--- Log opened Wed May 16 00:00:21 2018 00:08 < NubNub> ____ . _ . 00:08 < NubNub> /# /_\_ |\_|/__/| 00:08 < NubNub> | |/o\o\ / / \/ \ \ 00:08 < NubNub> | \\_/_/ /__|O||O|__ \ 00:08 < NubNub> / |_ | |/_ \_/\_/ _\ | 00:08 < NubNub> | ||\_ ~| | | (____) | || 00:08 < NubNub> | ||| \/ \/\___/\__/ // 00:08 < NubNub> | |||_ (_/ || 00:08 < NubNub> \// | | || 00:08 < NubNub> || | | ||\ 00:08 < NubNub> ||_ \ \ //_/ 00:08 < NubNub> \_| o| \______// 00:09 < NubNub> /\___/ __ || __|| 00:09 < NubNub> / ||||__ (____(____) 00:09 < NubNub> (___)_) 00:09 < NubNub> ________ 00:09 < NubNub> /\ \ 00:09 < NubNub> / \ \ 00:09 < NubNub> / \ \ 00:09 < NubNub> / \_______\ 00:09 < NubNub> \ / / 00:09 < NubNub> ___\ / ____/___ 00:09 < NubNub> /\ \ / /\ \ 00:09 < NubNub> / \ \/___/ \ \ 00:10 < NubNub> / \ \ \ \ 00:10 < NubNub> / \_______\ \_______\ 00:10 < NubNub> \ / / / / 00:10 < NubNub> \ / / / / 00:10 < NubNub> \ / /\ / / 00:10 < NubNub> \/_______/ \/_______/ 00:10 < NubNub> ###### 00:10 < NubNub> ########## 00:10 < NubNub> ###### _\_ 00:10 < NubNub> ##===----[.].] 00:10 < NubNub> #( , _\ 00:10 < NubNub> # )\__| 00:10 < NubNub> \ / 00:10 < NubNub> `-._``-' 00:10 < NubNub> >@ 00:10 < NubNub> | 00:10 < NubNub> | 00:10 < NubNub> | 00:11 < NubNub> | 00:11 < NubNub> | 00:11 < NubNub> | 00:11 < NubNub> | 00:11 < turtle> woot 00:12 < NubNub> woo woo 00:13 < kiokoman> i love ASCII art 00:13 < kiokoman> the second must be cubism 00:18 < NubNub> I even have the save icon 00:18 < NubNub> .---------------------------------. 00:18 < NubNub> | .---------------------------. | 00:18 < NubNub> |[]| |[]| 00:18 < NubNub> | | | | 00:18 < NubNub> | | | | 00:18 < NubNub> | | | | 00:18 < NubNub> | | | | 00:18 < NubNub> | | | | 00:18 < NubNub> | | | | 00:18 < NubNub> | | | | 00:18 < NubNub> | | | | 00:18 < NubNub> | `---------------------------' | 00:18 < NubNub> | __________________ _____ | 00:18 < NubNub> | | ___ | | | 00:18 < NubNub> | | | | | | | 00:18 < NubNub> | | | | | | | 00:18 < NubNub> | | | | | | | 00:19 < NubNub> | | |___| | | | 00:19 < NubNub> \_____|__________________|_____|__| 00:19 < phinxy> Do you mind sharing these dapper ascii arts with me? 00:19 < turtle> do a goatse do a goatse 00:21 < NubNub> ,aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 00:21 < NubNub> d' 8 00:21 < NubNub> ,P' 8 00:21 < NubNub> ,dbaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa 8 00:21 < VincentHoshino> hah how many years has it been since I last saw a 1.44MB 3.5" "Floppy" 00:21 < NubNub> 8 d"8 8 00:21 < NubNub> 8 d' 8 8 00:21 < NubNub> 8 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaad' 8 8 00:21 < NubNub> 8 8 8 8 8 8 00:21 < NubNub> 8 8 8 8 8 8 00:21 < NubNub> 8 8 ,8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa8aaa8 8 00:21 < NubNub> 8 8 ,P 8 00:21 < NubNub> 8 8,P 8 00:21 < NubNub> 8 8baaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaad' 00:21 < NubNub> 8 d' 00:21 < NubNub> 8 d' 00:21 < NubNub> 8aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaP' 00:22 < koala_man> at the time when stores stopped carrying floppies, I went through my stack to find one to install openbsd, and out of ~20 only 2 were completely free of errors. What's up with that? 00:22 < koala_man> shitty brand, poor storage or what? 00:23 < E1ephant> magnets? 00:23 < VincentHoshino> or bad read head 00:23 < koala_man> huh, could have been my drive. didn't even consider that 00:23 < Maarten> VincentHoshino, I can't remember, but the last PC that actually HAD a floppy drive in it still was one I bought in 2002. When I built a new PC in 2006, I opted not to put one in and no PC of mine has had one since. Hell, I have ONE PC left that has a DVD-RW.... 00:25 < VincentHoshino> yep CD/DVD has gone the way of the floppy now.. system I built in 2003 did not have a floppy drive.. system I built in 2009 had no CD/DVD 00:25 < Apachez> doctor: [handing me my new born baby] I'm sorry but your wife didn't make it 00:25 < Apachez> me: [handing baby back to him] bring me the one my wife made 00:26 < mmlj4> do you have a ban icon? 00:26 < VincentHoshino> usb flash drives have won... for now 00:28 < Maarten> yeah.... I have one of them sturdy metal USB keys on my keychain, its 128 GB.... or, ehhrm... (grabs calculator) 188,000 floppies. ;) 00:28 < NubNub> I remember installing windows 95 on a set of 50 install icons 00:29 < NubNub> save icons even 00:29 < z3t0> hi all I am learning about VMs and ESXI 00:29 < fstd> oh look at Mr fancy pants with his newfangled 720 KB floppies 00:29 < Maarten> NubNub, yeah! I think it was 27 or so 1.44 MB floppies, although I think they were actually formatted to 1.6 MB to make them "less copyable" - only the first one wat 1.44 to make it more compatible to boot. 00:30 < z3t0> So far my workflow is connecting to a server using rdp and then ssh'ing into the vm from there using Putty 00:30 < z3t0> How would I configure it so that I could directly ssh into the vm from my dev machine 00:31 < kiokoman> Microsoft Office ->> 35 floppy 00:32 < NubNub> Maarten: ha, yeah thank goodness for not having to do that anymore. 00:33 < mmlj4> 640 thousand floppies ought to be enough for anyone 00:34 < Maarten> NubNub, OS/2 Warp was like 25 floppies too or so ;) I wish that would have caught on more! 00:34 < mmlj4> I still have my warp 3 box 00:34 < mmlj4> for what, I have no idea 00:35 < VincentHoshino> heh this game was something like 10-12 disk https://en.wikipedia.org/wiki/Aces_of_the_Pacific 00:38 < NubNub> https://en.wikipedia.org/wiki/Ascendancy_(video_game) 00:46 < SporkWitch> anyone know how i might find out what version of the NTP protocol is in use by a given version of HP firmware? 00:50 < nub> alright, so can someone go back and forth with me on some QoS stuff 00:50 < nub> i'm having a hard time finding the practical differences in shaping vs queueing in a cisco environment 00:50 < nub> and finding the answers to theses types of questions is proving very difficult 01:08 < Apachez> NubNub: or when installing 3dstudio r4 :) 01:08 < Apachez> 30 or so 1.44MB floppies 01:08 < Apachez> until I created a smartdrv script 01:08 < Apachez> which installed the floppies from the hd :) 01:08 < Apachez> daaaaaaaamn that was suddently fast 01:25 < fnDross> Apachez: you should add drive head sounds during the install process 01:38 < Apachez> fnDross: the drive had its own heads 01:38 < Apachez> 9.1GB back then :) 02:51 < fnDross> Apachez: heh you could probably stored the whole internet at that point on there 02:51 < fnDross> now its just the small end of facebooks tracking data 04:23 < Pimpernel_> test 07:22 < Thanos> would you guys recommend pi-hole? do any of you use such a thing? 07:42 < ch01by> thanos 07:42 < ch01by> pihole is highly recommended by the savvy, but there are public dns servers that block all non-porn content 07:43 < ch01by> let me get it one sec Thanos 07:57 < lolusux> Hi, what is typical depth of rack mount servers? 08:02 < lolusux> i have a cabinet 08:03 < lolusux> its depth is 850mm 08:09 <+pppingme> lolusux varies.. most can even be ordered with different specs 08:16 < nojeffrey> Thanos doesn't block youtube ads :( 08:17 < lolusux> pppingme, i have a ups that i want to mount, its depth is 25.5inches, so i have to adjust my rack internal dimension accordingly 08:18 < lolusux> but in future if im buying a server, will it also fit? 08:18 <+pppingme> servers vary in depth 08:18 < Thanos> nojeffrey: I never see youtube ads. I just use regular adblock stuff. 08:18 <+pppingme> so that'd be a great big.... maybe 08:37 < nojeffrey> +pppingme mobile devices? Thats the only reason I tried pihole to block mobile ads and it didnt work 09:06 < veegee> Hi all, question about ethernet cable. It seems every type of cat5e cable I buy has an insulation that feels like a loose jacket 09:06 <+xand> yes it is loose 09:06 < veegee> it doesn't feel like it's fitting tight around the twisted pairs 09:06 <+xand> it's fine 09:06 < veegee> however, the two cat6 cables I have feel tight 09:06 < veegee> I like that tight feeling 09:07 < veegee> is that intentional, or are those two cat6 patch cables I have just weird? 09:08 <+pppingme> most cat6 cables have a spacer/divider, cat6 also uses a larger wire (23 guage) vs cat5e (24 guage) 09:08 < veegee> The cat6 I have is 24 gauge 09:08 <+pppingme> then its not cat6, I don't care what its marked 09:09 <+pppingme> the EIA/TIA standards for Category 6 cables require 23AWG, NOT 24 AWG 09:10 <+pppingme> is this cable you bought bulk off ebay or something? 09:11 < veegee> pppingme can you link me to the spec? Can't seem to find anything to confirm that it must be at least 23AWG thick 09:11 < veegee> I got this a long time ago, no idea where 09:11 <+pppingme> its the standard, look it up.. 09:11 <+pppingme> easy to find on google... 09:11 <+pppingme> and reputable companies only put out 23 guage 09:12 <+pppingme> your junk cable is probably CCA cable as well 09:13 < veegee> https://web.archive.org/web/20130928011018/http://www.cat6.com/overview/standards.aspx 09:14 < veegee> Are you sure about the 23AWG? 09:15 <+pppingme> Its not even a question, its the standard, plain and simple. 09:16 <+pppingme> finding a page on archive.org from an out of business site isn't exactly a good source of info 09:16 <+pppingme> in fact, just the opposite, crap info, crap work, they are out of business 09:18 <+pppingme> http://blog.tektel.com/cable-gauge-the-difference-between-cat6-23awg-cat6-24awg/ 09:20 < ^7heo> damn those imaginary units 09:20 <+pppingme> Its also the reason that most PoE device specs now require cat6, because proper cat6 is 23 guage and can handle more current 09:20 < quesker> crap I bought a ton of these and they are 24 https://www.amazon.com/gp/product/B00EUHRLF6/ref=oh_aui_detailpage_o01_s00?ie=UTF8&psc=1 09:21 < quesker> looks like their 250 foot and longer are 23 09:21 < ^7heo> this conversation makes my eyes bleed 09:21 < ^7heo> laters 09:34 < veegee> http://innovave.com/wp-content/uploads/2016/01/TIA-568-C.2.pdf 09:34 < regdude> how can a 24 gigabit switch have 90Gbps switch capacity? 09:35 <+pppingme> you mean a 24 port gigabit switch? 09:35 < regdude> yes 09:35 <+pppingme> does it have higher speed "uplink" ports, or is it a stackable switch? 09:36 < regdude> pppingme: so vendors actually calculate the switch capacity including stacked switches? 09:37 <+pppingme> if you want the whole stack to achieve a certain speed, then all backplanes within the stack would have to be able to achieve the same speed 09:38 < veegee> pppingme looks like you're wrong 09:39 < veegee> nowhere does it say 23AWG minimum for cat6 09:39 < detha> regdude: that's what happens when you let sales near the specs. The backplane may be able to do 90Gb/s, but in practice best it can do is 48Gb/s (24 ports times 2 flows) 09:39 < regdude> detha: though so, thanks! 09:40 < veegee> Looks like 22-26AWG is acceptable for cat6 09:40 < regdude> detha: wait, why you multiple port speed by 2? 09:40 < detha> one flow in, one flow out 09:40 < ahyu84> hi 09:40 < regdude> is that how everyone calculates switch capacity? 09:40 < ahyu84> anyone can help regarding ransomware? 09:40 < detha> (that's sales calculation method) 09:41 < ahyu84> my server infected Dharma ransomware 09:41 < regdude> keep forgetting that... 09:41 <+pppingme> regdude its full duplex, it can send AND receive 1gig at the same time (marketers sometimes and incorrectly will occactionally call this 2gig 09:41 < ahyu84> my server don have any backup solution 09:41 < ahyu84> so now how do I decrypt the data? 09:42 < detha> ahyu84: you don't. You learn from the experience, pave it over, and have backups for the next time it happens. 09:42 < regdude> pppingme: of course full duplex, but it is very annoying that some decide to multiply the port speed by 2 to get the capacity (not even talking about real-world capabilities of a swithc chip) 09:43 < detha> regdude: welcome to a world full of vendors/sales people 09:44 < regdude> detha: why haven't the sales people hanged themselves after learning all the possible parameter names, life much easier 09:44 < detha> regdude: one can dream 09:44 <+pppingme> veegee in a way, thats a generic document, in ALL CASES it refers to other standards and references, follow ALL of them through 09:45 <+pppingme> the only time it refers to a "range" it also refers to multiple standards 09:45 < rfuentess> ahyu84, it's seems that some master keys were leaked : https://www.bleepingcomputer.com/news/security/alleged-master-keys-for-the-dharma-ransomware-released-on-bleepingcomputer-com/ 09:45 < rfuentess> (of course, assuming the variant that hit you didn't change them ) 09:49 < regdude> so how do you guys think is correct (or most decent vendors) represent the switch capacity? Ports*Speed*2 or Ports*Speed ? 09:50 < detha> veegee: that document does specify max. DC resistance per segment. I haven't done the math, but it may well be you cannot meet that unless you go for a minimum wire size (or something with better conductivity than copper) 09:50 < ahyu84> thanks @rfuentess 09:50 < skyroveRR> In the simplest sense, what is a backplane in a network switch? 09:51 < regdude> skyroveRR: the switch chip to which all ports are connected to 09:51 < skyroveRR> The ASIC? 09:51 < regdude> yes 09:52 < detha> regdude: I would think the spec should give throughput with as many flows as is can handle, specify '> 24Gb/s' for the backplane if the switch can handle full line rate 09:53 <+pppingme> regdude not all switches can handle all ports at full duplex speed.. and there isn't always a need too either. 09:53 < detha> The whole 'multiply by 2' thing is a sales trick to count each flow twice, once when it comes in and once when it goes out 09:53 < skyroveRR> regdude: so, suppose I take a 24-port gigabit switch into account, from what I've seen in the internals, about 8 ports are dedicated to a one chip, and the next 8 ports to another.... so, does that mean 3 backplanes? 09:53 < ahyu84> @rfuentess: Done with kaspersky/avast decrypt tool, doesn't decrypt my data 09:54 < regdude> pppingme: I have seen another term that is "switch bandwidth" which is represented as multiplied by 2 09:55 < rfuentess> ahyu84, then sadly probably there is not more to do. Those are the risks of not having properly backups 09:55 < detha> skyroveRR: for calculations, there is one backplane, which runs between the 3 chips 09:56 < regdude> detha: have you noticed how does the majority do it? When large companies make a query, they just check the specs and they don't go into details. If a switch capacity is 2 times smaller, then why buy this crap. Marketing trick 09:56 < ahyu84> @rfuentess: :'( 09:57 < detha> regdude: yeah. In most companies, it's not the engineers that make the purchasing decisions, but some manager or the finance/procurement department. 09:57 < regdude> skyroveRR: I think you are talking about one specific device. Not always there are 3 backplanes, in most cases they are simply visually divided for design purpose 09:58 < detha> regdude: there's some standard 8-port ASICs out, a lot of the cheap switches just use as many of those as needed 10:00 < regdude> detha: I guess that depends on the specific device, some are PoE switches and uses PoE controller circuits and they must be divided to reduce heat, but switching fabric is one 10:00 < regdude> switch problems, everyone thought only wifi has problems 10:01 < detha> regdude: yup, up to the switch designer 10:02 < detha> switches have problems too...... I have one switch that randomly doesn't update its MAC tables when a VM moves from one host to another, I have to manually delete the entry before it realizes that MAC is now on another port 10:04 < regdude> that sounds like a bug in the switch fabric, have seen some bugs as well, for example, forwards traffic nicely, translate VLAN to 4094 in Port 7 and Port8->Port9 stops forwarding 10:04 <+pppingme> detha is the vm sending out any traffic after the move? 10:06 < detha> pppingme: yup. Even when I get through the VM through the console, and try to ping things, switchs keeps the MAC stuck on the old port until that entry times out 10:06 < detha> Bug in the switch/MST handling or something 10:07 <+pppingme> you sure the switch doesn't have some "security" feature that locks a mac to a port once seen? will it eventually time out and switch without intervention? 10:08 < detha> It will, in 5 minutes or so. And it is intermittent - move 5 VMs, 4 will work fine, one will be stuck on the old port 10:09 < detha> Move them back, another one or two will be stuck on the new port. 10:42 < easy_ref123> Hi - any experience configuring ubiquiti switches over serial/console? 10:42 < easy_ref123> I'm wondering how i navigate and cat files 10:47 <+pppingme> detha yeah, thats really sounding like a bug to me.. all this is on the same switch? 10:48 < detha> pppingme: yes, just on this one switch 10:48 <+pppingme> what switch is it? 10:48 < detha> an older edge-core L2 one, can't remember the model offhand 10:49 <+xand> easy_ref123: don't you get a normal shell prompt? 10:50 < detha> one of those 'it's only a problem when we have to migrate VMs around because the vm host wants a new kernel, not worth spending too much time on' 10:50 <+xand> though depends if they are Edge ones or Unifi 10:56 < djph> xand: do UniFi switches even have console ports? 11:00 < easy_ref123> +xand, I get an Ubiquiti shell without unix utilities 11:00 < djph> easy_ref123: what is the switch's model? 11:08 <+xand> djph: yes 11:09 < easy_ref123> djph, Ubiquiti EdgeSwitch 16 XG 11:09 < detha> easy_ref123: some of the edgeXXX will give you a shell if you type 'sh' 11:10 < easy_ref123> thanks :) 11:10 < easy_ref123> it has a copper connection to a DHCP server. On the server, I see a DHCPDISCOVER from the EdgeSwitch, followed by a DHCPOFFER to the EdgeSwitch. 11:11 < easy_ref123> Then nothing. No DHCPACK. A little while later, the EdgeSwitch does another DHCPDISCOVER. 11:11 < easy_ref123> It's not accepting the offer. 11:12 < GodOfSea> Hey 11:13 < GodOfSea> I got a strange situation , I can see apache2 processes in ps aux but when I do systemctl status apache2 is says "inactive" 11:13 < GodOfSea> But my website works fine 11:13 < GodOfSea> I am using Ubuntu 16.04 11:13 < GodOfSea> anyone knows whats wrong ? 11:20 < easy_ref123> Another Ubiquiti question. Where can I find the output of the debug command? 11:20 < easy_ref123> ie. if I enable a debugging flag for DHCp 11:22 < GodOfSea> ok what ? 11:22 <+pppingme> GodOfSea how did you start apache? 11:22 < GodOfSea> systemctl start apache2 11:23 <+pppingme> you sure its not httpd ???? 11:23 < GodOfSea> I am sure . I have been using it for 1 month 11:25 <+pppingme> what do you get if you do "systemctl status httpd" 11:25 < GodOfSea> Loaded: not-found (Reason: No such file or directory) 11:25 < GodOfSea> Active: inactive (dead) 11:28 < GodOfSea> all the webpages are working but systemctl tells me apache is inactive 11:30 < GodOfSea> Take a look 11:30 < GodOfSea> https://pastebin.com/ySXUUKbD 11:42 < freakynl> GodOfSea: doesn't mean much to me. You might be using a worker that doesn't leave a main/control proces running or spawns a new one that systemd doesn't see. 11:43 < GodOfSea> Maybe 11:43 < GodOfSea> I rebooted the server 11:45 < freakynl> How did that work out for you? 11:49 < bezaban> it's just running the sysv scripts via systemd for using, those exit on completion and you won't be able to monitor the status of the sysv service via systemd 11:51 < freakynl> No clue how he installed apache then, checked on 2 of our 16.04 servers with apache and both have systemd scripts: Active: active (running) since Fri 2018-04-20 15:29:01 CEST; 3 weeks 4 days ago 12:34 < markeczzz> Not really sure if this is the right channel, but.. 12:34 < markeczzz> I have a network and inside several web servers. I have domain name that points to my static ip address. 12:34 < markeczzz> When someone types mysite.com, web browser takes him to my router which forwards connection to web server. 12:34 < markeczzz> Now I want to have different web servers hosting different subdomains.. so www.mysite.com points to server1, ftp.mysite.com points to server2.. How would I go about doing that? 12:35 < smartman294> hello 12:36 < djph> you redirect port 80 to server1. You set server2 on fire and throw it out the window. FTP, really, in 2018? 12:36 < Gollee> ^ 12:36 < test1337> ^ 12:37 < smartman294> so guys i had a question that i realized I don't know the answer to. how exactly does home internet work? like how does the router/modem know where to send what it needs to send to where 12:37 < djph> Note that you can only have one (1) internal destination per service (so only one web server - port80;443; only one sftp/ssh server - port22; only one whatever else ...) 12:37 < Gollee> smartman294: it uses its routing table to figure out where packets should go 12:38 < smartman294> ok but how does it know where the route is? 12:38 < smartman294> how does it know over the telephone cables 12:38 < smartman294> its not directly connected to anything 12:39 < djph> smartman294: same as any other networking. Computer looks up a destination address (e.g. 192.0.2.100) in its local routing table. If it's not found, it asks its default gateway (i.e. your router), if the router knows, it talks directly to that target host. Otherwise the router asks its default gateway (i.e. another router). Repeat this asking until SOMEONE knows how to get to 192.0.2.100, and 12:39 < grawity> it's connected via the telephone cables 12:39 < djph> directs the packet to that host. 12:39 < grawity> I mean, are you asking about DSL specifically? 12:40 < smartman294> telephones lines can carry digital signals? or is that what the modem is for so it can go to analog to go over the telephone lines? 12:41 < grawity> that's what the modem is for 12:41 < djph> smartman294: of course "telephone lines" can carry digital signals. 12:41 < grawity> though they're electric signals either way... 12:41 < djph> ^ 12:42 < grawity> but your modem encodes the regular digital signal into something specifically suitable for phone lines, and the DSLAM on the other end decodes them back 12:43 < djph> the modem just MOdulates and DEModulates the signals into pulses that the carrier can deal with. For dialup, this was converting to sound in the 300-3400 Hz range. For DSL, it's something like 250KHz to 1000 KHz (1 MHz) 12:44 < smartman294> what do you mean "can deal with" 12:44 < freakynl> markeczzz: get multiple IP's, use a reverse proxy, use different ports, get someone to do it that knows how the stuff works... 12:45 < djph> smartman294: a physical carrier (e.g. copper wires, glass fibres, the air itself) has different properties based on what frequency you're using for the electrical carrier wave. 12:46 < grawity> smartman294: well e.g. phone lines are relatively low-quality wiring, so AFAIK high frequency signals can't get through them very well 12:46 * grawity <- no clue about signals tbh 12:47 < grawity> plus they need to be chosen such that the regular analog voice signal remains mostly unaffected 12:47 < smartman294> and don't crosstalk? 12:48 < djph> e.g. using a 5 GHz carrier signal means it'll attenuate about twice as fast in air as a 2.4 GHz carrier wave. BUT since the carrier is flipping between +/- twice as fast, you can (usually) carry about twice as much data in the same amount of time for the same encoding. 12:48 < djph> (NOTE for all EEs in here - I'm speaking in general terms, and yes, fully understand there are other pecularities) 12:48 < smartman294> so why dont we use super high frequencies like 1000 GHz 12:49 < djph> because it can travel about ... uh ... zero :) 12:49 < smartman294> oh yea 12:49 < smartman294> distance decreases as frequency goes up right? 12:49 < djph> yep 12:49 < djph> for a given amount of power 12:50 < smartman294> totally forgot about that lol 12:50 < smartman294> you would need a LOT of amplifiers 12:50 < djph> I mean, "visible light" is somewhere in the 300 THz (300k GHz) range. it's dead simple to stop with naught but a sheet of paper. 12:51 < djph> that being said, we also do use frequencies up in the 1k GHz range (or maybe a little higher) -- it just gets transmitted via glass fiber 12:51 < grawity> smartman294: so we _do_ use super high frequencies, just via optical fiber and not electric signals 12:52 < smartman294> so pretty much the telephone lines are your "cat wires in a sense", the modem exists because the wiring of telephone lines suck and then it just follows normal networking properties? 12:52 < djph> err make that 1m GHz+ ... because I can't read tables, 12:52 < freakynl> https://en.wikipedia.org/wiki/Frequency#/media/File:EM_spectrum.svg 12:53 < grawity> smartman294: telephone lines are Cat3, afaik 12:53 < djph> well, a MODEM just MOdulates and DEModulates something. 12:53 < grawity> smartman294: but besides that, yes 12:53 < djph> an ONT, or a media converter, hell, probably even wifi APs are all *technically* modems. 12:53 < grawity> I *think* VDSL just pretends it's Ethernet; ADSL is older and weirder 12:53 < markeczzz> @djph, Ok, better example would be www1.mysite.com -> server1, www2.mysite.com ->server2. I have only one ip address, and i would like not to use different ports 12:53 < smartman294> ok thanks :) Simpler then I expected lol. 12:54 < grawity> but as far as IP routing goes, it's all the same 12:54 < djph> markeczzz: get more IPs. That's the only way. 12:54 <+xand> for multiple websites, you use vhosts 12:54 < smartman294> get ALL the IPs! 12:54 < djph> smartman294: https://en.wikipedia.org/wiki/Modem 12:54 <+xand> which could be reverse proxies 12:55 < djph> xand: well, that too - but he apparently has physical servers. 12:55 < freakynl> ethernet is osi layer 1/2. VDSL is osi layer 1/2. Both can transport IP, it doesn't have to pretend anything. 12:55 <+xand> so you have an nginx or similar proxy in front... 12:55 < freakynl> markeczzz: use a reverse proxy 12:55 < djph> ... and yeah, reverse-proxies entirely slipped my mind :| 12:55 < smartman294> rip 12:57 < markeczzz> @djph, Yes, sites are on different phyiscal servers.. So I will research reverse proxy... 12:58 < freakynl> markeczzz: I'd advise you look at haproxy first considering your current knowledge it's quite easy 12:58 < grawity> freakynl: I think you missed my point entirely but ok 12:58 < freakynl> markeczzz: btw, there's routers that can provide hostname based forwarding. Usually WAF's, or UTM's. Not your average consumer grade router anyways. 12:59 < freakynl> grawity: maybe I did, maybe you missed mine. Gotta run tho' 12:59 < markeczzz> @freakynl, I have Mikrotik routers.. I will research that.. 13:00 < markeczzz> @grawity, thx, will check it out 13:02 < regdude> markeczzz: they don't support ir directly, but you can use mangle rules to mark a packet, most probably you will use the tls-host parameter and then you can set a routing mark for a specific gateway 13:42 < human283> hi there, just compiled FRRouting on a ubuntu18.04 machine. All ok but there's something preventing the systemd service to start. Anyone encountered the same problem? 14:20 < NeuterYourPet> there was mention of cloud dns server 1.1.1.1 not working. seems not to work for me either. also 9.9.9.9 not responding. doubt its my config. using dnssec, I hope.. 14:20 < mines5_> I hope so too 14:20 < regdude> that as AT&T's fault 14:22 < mines5_> AT&T has never been one for being fully reliable 14:22 < NeuterYourPet> another way for google to show off their superior dns, break the others. 14:22 < dogbert2> 1.1.1.1 works fine for me 14:23 < NeuterYourPet> will try some diagnostics. 14:24 < NeuterYourPet> may work without dnssec 14:25 < NeuterYourPet> if i use a root server ie. 4.2.2.2 i can resolve 14:32 < Peng_> NeuterYourPet: That isn't a root server. 14:33 < seven-eleven> hi 14:34 < seven-eleven> i noticed that mobiel networks use carrier NAT, that is the mobile's WAN IP is shared by multiple mobile users, therefore I can't SSH into my mobile network. would it work to configure my mobile network with ipv6 instead, then I should circumvent the carriers NAT and be able to SSH into my ipv6 client within my mobile network right? 14:36 < kepler> potentially 14:36 < djph> seven-eleven: depends on the provider. 14:36 < djph> seven-eleven: also, reverse-ssh tunnels 14:37 < kepler> ^ 14:38 < seven-eleven> djph, thanks before checking out ipv6 availability i look into reverse ssh 14:38 < kepler> https://www.howtoforge.com/reverse-ssh-tunneling 14:39 < kepler> i do that with my laptops, then if anyone steals them and turns them on, it SSH's home 14:39 < kepler> and if i leave it at work, i can still get to it 14:43 < seven-eleven> ahh for reverse-ssh to work I need a third server with a static WAN IP, that's comparable to using a VPN, which also would allow me to ssh to the restricted network 14:43 < Peng_> Tor hidden service? 14:44 < seven-eleven> that's the best way oh yeah 15:14 < sleepy6> hey 15:18 < CuriousMind> My question is about ARP poisoning. So if someone is receiving your packets, does that mean you won't receive them? 15:18 < Phil-Work> CuriousMind, usually, yes 15:19 < CuriousMind> Phil-Work: I don't get it. So that would mean that I can't connect to the internet or the website that I am trying to reach? It would be a cannot connect or something like that? 15:19 < Phil-Work> CuriousMind, right 15:19 < CuriousMind> Phil-Work: Ah ok 15:20 < Phil-Work> ARP Poisioning is not really of benefit to, for example, steal your web traffic 15:20 < Phil-Work> rather it's useful to, for example, become the DNS server on the network by ARPing its IP 15:20 < CuriousMind> Phil-Work: I see 15:21 < Phil-Work> or to pretend to be another server causing someone to connect to you and possibly disclose a password to the real server 15:21 < mnemon> CuriousMind: generally you can just forward the packets to the correct recipient. 15:21 < CuriousMind> Phil-Work: I see 15:21 < regdude> I think it is useful to evesdrop traffic. If you poison someones ARP table and convince that a traffic monitor is your new gateway, then everything to the WAN will be sent through the rogue gateway 15:21 < CuriousMind> mnemon: I don't get it 15:22 < Phil-Work> what mnemon said works too - you can become the gateway for the network and sniff all traffic on it 15:22 < mnemon> for an example you poison the victim to think you have the IP of the router and the router to think you have the IP of the victim and the just pass the packets along to the right place and read them in between :P 15:22 < mnemon> read/modify 15:22 < mines5> Thats actually makes sense 15:22 < mines5> Not sure how you'd implement it, but its possible. 15:23 < mnemon> well there's plenty of tools that do it. 15:23 < regdude> there are some apps that monitor your gateway, just in case you are wondering 15:23 < Phil-Work> mines5, Linux with IP forwarding turned on, ARPing and a static ARP entry for the real destination 15:23 < CuriousMind> I'm trying to read all this so that I understand 15:23 < CuriousMind> mnemon: Trying read what you said about poisoning the router and the victim 15:23 < CuriousMind> This is all good stuff guys thanks, one sec 15:24 < mnemon> because you can just spam gratuitous ARP replies to both and they usually happily update their tables to match and the real replies get "overwritten". 15:24 < regdude> of course the attacker needs to be in the same Layer2 domain to perform a ARP Poison attack 15:25 < mines5> It is limited in that regard 15:25 < mines5> I have a feeling you wouldn't be able to do this across vlans 15:25 < mines5> assuming I understand the concept properly 15:26 < mnemon> vlans are just virtual Layer2 domains 15:26 < CuriousMind> mnemon: " for an example you poison the victim to think you have the IP of the router and the router to think you have the IP of the victim and the just pass the packets along to the right place and read them in between :P" Please say this in another way to help me understand this 15:26 < mines5> I just haven't used my advanced knowledge in so long... 15:26 < regdude> ARP packets are broadcast packets, they will not be forwarded over different VLANs 15:27 < mines5> I'm trying to dredge up as much as I can before monday of next week 15:27 < CuriousMind> regdude: ARP packets are broadcast packets mean they are sent to all machines on the network? Am I correct? 15:28 < Phil-Work> CuriousMind, ARP requests are 15:28 < Phil-Work> ARP replies are unicast 15:28 < regdude> CuriousMind: that is correct, for ARP requests, there are more ARP types 15:28 < mines5> Does anyone have any suggestions for remedial learning for networking concepts? 15:28 < Phil-Work> you can also broadcast a gratuitious ARP reply to affect a whole network - machines do this, for example, when they take on a new IP 15:29 < CuriousMind> I see 15:29 < regdude> mines5: you need to choose a segment first, networking is a bit wide subjecrt 15:30 < mines5> regdude, I'm just looking for the general gist 15:30 < CuriousMind> Same. I took networking twice in school. There are so many stuff to learn 15:30 < mines5> I should probably go back over the OSI model, someone asked me about and I couldn't remember all of the layers... 15:31 < mnemon> CuriousMind: you can send an arp response as unicast to the router and claim to be the victim -> the router will send all the packets addressed to the victim to you -> with properly configured network stack all the packets get forwarded to victim but you can read and modify them in between. 15:31 < CuriousMind> The layers are application, presentation, session, transport, data link, physical and I am missing one more 15:32 < mines5> https://en.wikipedia.org/wiki/OSI_model 15:32 < regdude> mines5: I wouldn't worry about OSI too much. If you can distinguish Layer2,layer3 and "the others", then it is enough 15:32 < mines5> I mean its one of those fun things where I know what I'm talking about, but can never remember the proper terms for them lol 15:33 < mnemon> the do the same in reverse and you get victim -> you -> router and see packets travelling in both directions. 15:33 < mnemon> *then 15:34 < CuriousMind> mnemon: I s ee. You said that you can configure the packets that get forwarded to the victim 15:34 < mnemon> you can modify them, yes 15:34 < mnemon> or just drop some 15:36 < CuriousMind> mnemon: Curious, I see now that this is one way that someone can monitor your traffic by ARP poisoning. Any other ways? I ask because I want to be aware and implement protection 15:37 < regdude> they can physically place a switch and copy all traffic to somewhere else 15:37 < mnemon> CuriousMind: if they can see the traffic on the gateways or if you timetravel to 90's and use a hub :) 15:38 < mnemon> yeah, switch port mirroring would be simple 15:38 < regdude> or if you have a switch between that uses MAC learning, you can flood the hosts table with random MAC addresses until the smart switch turns into a hub 15:38 < tds> if you're trying to protect against these things, make sure you also filter DHCP and RAs on most of your ports 15:39 < mnemon> yeah, they could just win the DHCP reply race and assign themselves as default gateway. 15:39 < CuriousMind> tds: See I don't know what that means lol 15:39 < CuriousMind> I'm going to write this down one second 15:39 < regdude> someone can just generate random DHCP requests and drive you nuts because you don't get a new DHCP Lease 15:40 < regdude> fun thing to do in public places 15:40 < mnemon> hmm, I wonder if the usual implementations will respond at all if the lease table is full? 15:40 < regdude> nope, you need to limit DHCP packets on a port 15:41 < mnemon> so if the lease table is full, no need to race to provide the first reply ? 15:41 < regdude> usually it will not send out anything since it cannot give any new addresses, all are taken 15:44 < CuriousMind> tds: I wrote down what you said about filter DHCP 15:44 < tds> and make sure you don't forget about RA filtering as well, since most OSes will prefer v6 over v4, so you can hijack most traffic just by sending an RA (if the network doesn't already support v6, or has already uses ras with priority set to low or medium) 15:45 < CuriousMind> tds: That's crazy that you reminded me to write down RA filtering cause I didn't. Ok thanks one second 15:45 < regdude> and don't be like most - "learn IPv6? Pff, no thx, disabled!" 15:46 < CuriousMind> What is an RA? 15:46 < tds> Router Advertisment 15:47 < CuriousMind> tds: I see. I never heard of it 15:47 < tds> it's just an icmpv6 packet that's sent to the all nodes multicast group, you can tell other devices to point a default route at you, specify an on-link prefix, dns servers, tell devices to autoconfigure an address in that prefix, and probably other things I'm fogetting 15:48 < regdude> some of layer2 attacks can be prevented by using MACsec 15:48 < CuriousMind> I see tds regdude 15:49 < CuriousMind> This is a lot of information but that's ok. I'm going to do research on all of this when I get the chance 15:49 < regdude> though go easy on MACsec, it is not a home grade feature 15:49 < CuriousMind> regdude: home grade feature? 15:50 < regdude> I mean not many routers will support it and most probably only enterprise level routers will 15:51 < CuriousMind> I see 15:51 < CuriousMind> So if MACsec won't protect, what else can I use? 15:53 < regdude> to protect yourself from many possible layer2 attacks... I would say an advanced managed switch and highly configurable router, there are a lot of things for you to limit in order to achieve some level of security 15:53 < CuriousMind> I just thought of something. All I have to do is refer to the OSI model then search online "Layer 2 protection", "Layer 4 protection". Am I correct? 15:53 < regdude> to be fair, in layer2 you are kinda expecting that none have physical access to your network 15:54 < regdude> for layer2 yes, for more upper layers not so much 15:54 < regdude> for layer4 you should be concerned about session hijacking 15:54 < CuriousMind> regdude: I see. I don't think I am able to do that cause I don't have access to the router but I can do this for the future 15:55 < regdude> layer2 security is something that most vendors are not even aware about so don't expect any switch or router to have such measures built-in 15:55 < CuriousMind> regdude: I have heard of session hijacking however, I am not familiar with it at all. I have to research that too 15:56 < regdude> for layer3 check DoS protections and check BGP black holes (if you are an ISP) 15:56 < regdude> I guess IP Fragmentation attack goes under layer3 as well 15:57 < CuriousMind> regdude: I'm writing all this down. I see 15:57 < regdude> oh, of course MAC and IP spoofing 15:57 < regdude> and if you are going into layer2 and CIsco, then VLAN hopping is a topic to discuss 15:59 < CuriousMind> I have a question. I take a security class and I am doing a project currently. When I search the "history" for these kind of attacks, it seems to me that I cannot find the history really. Is this because these kind of attacks existed in nature do to how these protocols and stuff were created 16:00 < regdude> really? there should be history for each type of attack when someone thought of doing such an attack on a large scale 16:00 < CuriousMind> When the protocols were created and people started using them, individuals came to the realization or became curious of different ways of using it then came these "attacks"? 16:01 < CuriousMind> For example, I did ARP poisoning. I can't find history really 16:01 < regdude> these attacks have surfaced because someone, who knows a thing or two about a protocol, noticed a flaw 16:02 < regdude> for example, for VLAN hopping you really need to know all sorts of possible VLAN configurations and then you notice a flaw with the native VLAN configuration 16:03 < CuriousMind> regdude: Yes I see 16:05 < CuriousMind> regdude: I'm trying to think of something else to ask 16:08 < CuriousMind> regdude: Ok so my understanding is each OSI layer has protocols and of these protocols comes the problem. Ex: poor configuration of something on your computer which utilizes a certain protocol can create a vulnerability 16:10 < mnemon> CuriousMind: most of the things discussed previously are actually sort of flaws in the protocols themselves(too naive design security-wise), there's also different issues with bugs that allow you to circumvent the security features that should be in place. 16:10 < mnemon> bugs and misconfiguration 16:11 < CuriousMind> mnemon: I see 16:14 < CuriousMind> mnemon: I want you and every who helped me to know that you've all been a great help to me and I appreciate the information that you have given to me 16:17 < seven-eleven> should i do L2TP with open or strongswan? 16:18 < seven-eleven> L2TP/IPSEC* 16:20 < turtle> you should do it with strongbad 16:24 < mnemon> CuriousMind: np, always a good refresher to talk about it :) 16:35 < md5sumo> join #r_netsec 16:36 < md5sumo> lol 18:09 < upgrade> Hi all! I have wifi-network with some devices and one linux and one win10 pc. i cant ping linux from win10 and cant ping win10 from linux. "Destination Host Unreachable" on both systems, firewall disabled. I can ping win10 and linux from other devices. 18:09 < upgrade> All connections autoconfigured with dhcp 18:10 < upgrade> no customr routes or smth. network works fine on both devices 19:20 < mgolisch> those are also wireless_ 19:20 < mgolisch> the ones you can connect from? 19:25 < mfreitag> random thought: has anyone in here used LetsEncrypt for a RADIUS server certificate? 19:31 < Apachez> https://www.youtube.com/watch?v=yfHUFpTKI_I Tesla Bioweapon Defense Mode vs Surströmming 19:46 < crCr62U0> Hello 19:47 < crCr62U0> How to mirror in ro mode /var/cache/pacman/pkg to another machine in the same LAN? 19:48 < crCr62U0> You're answer are very useful. 19:55 < Apachez> https://www.youtube.com/watch?v=3tUCuMSPQwE 20:04 < l0g> Network engineer left for the day and I need to get an image restored onto an ASA. I've got the image ready at a public TFTP server. Can anyone please provide documentation on how I can setup an IP on the ASA so I can connect and download the image from the TFTP server? I've got all the network details, just not sure about how to configure it. 20:15 < l0g> I've found it, thanks https://www.cisco.com/c/en/us/td/docs/security/asa/asa95/configuration/general/asa-95-general-config/admin-swconfig.html 20:45 < E1ephant> anyone still using modems for OOB? 20:46 < E1ephant> is there a cheap US/NA source of them? 21:37 < x-fak> hi 21:41 < x-fak> i got an issue on my VPS with my mysql server: https://bpaste.net/show/6a19b76ffea1 21:44 < UncleDrax> might try hunting down a MySQL channel for that. 21:52 < SporkWitch> i'd also recommend DESCRIBING the issue; no one's interested in just jumping into a paste blind 21:54 < UncleDrax> if it's from a known Paste-site, I'll likely check it out.. it's when it's from someplace sketchy I avoid by default 21:55 < OS-38594> does anyone here have F5 knowledge? 21:55 < UncleDrax> but it's really 'systemd complainging mysql doesnt start'.. with an exit code 21:55 < compdoc> x-fak, was there an update to mysql that you applied? 21:56 < x-fak> compdoc , no 21:56 < x-fak> i've had a DoS on the xmlrpc.php file 21:56 < x-fak> and crash 22:01 < SporkWitch> UncleDrax: principle of the thing; describe your issue, don't make me follow a chain of links and figure it out myself. YOU tell ME what's wrong, i'll look at the supplementary info if i think it's something i might be able to help with, and i'll respond based on that. 22:01 < SporkWitch> basic triage, really 22:01 < x-fak> SporkWitch , well the mysql server has crashed and i cannot restart it for some reason 22:02 < UncleDrax> SporkWitch: valid. and being able to explain the issue is Step 1 in Rubber Duck Debugging. 22:02 < SporkWitch> ^ 22:03 < UncleDrax> (that said, obligatory 'I hate the term, but practice it all the time' 22:03 < SporkWitch> what's wrong with the term? it's descriptive. it's not like "cloud" which is the opposite of helpful 22:03 < UncleDrax> (and not because I have a plushy-Cthulu instead of a Rubber Duck) 22:04 < UncleDrax> SporkWitch: i'm just old and grumpy.. I have no actual and rational reason to dislike the term, it just stikes me as weird 22:05 < SporkWitch> the origin comes from the 60s lol 22:06 < SporkWitch> i'm actually pretty cranky; i bought that tentacuddle blanket from thinkgeek, and it's smaller than my bath towel, and there's literally no way to actually snuggle up in it; i'm not a big guy either, i'm 5'9" and 32" waist 22:07 < UncleDrax> tbh, I think thinkgeek went the way of SharperImage (selling nifty, but generally crap-quality things) a while back 22:07 < UncleDrax> .. Thinkgeek and Brick and Mortars now? ok they really have gone that way 22:07 < UncleDrax> *has 22:09 < SporkWitch> that's what it's looking like; they have almost nothing up there anymore, let alone anything good 22:09 < SporkWitch> they're like a low-quality online version of SPencer's now 22:09 < UncleDrax> yeap 22:10 < SporkWitch> they got rid of all the magnets 22:10 < SporkWitch> they don't even have the magnetic putty anymore :'( 22:10 < SporkWitch> hell, they don't even sell real desk toys anymore! not even a newton's cradle 22:11 < detha> blatantly stolen from nanog, but: Do the kids get on your lawn all the time time too? 22:12 * SporkWitch gets out his cane 22:12 < UncleDrax> anything niche and profitable will be mass marketed and wrung dry. 22:13 < UncleDrax> but yes, obligatory lawn remarks 22:13 < SporkWitch> pepperidge farm remembers... 22:13 < UncleDrax> hah 22:15 < UncleDrax> wow.. been a while sinv eI've been to TG.. they've totally revamped thier look to appear like a shitpost version of Amazon 22:15 < UncleDrax> unfortunate 22:15 < UncleDrax> oh well 22:16 < UncleDrax> so I asked about them a while back, but I got my WIFIMETRIX channel analyzers.. and yeap.. they report channel usage. as advertised. still hunting for any frills 22:18 < UncleDrax> but looks like I'll still need a decent spectrum analyzer and heatmapping SW (for Mac & Linux if possible.. i'm open to suggestions if anyone has some) 22:21 < superkuh> keenerd's rtl_power (+ any gui frontend you want, qspectrumanalyzer is popular), and his heatmap.py for static analysis of long duration. 22:21 < superkuh> UncleDrax, ^ 22:22 < superkuh> Of course this implies rtlsdr, which doesn't do all of shortwave so you may need an upconverter too. 22:23 < superkuh> The SpyVerter is what I'd get if I were to buy an upconverter these days. 22:27 < UncleDrax> thanks, i'll bookmark it for future justice. I only care about 802.11 bands really, but nice to know it'll do literally anything 22:27 < UncleDrax> clearly also I need to edu myself more on RF ;] 22:28 < superkuh> Oh. You mean SW=Software. I thought SW=Shortwave 22:28 < UncleDrax> ya sorry.. name space collisions are a bitch 22:29 < superkuh> Well, for wifi I use my HackRF with qspectrumanalyzer and hackrf_sweep backend. It does 8 GHz/s sweep. 22:29 < superkuh> But a HackRF is a bit expensive to just use as a spectrum analyzer. 22:29 < UncleDrax> this is for supporting revenue services.. so if it's costs money, it's just a question of 'how many zeros are we talking' 22:30 < superkuh> Two. 22:30 < UncleDrax> pft 22:30 < UncleDrax> so one for each member of staff then? sounds good 22:30 < superkuh> https://www.youtube.com/watch?v=xHqe8dXYjsI 22:30 < superkuh> This is an example of my RF environment "qspectrumanalyzer HackRF (hackrf_sweep) 700-2720 MHz" 22:30 < superkuh> Taken inside with a dual planar disk antenna. 22:31 < superkuh> Downsizing it for youtube loses a lot of the detail I had spanning two monitors. 22:31 < superkuh> Obviously for smaller spans, ie, just wifi, you get a much faster update. 22:32 < UncleDrax> ya fair enough 22:33 < superkuh> HackRF isn't super sensitive, in fact, it's kind of deaf. And it's only 8 bits. 22:33 < superkuh> And it's really prone to overload and images of things appearing as harmonics far from their actual location. 22:33 < superkuh> But if you throw a cheap modern broadband LNA in front it's better. 22:33 < UncleDrax> so it's said, outside of the high-points, i'm pretty much an RF noob, so pardon my noobness. This would primarly be for building 802.11 coverage maps, with some other dutys (like finding meatsacks doing silly things and asking them to stop) 22:34 < UncleDrax> so I'm imagingin my needs are low-ball in the RF world 22:34 < superkuh> Yeah, loud signals. 22:35 < superkuh> A HackRF using the hackrf_sweep backend with qspectrumanalyzer would probably work fine. 22:35 < superkuh> And a decent directional antenna like one of the rfspace vivaldi (see 'em on ebay). 22:35 < superkuh> Or just a directional wifi whatever if that's what you have. 22:35 < UncleDrax> if nothing else seems like an easy entry point.. can grow from there too 22:38 < UncleDrax> ok cool. thanks for input.. gives me some things to chase down 22:41 <+catphish> i found hackrf to be reasonbly sensitive, not great resolutuion though, bladerf is far superior 22:45 < Aeso> bladerf looks cool, shame it doesn't cover the 5GHz wifi bands or I'd probably pcik one up 22:46 <+catphish> yeah the hackrf has really really wide coverage, the bladerf is far superior but doesn't have the range :( 22:47 < superkuh> It also doesn't have fast re-tune. 22:48 <+catphish> no, its strength lies in being able to handle a single 28MHz band extremely well 22:49 <+catphish> or monitoring (though not necessarily that fast) a wider bandwidth at high resolution 22:50 <+catphish> it can for example cover a whole 20MHz wifi channel very well 22:51 <+catphish> i still don't understand the relationship between bandwidth and data rate 22:53 < detha> something nyguist something something 22:54 < UncleDrax> > Nyquist is a retired American Thoroughbred racehorse, winner of the 2016 Kentucky Derby. :p 22:54 < Aeso> lol 22:54 < UncleDrax> (thanks google!) 22:55 < UncleDrax> https://en.wikipedia.org/wiki/Nyquist_frequency is likely the correct result 22:55 <+catphish> that's how i thought it worked, wifi can achieve hundreds of megabits per second over 20MHz 22:57 < superkuh> Of course most digital/sdr stuff uses complex sampling so while nyquist still applies 20 Megasamples/s will actually get you 20 MHz bandwidth and not just 10 MHz. 22:57 < detha> I don't fully understand it either, but apparently it has something to do with what symbol rate you can get into that bandwidth without it being indistinguishable from random noise 23:00 <+catphish> i studied radio for a while, but i still don't understand qam / phase modulation and how they cram a seemingly infinite amount of data into a finite bandwidth 23:01 < Aeso> QAM starts to make a lot of sense when you understand IQ data 23:05 <+pppingme> thats something I really need to study up on 23:11 < mnemon> catphish: I think this show's it pretty nicely: https://en.wikipedia.org/wiki/Quadrature_amplitude_modulation#/media/File:QAM16_Demonstration.gif 23:12 < mnemon> to get more data/symbol, cram more possible points into it :P 23:18 < Aeso> more points = more eyes in the eye diagram = smaller eyes = more SNR required to receive 23:19 < Aeso> that's the cliffnotes version, anyways 23:38 <+catphish> mnemon: i understand that, but i don't really understand how one can change amplitude and phase without changing frequency 23:39 <+catphish> though i guess that comes down to sample rate 23:41 < at0m> catphish: phase modulation changes the relative amount of time of up vs down the X-axis, but total amount of X-crossings (hence freq) remains the same. 23:41 < at0m> x-corssings / time 23:45 < forgotten> anyone know of a good reference / explaniation showing the different character sets that get sent from windows ping vs linux ping? 23:46 < forgotten> ive been googling but can't seem to find a good tutorial or article explaining it 23:46 < mnemon> catphish: it's two carrierwaves of different phase(90 degrees off) and then you just change amplitude, sort of what the cross signifies 23:47 <+catphish> why would character set matter in ping? 23:47 < at0m> tcp vs imcp ping? 23:47 <+catphish> mnemon: that makes some sense 23:47 < forgotten> only icmp ping 23:48 < forgotten> i guess i can just take pcaps myself and show the difference was just hopeing somoen had posted it so i could be lazy :P 23:48 < mnemon> then it's just "go one amplitude unit left and two down" type deal 23:48 <+catphish> forgotten: see my question 23:48 < forgotten> catphish: it matters in detection 23:48 <+catphish> forgotten: detection of what? 23:49 < forgotten> like i can tell this i a linux host sending "ICMP" form the PCAP 23:49 < forgotten> or i can tell this is a windows host sending ICMP from the PCAP 23:49 < forgotten> because they send different character sets 23:49 <+catphish> why would character sets be involved though? 23:50 < forgotten> catphish: what do you mean? it's how the tools are written / implemented on each OS. 23:50 <+catphish> no it's not 23:50 < forgotten> linux sends like " !"#$%&'()*+,-./01234567 " 23:50 <+catphish> it's likely that each os has a different default payload in the ping request 23:50 < forgotten> and windows sends something differnet 23:51 <+catphish> that's not what character set means though 23:51 < forgotten> ok im sorry the characters it sends in the payload then then. 23:51 < forgotten> maybe i didn't explain it right. sorry 23:51 <+catphish> i understand nw 23:51 < forgotten> do you know what windows sends? 23:51 <+catphish> no idea, sorry 23:52 <+catphish> i could pcap a linux host 23:52 < forgotten> no worries i'll take pcap and find it :) 23:52 <+catphish> but dont have wndows here 23:52 < forgotten> i just did thats how i knew it was what i posted above :) 23:52 < forgotten> for linux 23:53 <+catphish> mnemon: it makes some sense, but clearly some bandwidth is consumed, and i don't understand the relationship beween bandwidth and how much data is sent 23:55 < forgotten> " abcdefghijklmnopqrstuvwabcdefghi " in windows payload 23:55 <+catphish> i also can't believe it doesn't affect the frequency of the crossings 23:56 <+catphish> i look at time domain plots like this https://qph.ec.quoracdn.net/main-qimg-2e13936a659b88c6819c4e83d166abb4 an there's clearly multiple frequencues mixed in there :( --- Log closed Thu May 17 00:00:22 2018