 < OmNomDeBonBon> So UT99 must look much much worse than I remember it.
23:32 < OmNomDeBonBon> We used to play UT99 in the office.
23:32 < OmNomDeBonBon> I used to follow my boss around on the map and keep killing him over and over.
23:32 < ||cw> great game, protocol was all wordy text based, which was easy to parse but not very efficient
23:32 < Apachez> glfx :)
23:32 < Apachez> voodoo2 cards were amazing
23:32 < Apachez> already voodoo1 was amazing
23:32 < Apachez> with glquake
23:32 < Apachez> and that formula 1 game
23:32 < OmNomDeBonBon> This was on really basic ATI cards made for multi-monitor.
23:32 < Apachez> it was like jawdropping
23:33 < OmNomDeBonBon> They had just enough GPU horsepower to run UT99 at low quality.
23:33 < ||cw> yeah, the first Unreal on a Voodoo2 or better looked amazing for the time.
23:34 < GenteelBen> I recently saw a video of some guy who 3D printed (I think? Unless he soldered everything on an enormous PCB) the Bitchin' Fast GPU from the 90s.
23:34 < GenteelBen> https://www.youtube.com/watch?v=ZmCEXbspWuI
23:34 < GenteelBen> "Testing the BitchinFast 3D 2000!!!"
23:34 < Apachez> bitchin fast?
23:34 < Apachez> like the bitboys vapourware? :)
23:34 < GenteelBen> That famous magazine advert joke.
23:34 < ||cw> it was one of the first to do scripted real time engine rendered cut scenes
23:34 < GenteelBen> This thing: http://vgamuseum.ru/wp-content/gallery/bitching-fast/bitchin.jpg
23:35 < GenteelBen> If it wasn't for miners, I'd be livin' la vida loca with a 1080 Ti right now.
23:36 < GenteelBen> My first real GPU was some integrated laptop GPU. 2MB frame buffer, I forget what the OEM was.
23:36 < GenteelBen> This was the mid-90s so probably ATI?
23:36 < GenteelBen> And no sound card, so I gamed like a deaf person.
23:39 < aaa__> lol
--- Log closed Tue May 08 00:00:12 2018