--- Log opened Tue Jun 12 00:00:54 2018
00:02 < xe0n> astalavista.box.sk
00:04 < genr8_> nice
00:04 < genr8_> what was the other one?
00:04 < xe0n> i haven't been there in 20 years lol
00:09 < xe0n> cracks.am
00:09 < xe0n> LOL
00:12 < MillerBOSS> http://fakeupdate.net/wnc/
00:13 < MillerBOSS> I should make some of those full screen some how on https://trollme.xyz/
00:13 <+layer-eight> * MillerBOSS →  Trolololololol's Я Us!
00:13 < MillerBOSS> My first email account was through http://www.excite.com
00:14 <+layer-eight> * MillerBOSS →  My Excite
00:14 < MillerBOSS> 1999
00:14 < MillerBOSS> I doubt they keep account alive like Google does.
00:15 < Sousapro> Has anyone used Windows Storage Replica?
00:15  * MillerBOSS points to hunterkll
00:16 < MillerBOSS> And A-KO
00:16 < MillerBOSS> They try everything Windows
00:16 < Sousapro> I need to replicate a couple of SMB shares across a few sites and everyone got pissy when I said DFS lol
00:17 < Sousapro> Nevermind that my domain controllers use it regularly and have no issues lol
00:17 < MillerBOSS> Why get pissy over DFS?
00:17 < Sousapro> MillerBOSS: they've worked at places with shitty windows admins that let DFS break and stop syncing
00:18 < zerocool> Sousapro: im still there
00:19 < MillerBOSS> Oh. Well thats not your fault of course.
00:21 < Sousapro> zerocool: with crappy DFS shares?
00:23 < MillerBOSS> https://twitter.com/tonyromm/status/1005970277342306304
00:23 <+layer-eight> * MillerBOSS →  Tony Romm on Twitter: "NEW: I spoke with FCC Chairman Ajit Pai, the rest of the commission, members of Congress and others before the end of net neutrality rules tmw.   Advocates fear the worst with an AT&T ruling due Tuesday. Pai said he's heard a dif...
00:24 < zerocool> Sousapro: ya, other admins project, never worked right, i looked for 1 minute and found problem
00:24 < zerocool> was like -_-
00:24 < Sousapro> DFS is so damn easy
00:25 < zerocool> can't read like 5 options
00:25 < zerocool> yeah that's what i mean
00:25 < Sousapro> Event viewer is so tough
00:25 < zerocool> some people man
00:25 < Sousapro> So is splunk or nagios core
00:25 < zerocool> elk
00:25 < Sousapro> Yeah, we're using elk here
00:25 < Sousapro> Not bad
00:25 < Sousapro> Not splunk but acceptable
00:26 < Sousapro> I got to this job and both of the domains had failed sysvol replication
00:27 < Sousapro> I noticed it pretty quickly lol
00:27 < Sousapro> People talking about how unreliable the DCs were
00:27 < Sousapro> Took me like 1 day to completely iron out both domains
00:29 < zerocool> we picked up a site that never used scavaging, has like 12 dc's not parted properly, every computer has a unique host file
00:30 < zerocool> http only to the mail server touching the internet, and sql
00:30 < zerocool> custom routes
00:30 < zerocool> for workstations
00:31 < zerocool> they have a 32core server... AS A WEB SERVER
00:31 < zerocool> bare metal, webserver
00:33 < MillerBOSS> The fuck $30 for this thing. https://www.wyzecam.com/
00:33 <+layer-eight> * MillerBOSS →  Wyze Cam Pan
00:33 < MillerBOSS> 1080p Full HD | 110°/sec Rotation | Pan ScanTM
00:34 <+NinjaStyle> ayyy
00:34 <+NinjaStyle> cool guy is here people
00:34  * NinjaStyle kicks the jukebox
00:36 < MillerBOSS> >Free rolling 14 days of alert videos stored in the AWS Cloud
00:36 < MillerBOSS> Wow that is slick for $30
00:37 < MillerBOSS> 2 way audio
00:39 <+NinjaStyle> cryptic1: AY
00:41 < Casteil> ayyyy
00:41 <+NinjaStyle> Casteil: sup
00:41 <+NinjaStyle> sup de tosacana
00:41 < m4221> Two coworkers were laid off today and another passed away last Saturday:(
00:42 < Casteil> damn
00:42 < silentfury-s4pro> people are dying today, who have never died before...
00:43 < m4221> I just had a CT scan today
00:43 < m4221> Where I had a bad reaction to the contrast agent
00:44 < silentfury-s4pro> have you had barium before?
00:45 < nojeffrey> Whats everyone set the Sec event log size to on a DC?
00:46 < nojeffrey> Ours is set to 200MB, but can only last ~3 days, much bigger and it struggles to load events
00:46 <+NinjaStyle> you should ship them to central logging imo
00:46 < nojeffrey> Trying out this: https://www.reddit.com/r/usefulscripts/comments/8q0p7d/pswinreporting_monitoring_active_directory_events/
00:46 <+layer-eight> * nojeffrey →  PSWinReporting - Monitoring Active Directory Events : usefulscripts
00:47 < nojeffrey> We do, but I want to try the above script
00:47 <+NinjaStyle> then what difference does it make?
00:49 < nojeffrey> this script uses ps and looks into the event log and send intresting stuff(people added to security groups, password resets, etc)
00:49 <+NinjaStyle> just create those queries in your central logging
00:49 < nojeffrey> cant it's linux
00:49 <+NinjaStyle> ?
00:49 <+NinjaStyle> so
00:50 < nojeffrey> so recreate the functionallity in python/awk/grep, etc?
00:50 < nojeffrey> would take a bit
00:51 < nojeffrey> 230k of ~300k events are logon/logoff events
00:51 <+NinjaStyle> oh, so you arent using anything like kibana?
00:52 < nojeffrey> well I have a elk server going, but these DC sec logs are just getting sent to syslog server
00:52 <+NinjaStyle> well pull them in to the elk stack imo, that way you can just build those queries in there, and the local log retention doesnt matter
00:53 < nojeffrey> i was originally
00:54 < DLSteve> we just have Splunk ingest everything.
00:55 <+NinjaStyle> yeah splunk or elk
00:55 <+NinjaStyle> that way you dont gotta fuck with it locally
00:55 <+NinjaStyle> just let it rotate
00:55 < nojeffrey> there was a plugin I was using that shipped event logs to elk, cant remember the name, but from memory I couldnt trim majority of log before shipping
00:59 < nojeffrey> +NinjaStyle yeah OK I should revist event logs to ELK
01:02 < MillerBOSS> https://www.potcoin.com/
01:02 <+layer-eight> * MillerBOSS →  Banking For The Cannabis Industry - Digital Currency | PotCoin.com
01:02 < MillerBOSS> Of course.
01:03 < xe0n> loll
01:03 < xe0n> nice
01:03 < MillerBOSS> Per https://twitter.com/twitter/statuses/1006263432604258309
01:03 <+layer-eight> * MillerBOSS →  ⚓  https://twitter.com/TIME/status/1006252224941469696 → TIME on Twitter: "Dennis Rodman came to the Trump-Kim Summit for more 'basketball diplomacy' https://t.co/nbtwSJQnHb… "
01:03 < MillerBOSS> T shirt
01:03 < nojeffrey> gahh but that script was so good, formatted everything interesting in 1 email
01:06 < MillerBOSS> Even a look a like, Un there.
01:25 < jay-ros> Good morning everyone
01:28 < JollyRgrs> jay-ros: go to bed, ur drunk :P
01:30 < jay-ros> JollyRgrs, WELCOME TO THE WORLD OF (literally) TOMORROW!
01:30 < jay-ros> (it's tuesday 9.30am here)
01:30 < JollyRgrs> NO WAI! HOW U DO THAT!
01:30 < JollyRgrs> j/j
01:30 < JollyRgrs> j/k
01:30 < JollyRgrs> i'm off work now, i don't wanna be back that soon
01:31 < jay-ros> We had a public holiday yesterday, so I'm fresh as a daisy, and coming off an exceptionally successful week last week
01:31 < JollyRgrs> nice
01:31 < hug> Anyone here manage any Windows servers with over 4 million files in a single directory?
01:31 < genr8_> thats a lot
01:32 < jay-ros> hug - not in a single directory, but a root folder
01:32 < jay-ros> what's the situation?
01:32 < genr8_> more files = moar slowdown
01:32 < hug> There's a company I support that has a braindead system that we're replacing.
01:33 < jay-ros> indexing bloats
01:33 < hug> The webserver has a photo gallery, the photo gallery generates thumbnails and dumps them all in the same location.
01:33 < misspwn> sup
01:33 < jay-ros> yeah, that's awful
01:33 < hug> Over 4 million thumbnails and the generation fails.
01:33 < jay-ros> hi misspwn
01:33 < jay-ros> hug - I'm guessing you can't archive, and need to rebuild?
01:34 < hug> "A generic error occured in GDI+" is the error message.
01:34 < misspwn> hey jay-ros
01:34 < hug> Well I've done the "dumb fix" and just archived a shitton of photos, which means if anyone goes back over 18 months in the gallery all the thumbnails are missing.
01:34 < hug> (Which is better than thumbnails missing for the photos for *today*)
01:34 < genr8_> you could try to consolidate the MFT . it could be heavily fragmented and it needs to be traversed to read the dir every time
01:34 < misspwn> today was rough at work. i had to wear my sunglasses indoors the whole time because the flourecent lights were bugging me after getting lasik on friday. i think i will order those computer glasses maybe that will help
01:34 < hug> Already done.
01:35 < hug> contig run against the MFT and against the folder itself.
01:35 < hug> I defragged too (lol) and disabled 8.3
01:35 < genr8_> you just gotta deal with it then. or split up the directories
01:35 < genr8_> you had 8.3 on? that could be a big slowdown
01:36 < hug> Slowdown, sure, but shouldn't just destroy the ability to save to that directory.
01:36 < genr8_> its probably a bug in the thumbnail program?
01:37 < hug> No. The thumbnail program is dirt simple.
01:37 < genr8_> GDI+ is the graphics subsystem
01:37 < jay-ros> misspwn - you're expected to have a week of discomfort. Have the area verbally approve having the electrician rotate the flouros till they switch off but stay in place
01:37 < hug> I have the source. It's boring ol' C#. It reads a big image to a memorystream, resizes that buffer to 100x100, and then dumps it out with the save method.
01:38 < hug> It's like 12 lines of source.
01:38 < genr8_> https://stackoverflow.com/questions/2291415/creating-thumbnail-of-all-the-images-inside-a-folder?rq=1
01:38 <+layer-eight> * genr8_ →  c# - Creating thumbnail of all the images inside a folder - Stack Overflow
01:38 < genr8_> its probably an out of memory error
01:38 < hug> ....
01:38 < hug> No.
01:38 < hug> Stop.
01:38 < hug> It is not an out of memory error.
01:38 < jay-ros> hahaha
01:38 < hug> It's not the C#.
01:38 < jay-ros> it's a 'four million hits and counting!' error
01:38 < hug> It's nothing but "if there are over 4 million items, saving fails"
01:38 < jay-ros> it should be reprogrammed hug
01:38 < jay-ros> by month, rewrite the script to create subfolders
01:38 < hug> If I move one file out, the app will save one more file.
01:39 < jay-ros> if you can*
01:39 < genr8_> its either a bug in the C# or the GDI API and im more likely to believe its the C#
01:39 < hug> Mate, I don't give a fuck what you believe.
01:40 < hug> I'm going to go with "the direct evidence I have on my screen" rather than the opinion of some rando on IRC who hasn't actually seen any of this first hand.
01:40 < jay-ros> hahahh genr8_ he's already tested removing one file and counted four million files in the folder,
01:41 < jay-ros> hug - was the number Maximum number of files on disk: 4,294,967,295
01:41 < jay-ros> uurgh, ignore that, it's a billion
01:41 < hug> That's 4 *billion*.
01:41 < hug> Yeah.
01:41 < ekaj_> layer 1 is the highest IT support layer, right? or is it 3
01:42 < ekaj_> level 1 i mean
01:42 < genr8_> try catching the exceptions instead of just letting it error, i guarantee you its an OutOfMemoryException
01:42 < silentfury-s4pro> level 8
01:42 < hug> ...
01:42 < ekaj_> nvm i fucking googled it
01:42 < hug> You mong.
01:42 < silentfury-s4pro> or as we call it, layer 8
01:42 < silentfury-s4pro> :D
01:42 < Sousapro> https://www.amazon.com/Aimto-Step-Snek-Flag-3x5/dp/B076LXCK1X
01:42 < hug> The exception is "A generic error occurred in in GDI+"
01:43 < hug> I stated this earlier.
01:43 < genr8_> thats just a bad error message masking the real problem
01:43 < hug> And no, it's not that  there are locked files. And it's not that I haven't properly disposed the object.
01:44 < hug> Yes, it's a bad error message. I've already told you what the cause is.
01:44 < genr8_> its a leaky abstraction and you would do well to improve the C# code
01:45 < genr8_> anyone else has free reign to prove me wrong
01:46 < hug> I have free reign to prove you wrong you idiot.
01:47  * MillerBOSS slaps hug around a bit with a large trout
01:47 < hug> I have the fucking source. Right here.
01:48 < genr8_> so step through it.
01:48 < hug> ...Is anyone else of the opinion that this guy is braindead?
01:49 < hug> I have stepped through it. I have done everything possible with the whole 12 lines of C# that generate the thumbnails. I have tried using GDI+ to generate a file from a test project that has nothing to do with the original app.
01:49 < genr8_> so after 4 million files, GDI just gives up ?
01:49 < hug> Here is the whole problem, outlined in full: If I attempt to use GDI+ to save an image to a folder with 4 million items, it fails. 3,999,999 items, it succeeds.
01:49 < genr8_> File a bug report with microsoft then
01:50 < hug> (I have said this about 4 times now.)
01:50 < genr8_> its a bit hard to believe mate
01:50 < genr8_> will OTHER things write to that folder ?
01:51 < hug> Yes.
01:51 < genr8_> after the 4 mil
01:52 < hug> Anything that doesn't choke on trying to index a folder of 4 million files can.
01:52 < hug> (Anything with a "save as..." dialog will just fail trying to display the contents of the folder, for example, but that is because it is trying to build an array of 4 million items to show.)
01:54 < hug> [system.io.directory]::findfiles() chokes because it tries to build an array too.
01:55 < JollyRgrs> use a cmd prompt to save a file, no populating the contents of teh folder :P
01:55 < hug> [system.io.directory]::enumeratefiles() does not, but then I have to iterate over.
01:55 < hug> JollyRgrs: Yeah, Powershell new-item works.
01:55 < JollyRgrs> or even use powershell and pop open
01:55 < JollyRgrs> yeah
01:55 < hug> (But trying to use GDI in powershell fails!)
01:55 < JollyRgrs> you can even make ti a GUI if you want it to ask for filename
01:55 < JollyRgrs> just only check if file exists... don't populate all of em
01:55 < hug> get-childitem also fails.
01:55 < hug> Well when I say "fails" I closed powershell once it hit 6GB of RAM used and no output. :)
01:56 < JollyRgrs> well duh
01:56 < JollyRgrs> don't gci it
01:56 < JollyRgrs> just new-item it
01:56 < hug> get-childitem -outbuffer 1000 works
01:56  * JollyRgrs doesn't even know what this whole conversation is about
01:56 < hug> tl:dr; C# app tries to create thumbnail in folder with 4mil+ thumbnails, fails.
01:56 < hug> If it's under 4mil items in folder, it works.
01:56 < JollyRgrs> lol
01:56 < JollyRgrs> REKT
01:57 < genr8_> i want to see you debug this live, on twitch
01:57  * NinjaStyle tunes in
01:57 < hug> At this point i'm just going to tell the company involved to hurry up and launch the replacement.
01:58 < genr8_> i want it to be a mess of undocumented registry tweaks and pinvoke native methods in the C# code
01:58 < hug> (Believe it or not this is not the dumbest problem I've had with this steaming pile of shit.)
01:58 < genr8_> and stepping through stack traces and memory dumps
01:58 < hug> Not paid enough for that.
01:59 <+NinjaStyle> how much would it take?
01:59 < genr8_> "just make the thumbnails"
01:59 < genr8_> but but..... you've got me coding in assembly....
01:59 < hug> That would be out of scope for our support agrement, so somewhere around $300/hr
02:00 < genr8_> the number 4,000,000 doesnt mean anything to me either
02:00 < genr8_> if it was 4.294 billion or 16.777 million maybe...
02:01 < hug> Nor to me.
02:01 < hug> (Which is why I was asking here.)
02:02 < genr8_> maybe 4 million is actually the 4 billion limit due to some 1024KB thing
02:03 < hug> I dunno. I've removed 480,000 items from the folder. They generate about 4k images a day. I'll just let them know they have 3 months to get their shit in order.
02:04 < genr8_> i would just refactor the C# program
02:04 < hug> If it were that simple...
02:04 < genr8_> the thread thats been running the GDI stuff may just need to be completely torn down and thrown away periodically
02:04 < hug> The C# app runs every 5 minutes.
02:04 < hug> Processes ~5 photos on average.
02:05 < hug> So it's not memory there.
02:05 < genr8_> http://codingsight.com/gdi-leak-handling/
02:05 < genr8_> idk
02:05 <+layer-eight> * genr8_ →  Handling a GDI Resource Leak
02:05 < hug> As I said, if I manually load the GDI assembly in powershell and try to dump a single file  using the .save method, it bombs out with the same generic error exception.
02:06 < hug> So long as C# is saving to that folder with GDI, it'll shit the bed.
02:06 < hug> I could *probably* save the file out to %temp% and then move it.
02:06 < hug> But ... eugh.
02:07 < Casteil> "Hey boss, just a heads up, we're going to be deploying the big one tonight"
02:08 < silentfury-s4pro> Hold on to your butts.
02:13 < misspwn> i'm holding my butt...now what? tryin to cook some dinner here
02:13 < hug> cook it with ur butt
02:13 < DoctorDick> I eat ass
02:13 < misspwn> o, sorry in advance for burning chicken thighs then
02:14 < MillerBOSS> >Do you want To STOP receiving these emails from us Just hit *reply and let us know..
02:15 < MillerBOSS> https://www.youtube.com/watch?v=07P538K83iU
02:15 <+layer-eight> * MillerBOSS →  YouTube → Eddie Murphy - Boogie In Your Butt → ⚘ 1,625,325 ↑ 8,666 ↓ 467 ✍ 1,410
02:16 < MillerBOSS> I'll take come chicken. Dark only please, misspwn, thanks.
02:21 <+NinjaStyle> DoctorDick: I can tell
02:21 < MillerBOSS> Out of hibernation?
02:22 < genr8_> remember when we needed BlackViper's list of Windows Services to figure out what they do ?
02:22 < MillerBOSS> Yup. Its still updated too isn't it?
02:22 < genr8_> recently anyway
02:23 < genr8_> at least M$ is the one documenting their own shit though
02:23 < MillerBOSS> http://www.blackviper.com/
02:23 <+layer-eight> * MillerBOSS →  Home | Black Viper | www.blackviper.com
02:23 < JollyRgrs> oh man
02:23 < JollyRgrs> i remember blackviper
02:23 < JollyRgrs> genr8_: i used that for my win2k machine
02:24 < genr8_> what other kind of cool underground resources are there like this
02:24 < genr8_> For services, permissions, ACLS, auditing
02:24 < genr8_> top secret stuff
02:28 < genr8_> say i just installed a new Windows Server box... any one know a guide or basic checklist of what would i do to secure it ?
02:29 < xamithan> Sure,  don't take it on the internet
02:29 < MillerBOSS> Updawg?
02:30 < genr8_> whats?
02:30 < MillerBOSS> Huh?
02:30 < MillerBOSS> https://security.utexas.edu/os-hardening-checklist/windows-r2
02:30 <+layer-eight> * MillerBOSS →  Windows Server 2012 R2 Hardening Checklist | UT Austin ISO
02:30 < MillerBOSS> https://security.utexas.edu/os-hardening-checklist/windows-2016
02:30 <+layer-eight> * MillerBOSS →  Windows Server 2016 Hardening Checklist | UT Austin ISO
02:31 < genr8_> oh see this is a good start
02:31 < MillerBOSS> https://utexas.app.box.com/v/CISBenchmarkWindowsServer2016
02:32 < genr8_> last link wont load
02:32 < genr8_> rather it loads but its blank
02:32 < m4221> Hello failures
02:32 < MillerBOSS> Its slow and its box.com
02:33 < MillerBOSS> Look at link named Windows Server 2016 Benchmark v1.0.0 genr8_
02:33 < MillerBOSS> On 2016 link above
02:33 < MillerBOSS> Its int he checklist
02:34 < genr8_> yea that did it
02:34 < genr8_> 816 pages holy fuckeee
02:34 < MillerBOSS> Yeah
02:34 < MillerBOSS> https://technet.microsoft.com/en-us/security/cc184923.aspx
02:34 <+layer-eight> * MillerBOSS →  Baseline Security Analyzer 2.2 - Download FAQ Resources | TechNet
02:34 < MillerBOSS> I am on the same goal as you here
02:35 < xe0n> genr8_: this stuff is more you do on a wider scale, not on a single server, i.e automate your builds so they're complient from the get go :)
02:35 < Hunterkll> i think my i9 isn't bunk now
02:35 < d> MillerBOSS,
02:35 < d> hi
02:35 < Hunterkll> or we had a power failure
02:35 < MillerBOSS> Sup d
02:36 < genr8_> luckily i already do a lot of these things
02:36 < genr8_> just not procedurized
02:36 < MillerBOSS> Yeah but its difficult to remember/know everything right?
02:36 < jay-ros> Howdy MillerBOSS
02:36 < genr8_> yep
02:36 < MillerBOSS> Hey jay-ros
02:37 < MillerBOSS> Hmm >62	FireAMP is the recommended AV solution.
02:38 < MillerBOSS> Oh shit, I forgot my login info. ;) http://wikis.utexas.edu/display/fireamp
02:38 <+layer-eight> * MillerBOSS →  ⚓  URL Redirected → UT EID Login
02:39 < MillerBOSS> Never heard of http://www.immunet.com/index
02:39 <+layer-eight> * MillerBOSS →  Immunet AntiVirus
02:39 < MillerBOSS> Owned by Cisco
02:40 < genr8_> so
02:41 < genr8_> is the common tactic to publish and share .admx group policy templates that auto-apply the bulk of these security best practices ?
02:42 < hug> I thought the ADMX files were generally template definitions, not template defaults.
02:42 < genr8_> idk.
02:42 < genr8_> i thought they had settings in them
02:42 < hug> IOW: It doesn't give you any "best pratice" defaults, it simply allows you to set those to best practice.
02:42 < hug> Nah. ADMX files all default to 'unset' on each policy setting, AFAIK.
02:42 < genr8_> oh.
02:43 < hug> Which is a pain in the dick, because a lot of templates use dumb double-negatives.
02:43 < hug> Like you might have a "disable the use of blah", which you have to set to enabled for the setting to be disabled.
02:43 < genr8_> those make my head hurt
02:44 < genr8_> Ensure "Prevent enabling lock screen camera' is set to "Enabled
02:44 < hug> :(
02:46 < genr8_> i wonder how long its gonna take me to go through all 816 pages of this document
02:47 < Hunterkll> any of you fucks wanna hang out in moscow?
02:47 < JollyRgrs> no
02:48 < Hunterkll> i got so drunk i apparently have plane tickets to moscow now
02:48 < Hunterkll> so
02:48 < Hunterkll> the day after defcon
02:48 < Hunterkll> :X
02:48 < Hunterkll> not shady at all...
02:50 < jay-ros> Hunterkll - You're fucking amazing
02:50 < jay-ros> Privet, motherfucker!
02:50 < hug> uh oh
02:50 < hug> I have a very fucky server.
02:50 < Hunterkll> jay-ros, "How drunk did you get last night?" "Bought plane tickets to moscow" "How the FUCK do you still have a liver?!?!"
02:50 < Hunterkll> I blame the movie
02:50 < jay-ros> Hunterkll - I'm super responsible, but the loudest idiot on earth when I drink
02:50 < Hunterkll> was watching red sparrow at a party
02:51 < hug> Explorer is fucked.
02:51 < hug> And I can't end explorer.
02:51 < hug> Aaaand now powershell is hanging.
02:51 < hug> oh no
02:51 < genr8_> yay windows
02:51 < nojeffrey> just bought a Xiaomi redmi note 5, for $230usd its amazing for the price, never buying samsung again
02:52 < Hunterkll> lol
02:52 < genr8_> dont crack the glass
02:52 < MillerBOSS> If anyone cares live feed https://www.youtube.com/watch?v=8Xd5m_p5HfY
02:52 <+layer-eight> * MillerBOSS →  YouTube → President Donald Trump and Kim Jong-un meeting in Singapore → ⚘ 1,179 ↑ 120 ↓ 11 ✍ 0
02:52 < hug> E:\Applications\Logs>taskkill /f /im powershell.exe
02:52 < hug> ERROR: The process "powershell.exe" with PID 140424 could not be terminated.
02:52 < hug> Reason: There is no running instance of the task.
02:52 < hug> pls no
02:52 < nojeffrey> genr8_ cost more to fix that the phone?
02:52 < Hunterkll> ya uh
02:52 < Hunterkll> hug, have you considered suicide?
02:53 < Hunterkll> it can help solve this problem.... for you
02:53 < hug> oh it just died.
02:53 < hug> yessss
02:53 < Hunterkll> lol
02:53 < Hunterkll> rekt
02:53 < genr8_> i mean the glass is inferior
02:53 < Hunterkll> #REKT
02:53 < Hunterkll> nojeffrey, honestly, my Galaxy S8+ is the best piece of hardware i've ever had for a long time
02:53 < genr8_> as long as you dont break it, its fine though right :)
02:53 < Hunterkll> though, it doesn't run samsung's image
02:53 < Hunterkll> so
02:53 < nojeffrey> ah, i'll get a decent case for it
02:53 < MillerBOSS> Shit bow https://www.youtube.com/watch?v=bUubgv3_ps0
02:53 <+layer-eight> * MillerBOSS →  YouTube → Curb Your Enthusiasm - A Bow Is A Bow → ⚘ 281,215 ↑ 1,068 ↓ 15 ✍ 183
02:54 < nojeffrey> Hunterkll I love a bargain though, you seem to spend like its christmas every month
02:55  * Hunterkll shifty eyes
02:55 < JollyRgrs> how many of you refuse linkedin connections from ppl who you don't think are good at their job?
02:55 < Hunterkll> can i just claim money laundering?
02:55 < genr8_> haha
02:55 < Hunterkll> JollyRgrs, all the time
02:55 < Hunterkll> fuck 'em
02:55 < JollyRgrs> lol
02:55 < JollyRgrs> ikr?
02:55 < genr8_> thats why theyre submitting random invitations most likely
02:55 < JollyRgrs> i don't want to be associated by them
02:55 < Hunterkll> i'm limiting myself to C-levels and such these days
02:55 < hug> https://h-u.gs/iYxoB
02:55 < hug> lol
02:55 <+layer-eight> * hug →  IMAGE/PNG Document, 4,354 bytes
02:55 < Hunterkll> for the most part
02:55 < Hunterkll> unless i personally know you
02:55 < JollyRgrs> genr8_: nah, b/c i was great at my last job (not like any diff now)... but i'd look good on his linked in
02:55 < MillerBOSS> How do you know if they are good or not, JollyRgrs ?
02:55 < Hunterkll> hug: wat
02:55 < JollyRgrs> MillerBOSS: i worked with them
02:55 < MillerBOSS> Oh
02:56 < Hunterkll> hug: I just got my film scanner. it's 10,000 DPI. my photos folder is going to be as large as xbox :(
02:56 < admiralspark> JollyRgrs: I don't. I just don't endorse people unless I believe they do know said skill
02:56 < JollyRgrs> and stupid "do you know?" on linked in now doesn't even show you the person's name... just the headshot of some girl and dismiss or yes, connect
02:56 < admiralspark> some people might be the gateway to a new job regardless of how bad they are at theirs
02:56 < JollyRgrs> like wtf?
02:56 < hug> Not worth.
02:56 < admiralspark> JollyRgrs: I think that's actually a dating app you're using
02:56 < Hunterkll> what's the premier photo intake software tehse days
02:57 < Hunterkll> still lightroom ?
02:57 < hug> Yes.
02:57 < JollyRgrs> admiralspark: i thought at that at first... but i'll take my chances
02:57 < hug> Nothing beats lightroom for cataloguing.
02:57 < Hunterkll> hug: let me guess, subscription only now
02:57 < JollyRgrs> that's why i'll add ppl i know (who are good ppl) that aren't in my field
02:57 < hug> Yes.
02:57 < Hunterkll> fucking hell
02:57 < Hunterkll> adobe can suck a dick
02:57 < Hunterkll> i'm torrenting that shit
02:58 < JollyRgrs> lol... like my cousin, who is a film maker type person... i have 2 connections... cousin and someone else, with a graphic and UX designer at unisys
02:58 < genr8_> i wonder how much money theyre making selling adobe essentials for $99 in the windows store and having that suck dick
02:59 < Hunterkll> NOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO
02:59 < JollyRgrs> ooh! a solarwinds consultant
02:59 < Hunterkll> WHAT THE FUCK
02:59 < Hunterkll> this software came on CD
02:59 < Hunterkll> i don't have a CD drive in my desktop
02:59 < Hunterkll> only LTO-5 and USB jacks
02:59 < Hunterkll> :/
02:59 < genr8_> rip optical
02:59 < Hunterkll> genr8_, but long live tape, right?
02:59 < genr8_> odd
02:59 < Hunterkll> :)
03:00 < Hunterkll> desktop case only has 1 5.25" bay
03:00 < Hunterkll> :(
03:01 < MillerBOSS> Man that limo is a tank.
03:02 <@cryptic1> back to work all of you
03:02 < MillerBOSS> OK thanks
03:02 < MillerBOSS> `bofh
03:02 <+layer-eight> BOFH Knot in cables caused data stream to become twisted and kinked
03:02 < genr8_> yea the doors and windows are like 6" thick
03:04 < rootsudo> MikeSpears funny, I skipped work today
03:04 < MikeSpears> lol
03:04 < rootsudo> It's sad man
03:04 < MillerBOSS> Wow there it is.
03:05 < rootsudo> Great job on paper, shitty day to day
03:05 < Hunterkll> rootsudo, so i got really drunk last night
03:05 < Hunterkll> :P
03:05 < rootsudo> Hunterkll did you fuck a tranny?
03:05 < MillerBOSS> Probably understands no English right?
03:05 < Hunterkll> rootsudo, no, but i now have confirmed round trip tickets to moscow for right after defcon
03:05 < genr8_> trumps chatting him up
03:05 < catbeard> https://www.youtube.com/watch?v=2HohE4Eovl4
03:05 < Hunterkll> I got "acquire plane tickets to moscow" drunk
03:05 <+layer-eight> * catbeard →  YouTube → Grades - Crocodile Tears (Linier Remix) → ⚘ 149,936 ↑ 1,147 ↓ 28 ✍ 44
03:05 < rootsudo> Hunterkll I really want to go to DefCon
03:05 < rootsudo> but
03:05 < rootsudo> man what's the point I need to whip up something to present
03:05 < MillerBOSS> Probably thinking boy I outta
03:05 < rootsudo> I guess I can talk about MSFT and vulnerabilities
03:06 < catbeard> rootsudo: don't take your insulin pump with ya if you carry
03:06 < catbeard> js
03:06 < rootsudo> that's pretty sad really catbeard
03:06 < rootsudo> I know why, I just think it's sad lol
03:06 < Hunterkll> rootsudo, because going to defcon isn't sketchy enough. I have to go Defcon -> Washington DC -> Moscow
03:06 < Hunterkll> so i can get on all the lists
03:07 < rootsudo> Hunterkll yeah you're going to be on them all
03:07 < rootsudo> Russian US spy Hunterkll
03:07 < catbeard> always wanted to do the unofficial shooting range thing
03:07 < catbeard> bbq
03:07 < rootsudo> I guess I should buy tickets for defcon
03:07 < rootsudo> Unless I can bullshit some shit and get it approved but maybe it's too late
03:07 < Hunterkll> catbeard, i hear the shoot is great but i'm going home on the 12th
03:07 < rootsudo> Cause DefCon and Burning man are right near each other
03:07 < Hunterkll> have a flight to moscow on the 13th to catch apparently
03:08 < Hunterkll> rootsudo, you buy tickets in person cash only at defcon
03:08 < Hunterkll> no personal details recorded, no pre-registration
03:10 < rhqq> hi Hunterkll
03:10 < Hunterkll> hi
03:10 < Hunterkll> rhqq
03:10 < Hunterkll> what can i sucker you for
03:10 < rhqq> nommuch really
03:11 < rootsudo> Hunterkll that's ride, I was thining of HOPE
03:11 < rhqq> heil to 5ghz wifi
03:11 < Hunterkll> lol
03:11 < Hunterkll> rootsudo, you can crash at my place if you go
03:11 < Hunterkll> i have a 1050sq ft suite
03:11 < Hunterkll> in caesars
03:11 < rootsudo> Nice, Hunterkll
03:11 < Hunterkll> $0 :P
03:12 < rhqq> im abusing 5ghz wifi frequency channels
03:12 < rootsudo> I added Defcon to my calandar ;)
03:12 <@cryptic1> ban Hunterkll
03:12 <@cryptic1> oops
03:12 <@cryptic1> forgot the /
03:12 < Hunterkll> lol
03:12 < rhqq> cryptic1: back to work
03:12 < Hunterkll> cryptic1, i redefined drunk level achivements now
03:12 < Hunterkll> :)
03:12 <@cryptic1> D:
03:12 <@cryptic1> Hunterkll, how?
03:12 < rhqq> Hunterkll: you at defcon?
03:12 < Hunterkll> cryptic1, Ever get soooo drunk you wake up and have plane tickets to moscow ?
03:12 < rootsudo> Hunterkll we can get free tickets if we make a party
03:13 <@cryptic1> Hunterkll, trump level drunk?
03:13 < rhqq> ban cryptic1 for politics
03:13 < Hunterkll> trump doesn't drink
03:13 < jay-ros> Doctor Dick, signing out
03:14 < rootsudo> Hunterkll I took a boring sysadmin job, I skipped 1.5 days of work already and I'm only 3 weeks in
03:14 < rootsudo> Hunterkll I'm a great employee aren't I
03:15 < MikeSpears> rootsudo: I quit spectrum
03:15 < Hunterkll> lol
03:15 < rootsudo> MikeSpears But what about your free internet
03:15 < MikeSpears> no fucks even given
03:15 < MillerBOSS> Slcakers
03:15 < MillerBOSS> And Slackers
03:15 < MikeSpears> got a new job that pays more
03:15 < rootsudo> MikeSpears want a $40/hr one
03:15 < rootsudo> just pretend you know a bit of sharepoint
03:16 < MikeSpears> hoping I hear something favorable about the job at VIPRE tommorow, otherwise I'll be doing a contract
03:16 < MikeSpears> rootsudo: details?
03:16 < rootsudo> Sad part is, I know about SP and custom workflows and shit but yet I rather do nothing
03:16 < rootsudo> MikeSpears lol it's the job I'm doing now
03:16 < MikeSpears> even tho vipre is pretty damn close to 40 an hr iirc
03:16 < Hunterkll> cryptic1, https://i.imgur.com/jCLSR4U.png & https://i.imgur.com/xNiYH3F.png
03:16 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 46,327 bytes
03:16 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 171,468 bytes
03:16 < Hunterkll> er
03:16 < rootsudo> I may move to Chicago but I don't want to be alone again :(
03:17 <@cryptic1> THESE BETTER NOT BE DICK PICS
03:17 < rootsudo> I'm with room mates here and it's nidce
03:17 <@cryptic1> I am going to be pissed
03:17 < MillerBOSS> Too late
03:17 < MikeSpears> rootsudo: stay in florida
03:17 <@cryptic1> got me way too many times with that
03:17 < MikeSpears> noob
03:17 < Hunterkll> cryptic1, what i've never sent you a dick pic
03:17 < rootsudo> MikeSpears I don't want to. I want to be in Japan. I've been applying and I got accepted to JApanese schools
03:17 <@cryptic1> Hunterkll, that you remember
03:17 < rootsudo> the problem now is the fucking hours
03:17 < Hunterkll> cryptic1, https://i.imgur.com/In5YphO.png & https://i.imgur.com/xNiYH3F.png
03:17 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 171,468 bytes
03:17 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 62,556 bytes
03:17 < Hunterkll> those are the right two
03:17 <@cryptic1> please rephrase
03:17 < Hunterkll> that's how drunk i got
03:17 < Hunterkll> :P
03:17 < rootsudo> Hunterkll https://www.defcon.org/html/defcon-26/dc-26-cfopp.html lets do it
03:17 <@cryptic1> "I don't remember sending you a dick pick"
03:17 < genr8_> is it easy to apply for jobs in other states ?
03:17 < MikeSpears> can confirm, not dick pics
03:18 <+layer-eight> * rootsudo →  DEF CON® 26 Hacking Conference - Call for Parties
03:18 < MikeSpears> genr8_: ya
03:18 < genr8_> and then get the job and move there?
03:18 < MikeSpears> I'd love to go back to boston
03:18 <@cryptic1> Hunterkll, what were you going to do in russia?
03:18 < MikeSpears> but COL is nuts
03:18 < Hunterkll> cryptic1, am going to do you mean
03:18 < Hunterkll> but yea
03:18 < Hunterkll> I got so wasted and we were watching red sparrow at the party
03:18 < Hunterkll> so ... yea
03:19 < MikeSpears> NoVA would be cool too
03:19 < Hunterkll> of course I WANT TO GO SEE RUSSIAN BALLET AND TAKE A KREMLIN SELFIE
03:19 < Hunterkll> means that I MUST IMMEDIATELY ACQUIRE PASSAGE TO RUSSIA RIGHT NOW
03:19 <@cryptic1> lol
03:19 < Hunterkll> so i did
03:19 < Hunterkll> rootsudo, i dont have that much energy
03:19 < Hunterkll> lol
03:19 < Hunterkll> too much effort
03:19 < rootsudo> Hunterkll I'm going to put you down as character reference then
03:19 < MillerBOSS> Pussy
03:20 < Hunterkll> i mean
03:20 < Hunterkll> we don't have the full enough venue
03:20 < Hunterkll> like
03:20 < MillerBOSS> Dooooo it
03:20 < Hunterkll> its only 1050sq ft
03:20 < Hunterkll> it has couches and a 6 person dining table
03:20 < Hunterkll> its not like it's a fuckin penthouse suite lol
03:20 < rootsudo> That's fine
03:20 < rootsudo> we make it a VIP party
03:20 < Hunterkll> lel
03:20 < Hunterkll> you land mcafee and i'll agree
03:20 < rootsudo> Hunterkll You agree now and I'll get Mcafee
03:21 < Hunterkll> i mean i'll already have the room so idk
03:21 < MikeSpears> rootsudo: since I have to pay for internet again, I'm getting business lol
03:21 < rootsudo> Hunterkll Don't be a pussy
03:21 < MikeSpears> because fuck it, it's not even that much more money for 300 + a static IP
03:22 < rootsudo> MikeSpears How fast does porn load for you
03:22 < MikeSpears> very fast
03:22 < rootsudo> Not even going to argue the porn part
03:22 < rootsudo> This is #sysadmin
03:22 < MikeSpears> I mean, I don't look at porn
03:22 < MillerBOSS> AHAHAHA
03:22 < MikeSpears> I get it in real life
03:23 < MikeSpears> get a girlfriend rootsudo
03:23 < MillerBOSS> People usually do both
03:23 < MikeSpears> lol
03:23 < jay-ros> I just tore the shit out of one of our software vendors... I hate being an asshole
03:23 < MikeSpears> jay-ros: being an asshole is fun
03:23 < MikeSpears> espically when its warranted
03:23 < jay-ros> 'I'm responsible for providing the infrastructure. I should not be needing to log in as a test user to have your system working"
03:24 < jay-ros> "I’m available today to assist in this current issue, as from a business perspective it is high-priority, however this level of access should have been identified from your side prior to becoming last-minute."
03:24 < jay-ros> cc everyone, business director, my CIO
03:24 < xe0n> cc the world jay-ros
03:24 < Church-> Heya folks
03:24 < MillerBOSS> emailme@millerboss.com
03:24 < jay-ros> He's lucky I didn't have his mother's email address, think of what she'd think of him
03:24 < rootsudo> MikeSpears jay-ros that's not what you do
03:25 < rootsudo> you black mail the vendor to get a payment to allow the purchase from your company usually resulting in 5-25K in your pocket
03:25 < MikeSpears> lol
03:25 < jay-ros> hahaha rootsudo - I like it
03:25 < genr8_> is having a static IP technically a vulnerability ?
03:25 < rootsudo> don't settle for candy they put in the hardware boxes
03:25 < Church-> No
03:25 < rootsudo> but, I wouldn't know about that
03:25 < Hunterkll> genr8_, no?! wtf
03:25 < genr8_> lol
03:25 < Church-> Sup' Hunterkll
03:25 < agent_white> Aha I see you have a static IP, time to hax u
03:25 < jay-ros> Sup Church_
03:25 < jay-ros> -
03:25 < Hunterkll> Church-, i redefined ultimate drunkness
03:25 < rootsudo> HUNTERKILL BOUGHT TICKETS TO MOSCOW
03:26 < Hunterkll> ^
03:26 < rootsudo> Hunterkll  IS A RUSSIAN SPY
03:26 < Hunterkll> Church-, https://i.imgur.com/xNiYH3F.png & https://i.imgur.com/In5YphO.png
03:26 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 171,468 bytes
03:26 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 62,556 bytes
03:26 < Hunterkll> i got waaaasted last night
03:26 < rootsudo> lol
03:26 < MillerBOSS> By yourself?
03:26 < Hunterkll> no
03:26 < Church-> Hunterkll: Heh, cramming on interview prep.
03:26 < Hunterkll> at a party
03:26 < rootsudo> you didn't block all the records Hunterkll
03:26 < Church-> Time to mainline a tech stack I'm only partially familliar with.
03:27 < Hunterkll> lol
03:27 < Hunterkll> rootsudo, flight numbres don't matter
03:27 < Hunterkll> lol
03:27 < Church-> Hunterkll: Tech interview is partially generalized, partially tech stack specific.
03:27 < Hunterkll> lol
03:29 < Church-> So time to cram, their tech guys think I'll do fine but I'm still nervous and I'd like this position. Decent benefits, good salary, work from home with some travel.
03:30 < MikeSpears> quick, someone call the police on hunterkll
03:30 < MikeSpears> tell them a russian spy is flying to russia
03:30 < MikeSpears> to bring back info to putin
03:30 < rootsudo> MikeSpears Wrong department
03:31 < rootsudo> It would be Department of Homeland Security / TSA
03:32 < Hunterkll> rootsudo, you mean CBP
03:32 < Hunterkll> TSA don't give a fuck
03:32 < Hunterkll> they aint the popo
03:32 < rootsudo> TSA is part of CBP
03:33 < Hunterkll> rootsudo, wrong
03:33 < Hunterkll> ICE is separate from TSA
03:33 < Hunterkll> both under DHS, but separate
03:33 < Hunterkll> CBP is separate too
03:33 < Hunterkll> so is coast guard etc
03:33 < Hunterkll> https://www.dhs.gov/sites/default/files/publications/18_0519_DHS_Organizational_Chart.pdf
03:33 <+layer-eight> * Hunterkll →  APPLICATION/PDF Document, 80,657 bytes
03:33 < Hunterkll> "Countering weapons of mass destruction office" O.o
03:34 < rootsudo> Says the SPY
03:36 < jay-ros> Hey, does anyone have cluster aware updating knowledge?
03:37 < jay-ros> I've got some random GUIDS being created from our cluster aware updating servers in DNS, and trying to work out if they're actually required
04:18 < benjgvps> Phew, had a close call with my FreeNAS box not booting off the USB drive. I took it out of the internal USB port and it boots again... I should probably setup the redundant USB drive like I should have over a year ago...
04:19 < nojeffrey> benjgvps pretty easy to backup the config too
04:19 < benjgvps> nojeffrey: I'm sometimes impressed by my laziness
04:20 < nojeffrey> heh
04:20 < MadCamel> yeah that's like $5 and 5 minutes.. c'mon get with it
04:21 < benjgvps> The funny thing is, when I setup my FreeNAS originally, I bought two identical USB drives
04:21 < benjgvps> I just never set the second one up
04:21 < MadCamel> you can just plug in the second drive and dd one to the other lol
04:25 < Church-> Heya MadCamel
04:25 < benjgvps> I assumed it would be annoying, but it's literally four buttons
04:26 < MadCamel> heya Chur
04:26 < MadCamel> ch
04:26 < Hunterkll> look
04:26 < Hunterkll> microsoft
04:26 < Hunterkll> i get it
04:27 < Hunterkll> you like compatibility
04:27 < Hunterkll> BUT DO YOU STILL NEED TO MAINTAIN FIXES FOR COMPUSERVE 2000 IN WINDOWS 10???? https://i.imgur.com/ubIwI8m.png
04:27 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 112,933 bytes
04:27 < Hunterkll> i like how literally the only thing that breaks that software is the OS version
04:27 < Hunterkll> so winodws claims it's win2k so it can run
04:28 < rhqq> well, it doesnt really hurt to keep that
04:28 < MadCamel> never know when I might want to use compuserve
04:29 < rhqq> yeah man, one day aliens come to the earth and make you run compuserve, but you'll have nothing else but win10 around
04:29 < rhqq> thats when you'll thank ms for that
04:33 < MadCamel> random old man story: Back in the day you could dial into telenet(an early packet-switched network), connect to compuserve and use this legacy interface tosign up with random credit card numbers(passed checksum). Could get free internet for about a month. Back when 'net access was normally metered hourly and 12yo's couldn't afford it..
04:35 < rhqq> well, i was using that HUP trick on analog lines
04:36 < rhqq> single impulse instead of 90s was 30minutes
04:36 < rhqq> minimizing monies spent on internetz
04:36 < MadCamel> neat
04:36 < MillerBOSS> When you have a notice of then the aliens approach please ping me rhqq kthx. :)
04:36 < rhqq> MillerBOSS: always
04:36 < rhqq> :D
04:36 < MillerBOSS> :D
04:37 < rhqq> you'll be first one i call
04:37 < MillerBOSS> How goes it over there
04:37 < MillerBOSS> Thats what I am talking about
04:37 < MillerBOSS> Before Mom even
04:37 < rhqq> yea
04:38 < MillerBOSS> So some ass clown filed like 11 DMCA take downs on my Youtube account and not its broke. :(
04:38 < MillerBOSS> And all made up names
04:39 < MillerBOSS> now*
04:39 < MadCamel> I have one word to say that'll strike fear into any old hacker's heart: WinModem.
04:41 < MillerBOSS> How about this guy https://news.artnet.com/app/news-upload/2015/03/Peter-Norton.jpg
04:41 <+layer-eight> * MillerBOSS →  IMAGE/JPEG Document, 140,317 bytes
04:43 < MadCamel> no way man norton utilities was boss
04:44 < MillerBOSS> Steve Gibson shared a story last week that Peter wanted to buy Spinrite from Steve and Steve said no way so they made Norton Disk Dr. Interesting story. I'll get the link.
04:46 < MillerBOSS> Starts here https://youtu.be/TjqZXhBMSe8?t=5440
04:46 <+layer-eight> * MillerBOSS →  ⚓  https://www.youtube.com/watch?v=TjqZXhBMSe8&feature=youtu.be&t=5440 → YouTube → Security Now 666: Certificate Transparency → ⚘ 2,324 ↑ 54 ↓ 0 ✍ 17
04:46 < Church-> Welp I have a better if still small understanding of AWS again. Time to push it forward and brush up on tools.
04:47 < MillerBOSS> Stop typing like me Church-
04:47 < Church-> ?
04:47 < Church-> Kayyyy.
04:47 < MillerBOSS> 	Welp I have a better if still small
04:47 < MillerBOSS> Only I can type that way
04:47 < Church-> Didn't realize you did.
04:47 < MillerBOSS> Oh man
04:47 < MillerBOSS> I type like shit
04:48 < MillerBOSS> So I will put myself out there. :)
04:48 < MillerBOSS> So what are you learning in AWS?
04:57 < Church-> MillerBOSS: Just AWS in general, rusty. Also learning packer and Terraform from hashicorp's tools. Got an tech interview Thurs.
04:57 < Church-> So brushing up on tool specifics.
04:57 < MillerBOSS> Ahh gotchya
04:58 < MillerBOSS> So you must enjoy working with AWS as a whole then eh?
05:02 < Church-> Eh, it's a tech stack.
05:19 < redhat> hi.
05:20 < misspwn> hi
05:21 < redhat> how's it going?
05:23 <+NinjaStyle> HI
05:23 < redhat> hey NinjaStyle
05:23 < jay-ros> hi
05:23 < xe0n> ih
05:23 < MillerBOSS> LOL so this asshole that claimed false DMCA takedowns is attempting to extort me for $100
05:23 <+NinjaStyle> HI redhat
05:24 < redhat> https://www.reddit.com/r/Ubiquiti/comments/8qd2dj/usg_pro_and_fios/
05:24 <+layer-eight> * redhat →  USG Pro and FiOS : Ubiquiti
05:24 < redhat> thinking about that
05:24 < redhat> considering i've used both Ubiquiti Unifi line and now the Edge line
05:24 < misspwn> MillerBOSS, tell that a-hole the check is in the mail
05:24 < MillerBOSS> lol
05:25 < redhat> unrelated
05:25 < MillerBOSS> Still waiting for a response yet
05:25 < redhat> does anyone think that the new reddit UI is like.. NEW vs OLD runescape?
05:25 < misspwn> want me to cyber him?
05:25 <+AnonymooseWork> asl
05:25 <+AnonymooseWork> :D
05:25 < redhat> like: THX FOR USING THE NEW RUNESCAPE (I MEAN REDDIT)
05:25 < MillerBOSS> I don't know if its a guy or girl
05:25 < misspwn> o we can ask
05:25 <+AnonymooseWork> MillerBOSS does it matter? lol
05:26 < MillerBOSS> Unless misspwn wants to cyber a girl I guess
05:26 < misspwn> redhat, i don't have the new reddit interface yet i don't think
05:26 <+NinjaStyle> who doesnt
05:26 <+AnonymooseWork> i don't either
05:26 <+AnonymooseWork> reddit gold users can opt in to the old interface
05:26 < redhat> it keeps appearing on me misspwn
05:26 < misspwn> hmmm
05:27 < misspwn> only thing i've had so far was that chat beta thing that just appeared one time
05:27 < misspwn> that was a while ago though
05:27 < redhat> https://snag.gy/g5ZX9B.jpg
05:27 <+layer-eight> * redhat →  ⚓  https://i.snag.gy/g5ZX9B.jpg → IMAGE/PNG Document, 788,887 bytes
05:27 < redhat> the sidebar wont go away either after i tell it to
05:27 < misspwn> oh Grossssssssssssss
05:27 < misspwn> i will quit reddit if it changes to that
05:27 < redhat> let's go back to Usenet?
05:27 < redhat> plz
05:27 < misspwn> that's fucking awful
05:28 < MadCamel> usenet'd be dandy
05:28 < redhat> girl, bai
05:28 < MadCamel> just use reddit via api and bypass their crapware-laden interfaces completely
05:28 < redhat> although.. i am posting this in an IRC channel soooo
05:28 < redhat> we may be biased
05:28 < redhat> lmao, i thought you said 'crapware-binladen' interface
05:28 <+NinjaStyle> yall nerds
05:28 < misspwn> MillerBOSS, so how close are we finding out if this blackmailer wears thongs or thongs in a good or bad way
05:29 < MadCamel> hey man #!/bin/laden is my favorite shebang. and IRC channel
05:29 < redhat> colusion with terrorism
05:29 < redhat> MadCamel: you are now being whois'd by /u/prism
05:32 < MillerBOSS> No clue misspwn They used generated named and the same email address for all. https://millerboss.com/x/note-wOEP2trQgA-Z.txt
05:32 <+layer-eight> * MillerBOSS →  TEXT/PLAIN; CHARSET=UTF-8 Document, 174 bytes
05:33 < misspwn> oh and it's a gmail address
05:33 < misspwn> because that's legit
05:33 < MillerBOSS> Exactly
05:34 < MillerBOSS> https://www.techdirt.com/articles/20171022/23545638457/using-youtube-takedowns-as-extortion.shtml
05:34 <+layer-eight> * MillerBOSS →  Using YouTube Takedowns As Extortion | Techdirt
05:34 < MillerBOSS> And https://millerboss.com/x/Screen-Shot-2018-06-11-22-34-36-r.png
05:34 <+layer-eight> * MillerBOSS →  IMAGE/PNG; CHARSET=UTF-8 Document, 32,306 bytes
05:36 < misspwn> i hope you are having fun with that person
05:36 < MillerBOSS> I am not sure how much I can have if they don't reply
05:37 < genr8_> i hate new UI's that do nothing but waste more space
05:37 < MillerBOSS> What they did is get my account 3 strikes and near killed and can not upload.
05:37 < misspwn> oh oh what the fuck
05:37 < genr8_> for what
05:37 < misspwn> i wasn't sure of the full scope
05:38 <+CheckYourSix> I've been looking at those USB-C docks that support 3x 4K displays. Can you still game using something like that? Or is it worthless for anything more than regular PC usage?
05:38 < MillerBOSS> A rando claiming ownership via DMCA
05:38 < MillerBOSS> But I have no recourse except to remove the videos or send them a message via youtube saying they made a mistake
05:38 < genr8_> its just a display output, one that will barely support the 3 4k displays in the first place
05:39 < MillerBOSS> But with 3 strikes in 90 days account is about to get killed.
05:39 < MillerBOSS> >We have received three notifications alleging copyright infringement in one of your postings. Consequently, your account is subject to termination. Your ability to post new videos has been suspended. Your access to your account will be completely disabled unless we receive from you a valid counter-notification disputing at least one of the claims by Jun 18, 2018.
05:39 < genr8_> sucky
05:39 < misspwn> oh so this is frm uploading a video to youtube?
05:39 < misspwn> i thought it was from some private tracker thing
05:40 < MillerBOSS> Yeah I upload shit but this person doing the take down is trolling and extorting as per email message to me as I emailed them directly.
05:40 < MillerBOSS> Nope
05:40 <+NinjaStyle> send them malware
05:40 <+NinjaStyle> say it's bitcoins
05:40 < misspwn> yeah just embedd something
05:41 < misspwn> spoof that shit like the shit that gets spoofed at work that people click on
05:41 <+NinjaStyle> theres actually a new technique that is like 100% works every time
05:41 < MillerBOSS> Well I did install https://www.streak.com/ for Gmail to track the email being opened and all and hope to use the info to give to youtube.
05:41 <+layer-eight> * MillerBOSS →  Streak - CRM for Gmail
05:41 < genr8_> its of questionable ground to hack back and this isnt even that, its just griefing
05:41 <+NinjaStyle> send them a canary token as well
05:41 <+NinjaStyle> just an image embed one
05:41 < MillerBOSS> Learn me :P
05:41 < MillerBOSS> I have no idea
05:41 < MillerBOSS> lol
05:42 <+NinjaStyle> https://canarytokens.org/generate
05:42 <+layer-eight> * NinjaStyle →  Canarytokens
05:42 < misspwn> NinjaStyle, i like you
05:42 < MillerBOSS> Interesting.
05:42 <+NinjaStyle> this will let you know when they open and give you some user agent and geo info
05:42 < MillerBOSS> Yeah that is what streak does too
05:43 <+NinjaStyle> which will help for the next step, the phishing payload
05:43 <+NinjaStyle> if win 10, there is a guaranteed win that got dropped today
05:44 < MillerBOSS> Well lets wait till they reply again because I hope they are hurting for "100 USD"
05:45 <+NinjaStyle> yeah the user agent and os version info would be tremendously helpful
05:47 < MillerBOSS> Looks like info is limited https://uploads-ssl.webflow.com/5b0590e4b6c6cf6111a057aa/5b059d35fc2b2fdb0a0324e2_3-TrackYourOutgoingEmail.png
05:47 <+layer-eight> * MillerBOSS →  IMAGE/PNG Document, 167,796 bytes
05:47 <+NinjaStyle> no user agent??
05:48 < MillerBOSS> Guess not with Streak.
05:48 <+NinjaStyle> do the image web embed one
05:48 <+NinjaStyle> canarytoken
05:49 < MillerBOSS> Alright
05:50 <+NinjaStyle> i cant remember if that pulls full user agent, 1 sec
05:52 <+NinjaStyle> http://canarytokens.com/traffic/feedback/1bms7e3tujpu91qqd2wvrmzlv/test.jpg
05:52 <+layer-eight> * NinjaStyle →  IMAGE/GIF Document, 43 bytes
05:52 <+NinjaStyle> just a test
05:54 <+NinjaStyle> MillerBOSS: yeah i got useragent even on an embed
05:54 <+NinjaStyle> so you just do a url token, and add an image extension
05:55 <+NinjaStyle> then you can embed in the email with html if you want
05:55 <+NinjaStyle> its just a 1x1 image
05:55 < MillerBOSS> OK cool.
05:55 <+NinjaStyle> the default will say submit.aspx or something
05:55 <+NinjaStyle> just make it image.jpd or something else
05:55 <+NinjaStyle> jpg*
05:57 < Casteil> aww
05:57 < Casteil> Bane is back
05:57 < Casteil> my sweet little adoptive murder kitty
05:57 < Pyrotechno> bane
05:57 < Pyrotechno> watch out batman
05:57 < Casteil> Critterbane
05:57 < Casteil> Slayer of chipmunks
05:57 < Pyrotechno> :o
05:58 < Casteil> (Bane for short)
05:58 < genr8_> cat pic ?
05:59 < Casteil> https://i.imgur.com/rO0CYqZ.jpg
05:59 <+layer-eight> * Casteil →  IMAGE/JPEG Document, 326,927 bytes
05:59 < Casteil> it's not my cat, it just hangs around because I pet it a lot
05:59 < Casteil> and it helps control my chipmunks.. https://i.imgur.com/5MlTFIC.png
05:59 <+layer-eight> * Casteil →  IMAGE/PNG Document, 311,594 bytes
06:00 < Pyrotechno> Cute
06:00 < genr8_> keep it
06:00 < Casteil> it has a collar
06:00 < Casteil> it belongs to someone
06:00 < genr8_> aw
06:01 < Casteil> was out petting her like 20 minutes ago and she's still just curled up on my porch probably scoping for critters to murder :)
06:04 < LemWork> ah dell diagnotics... how useless they are
06:05 < LemWork> system gets a clean bill of health from Diags... Memtest has 460 errors and counting.
06:06 < Casteil> heh
06:06 < Casteil> "Sorry we can't fix what's not broken"
06:06 < MillerBOSS> Thanks NinjaStyle Figured it out and sent it along.
06:08 <+NinjaStyle> hopefully it triggers
06:09 <+NinjaStyle> some scammers are careful
06:09 < MillerBOSS> Looking at the headers Gmail was used and not a client.
06:09 <+NinjaStyle> but the next step will heavily dependent on the pretext. i would definitely do with some kind of word doc
06:10 <+NinjaStyle> i'll just leave this here
06:10 <+NinjaStyle> https://posts.specterops.io/the-tale-of-settingcontent-ms-files-f1ea253e4d39
06:11 < Hunterkll> jesus christ
06:11 < Hunterkll> my film scans are over 300mb/image
06:11 < Hunterkll> i need to buy more drives
06:15 < genr8_> compress compress
06:21 < genr8_> that SettingContent.ms post was worth it
06:27 <+NinjaStyle> :)
06:27 <+NinjaStyle> all their content is high quality
06:27 <+NinjaStyle> i recommend you subscribe to the blog
06:28 <+NinjaStyle> genr8_: ^
06:30 < genr8_> you know i had noticed those settings .ms files and i was meaning to investigate how they insert into the settings control panel , apparently poorly
06:34 < Hunterkll> NinjaStyle, so, wanna go meet up in moscow and be a russian spai with me?
06:34 <+NinjaStyle> Lol
06:35 < Hunterkll> i'm going for a week
06:35 < Hunterkll> lol
06:35 <+NinjaStyle> Why?
06:35 < Hunterkll> because i drunkenly acquired plane tickets
06:35 <+NinjaStyle> Lol
06:35 < Hunterkll> FORTUNATELY drunk me managed to bang it right for the monday after defcon
06:35 < Hunterkll> so
06:35 < Hunterkll> defcon -> DC -> Moscow
06:35 < Hunterkll> not shady at all
06:36 <+NinjaStyle> That's super shady
06:36 < genr8_> doesnt sound good
06:36 < MillerBOSS> Says Hunterkll
06:48 < genr8_> whats after bit torrent
06:54 < MillerBOSS> http://dinosaurpictures.org/ancient-earth#220
06:54 <+layer-eight> * MillerBOSS →  Ancient Earth globe
07:13 < jay-ros> well, it looks like I've learned more about web certificates today than I wanted to
07:14 < nohusuro> jay-ros: such as?
07:15 < jay-ros> nohusuro - strippin the password off a pfx, adding the correct comodo crt, testing certificate before creating pem file, and uploading to the load balancer to speed up request processes
07:15 < jay-ros> i.e. a lot of googling, faffing about with openssl, and copy-paste testing
07:15 < nohusuro> why would you strip the password off your pfx?
07:16 < agent_white> That reminds me, I need to get a personal wiki (or blog) up and running and actually stick to it... too many times I've dove into some niche project only to forget quite a bit of it  a few months later.
07:16 < jay-ros> because you need to upload the pfx key into a text file renamed .pem to upload into the exchange load balancer
07:16 < jay-ros> ...it's how they manage it. I'm sure you should be uploading a password-created version, but... it's how they do it
07:16 <+NinjaStyle> New last of us trailer omg
07:17 <+NinjaStyle> Ermergerd
07:17 <+NinjaStyle> Am excited
07:17 < agent_white> Ooo link?
07:17 < nohusuro> jay-ros: does comodo only provide the password in pfx format?
07:17 <+NinjaStyle> The Last of Us Part II – E3 2018 Gameplay Reveal Trailer | PS4 (https://youtu.be/btmN-bWwv0A)
07:17 <+layer-eight> * NinjaStyle →  ⚓  https://www.youtube.com/watch?v=btmN-bWwv0A&feature=youtu.be → YouTube → The Last of Us Part II – E3 2018 Gameplay Reveal Trailer | PS4 → ⚘ 495,122 ↑ 89,392 ↓ 5,304 ✍ 20,339
07:18 < nohusuro> generally you can use openssl to convert to pem without stripping the password from your pfx
07:18 < jay-ros> nohusuro, nope, that's the comodo license implemented into the exchange server
07:18 < nohusuro> you kinda want to keep the password on your private key material
07:19 < nohusuro> I'm assuming your exchange load balancer is a linux machine, otherwise you wouldn't be using pem
07:19 < jay-ros> yeah, it is
07:19 < jay-ros> hpaproxy with a wrapper, it seems
07:20 < jay-ros> haproxy*
07:20 < nohusuro> is this exchange 2016?
07:20 < jay-ros> 2013 on prem
07:21 < nohusuro> so you have multiple on-prem exchange servers?
07:21 < nohusuro> I'm trying to picture why you need a load balancer
07:21 < jay-ros> yeah, I've got a pair of redundant load balancers running four cas servers
07:21 < jay-ros> connected to four mbx servers hosting four mailbox databases
07:22 < jay-ros> two by two, except for the load balancers which are two on one side... I'm trying to work out how to create a failover on different subnets to create site failover/priority
07:26 < xe0n> a good old dagggg
07:26 < xe0n> sup jay-ros
07:26 < jay-ros> dagggg-tastic! howdy xe0n!
07:26 < jay-ros> xe0n - I'm looking at some serious green ticks next to whiteboard tasks in front of me right now... It's been a good week and a bit :)
07:27 < xe0n> rockin
07:27 < xe0n> i just sent out the schedule for the sc agent rollout, 10 weeks
07:27 < jay-ros> sc agent?
07:27 < xe0n> screen connect
07:28 < jay-ros> ah right on!
07:28 < jay-ros> connectwise assistance
07:28 < jay-ros> I've rolled out anydesk
07:29 < xe0n> yeah, anything is better than vnc and teamviewer
07:29 < xe0n> so ripping those right out
07:29 < hug> I don't mind teamviewer.
07:29 < hug> Except $$$$$$
07:29 < xe0n> anddddd ms have answered my question why we couldn't assign service numbers.... telstra have got the exclusive on e5 and wants any number, regardless if you use them as a reseller to purchase through them
07:30 < xe0n> ms just gave us a block of numbers, and now we can't assign them out
07:30 < xe0n> lol
07:31 < MillerBOSS> NinjaStyle 👉 Didn't work. Google image proxy picked it up
07:31 <+NinjaStyle> Those fuckers
07:31 < xe0n> hug: teamviewer enterprise is just rubbish, the way you need to assign machiens to groups is blah
07:31 < jay-ros> xe0n - that's a logistical nightmare
07:31 < MillerBOSS> >i want 100 usd
07:31 < xe0n> jay-ros: it is...
07:31 < hug> xe0n: It depends on how well you manage it from the get go.
07:32 <+NinjaStyle> You could always do it via external link, if you can think of how to make not suspicious
07:32 < MillerBOSS> >Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0 (via ggpht.com GoogleImageProxy)
07:32 <+NinjaStyle> Or u can just send a payload
07:32 < xe0n> hug: i ended up writing a PS script to do the 3 or so steps it wants you to do
07:32 < MillerBOSS> Well I got em on Google Hangouts
07:32 < xe0n> it works, but just rubbish...
07:32 < hug> Que?
07:33 < jay-ros> ouch, they're throwing extra costs for calls to mobiles?
07:33 <+NinjaStyle> Honestly MillerBOSS I would go lazy and generate some macro in veil and give it a shot
07:33 < jay-ros> 18 per month ex GST
07:33 < MillerBOSS> What a dick >Please send me money in advance
07:33 <+NinjaStyle> Or just do that specterops thing and hope they're on windows 10
07:33 < MillerBOSS> I have no idea about that stuff.
07:34 < MillerBOSS> Doing anything to him won't get my account fixed. I am just trying to show him in the act to show YouTube
07:34 <+NinjaStyle> I would ransomware him but to each his own
07:34 < jay-ros> xe0n - I feel a skype for business on-prem configuration happening in my office shortly
07:35 < hug> s4b onprem
07:35 < hug> lol
07:35 < hug> Dear god why
07:35 < MillerBOSS> Sure but that is foreign to me.
07:35 < hug> jay-ros: in fact why do you run all of these things in house.
07:35 < jay-ros> hug - because financial and strict manager :P
07:35 < jay-ros> hug - and I don't push and pull because I get to set it all up myself
07:36 < hug> The latter is an okay reason, the former isn't.
07:36 < jay-ros> I was just discussing the pricing with him
07:37 <+NinjaStyle> You could do it real easy with a vps or Kali ami
07:37 < MillerBOSS> https://millerboss.com/x/Screen-Shot-2018-06-12-00-37-38-L.png
07:37 <+layer-eight> * MillerBOSS →  IMAGE/PNG; CHARSET=UTF-8 Document, 41,197 bytes
07:37 < jay-ros> Millerboss - yes.
07:38 < MillerBOSS> Yes
07:38 < MillerBOSS> I need
07:38 <+NinjaStyle> Yes
07:40 < jay-ros> MillerBOSS, i need.
07:41 < MillerBOSS> Yes
07:41 < jay-ros> I was listening to a canadian podcast, and he was saying they have autodialler chinese guys at the moment
07:41 < jay-ros> ...the same ones that've been passing through Australia
07:42 < MillerBOSS> This dick cheese https://millerboss.com/x/Screen-Shot-2018-06-12-00-42-02-q.png
07:42 <+layer-eight> * MillerBOSS →  IMAGE/PNG; CHARSET=UTF-8 Document, 46,547 bytes
07:43 <+NinjaStyle> Now that you have the evidence, finish him!
07:44 < MillerBOSS> How? I don't know the shit you do
07:45 <+NinjaStyle> You've used metasploit right?
07:45 < MillerBOSS> Nah
07:45 <+NinjaStyle> O
07:46 < MillerBOSS> I mean I poked around but nothing more.
07:47 <+NinjaStyle> You basically generate an obfuscated reverse TCP payload with veil, put it in a word macro, start your metasploit listener, then SE them into opening the doc and running the macro
07:47 <+NinjaStyle> Then hope their AV is bad
07:48 <+NinjaStyle> But recently windows defender is pretty good
07:48 <+NinjaStyle> So if win 10 that other method is $
07:50 < MillerBOSS> Do you have $ 100 Skrill?
07:50 < MillerBOSS> Yeah I don''t have time for all of that ya know?
07:50 <+NinjaStyle> I mean it's fast if you know it, but I get it
07:51 < MillerBOSS> Right
07:52 < MillerBOSS> Now he wants to chat. Where are you from
07:52 < MillerBOSS> ffs
07:52 < MillerBOSS> I'm Vietnam
07:52 < MillerBOSS> Figures
07:52 < vader-> sup
07:53 <+NinjaStyle> Dealing with Vietnamese scammers
07:54 < MillerBOSS> And then send to vnstreetracingtv@gmail.com. Then I will retract your copyright complaint.
07:54 <+NinjaStyle> I wonder if that is his YouTube login
07:55 < MillerBOSS> Main address now is thuthuy12993@gmail.com
07:55 < MillerBOSS> Vns is for skrill
07:55 <+NinjaStyle> I'm super tempted to just email him and see what happens
07:55 < MillerBOSS> I figured you would have by now
07:56 < MillerBOSS> Because he asked for my channel as he can't keep track
07:56 < MillerBOSS> So pretend your channel was taken down from him
07:57 < vader-> taxes are such horse shit man... :-/
07:57 < Hunterkll> <nohusuro> so you have multiple on-prem exchange servers?
07:57 < Hunterkll> <nohusuro> I'm trying to picture why you need a load balancer
07:57 < MillerBOSS> Paypal address is vnstreetracingtv@gmail.com as well.
07:57 <+NinjaStyle> vader-: they're a necessary evil
07:57 < MillerBOSS> Now to youtube I guess
07:58 < Hunterkll> ^^^^ BECAUSE YOU SHOULDN'T RUN EXCHANGE WITH LESS THAN 4 SERVERS, 3 OF WHICH ARE ACTIVE DAG COPIES AND ALL OF THEM PROVIDING OWA/MAPI/ETC
08:03 < MillerBOSS> Dumb ass clicked the link NinjaStyle Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36
08:03 <+NinjaStyle> win 10
08:03 < MillerBOSS> 171.254.215.80
08:04 < MillerBOSS> I pasted it and said this is my channel
08:06 < MillerBOSS> I just know you can send $ 100 to paypal for me?
08:06 < MillerBOSS> Your channel will become good after sending money :)
08:06 < MillerBOSS> Probably some 17 year old making bank
08:09 <+NinjaStyle> fuck it im gonna just email him a reverse shell payload and say it is for generating hit bitcoin public key
08:09 < MillerBOSS> Do it
08:09 < agent_white> 'Paying the $100 for my friend' ;)
08:10 < vader-> did I miss something?
08:11 < MillerBOSS> I am definatly not paying this guy but now I have no idea that will take me seriously at youtube
08:12 < MillerBOSS> Yeah some Vietnamese is attempting to extort $100 from me to undo DMCA claims on my my youtube account.
08:12 < MillerBOSS> As I upload shit and make cash otherwise I would care as much
08:12 < MillerBOSS> wouldn't*
08:14 < jay-ros> vader-
08:14 < jay-ros> I need
08:15 < jay-ros> yes.
08:15 < MillerBOSS> Yes.
08:15 < vader-> hehe
08:16 < jay-ros> hahah Hunterkll - I just read your comment
08:16 < MillerBOSS> >I feel tired with you. After depositing $ 100 into my paypal paypal, your channel will have a good copyright status. I will not explain anything. Goodbye.
08:17 < jay-ros> MillerBOSS: "You're not worth my time. CLEARLY you don't appreciate good SEO and web optomisation. Goodbye friend.
08:17 < MillerBOSS> lol
08:17 < MillerBOSS> But this shows how fucked up YouTube's system is.
08:18 < jay-ros> MillerBOSS: "Also, i've recently changed my terms of service. Please be thankful to read them here....<website>"
08:18 < MillerBOSS> Anyone can file a claim and have zero proof
08:18 < MillerBOSS> Ha ha yup
08:18 < jay-ros> Has anyone played with a galaxy s9 yet?
08:18 <+NinjaStyle> metasploit always takes forever to install
08:19 < jay-ros> I need to swap my old s7 out for a new mobile, and I think I'm getting a freebie from work
08:21 < MillerBOSS> I feel tired with you as well
08:21 < MillerBOSS> You will not get $100.
08:21 < MillerBOSS> Not with your attitude.
08:21 < MillerBOSS> I just want to get money.
08:21 < MillerBOSS> I just want to get money.
08:22 < MillerBOSS> And I'm holding onto your allegedly copyrighted videos.
08:22 < MillerBOSS> I hope you get some where with that install
08:28 <+NinjaStyle> MillerBOSS: i was lazy but we will see
08:28 <+NinjaStyle> i just sent
08:29 <+NinjaStyle> MillerBOSS: is he still talking to you?
08:29 < MillerBOSS> Yeah its all good. Yeah
08:30 <+NinjaStyle> nothing still, wonder if it was delivered
08:32 <+NinjaStyle> im not feeling good about it, would have expected the shell by now
08:32 < MillerBOSS> Yeah he is random. Doesn't keep a steady flow of convocation
08:33 <+NinjaStyle> plus i have no idea if these payloads still work after the new defender updates
08:38 <+NinjaStyle> boo
08:39 <+NinjaStyle> well i know it was delivered to Gmail
08:39 < MillerBOSS> Me Well the way I see it is YouTube is facilitating in extortion.
08:39 < MillerBOSS> YouTube
08:39 < MillerBOSS> 1:36 AM
08:39 < MillerBOSS> I'm sorry if you feel that way.
08:41 < agent_white> Easier to file DMCA than access a two-factor account without a phone.
08:41 <+NinjaStyle> too bad the asshole didnt run my thing
08:42 <+NinjaStyle> i mean it was a super suspicious pretext to be fair
08:43 < MillerBOSS> I will not contact you again until you agree to transfer $ 100 into my paypal wallet :) Bey
08:43 <+NinjaStyle> tell him to check his email!
08:43 <+NinjaStyle> lol
08:43 < MillerBOSS> I just did.
08:43 < MillerBOSS> :)
08:44 < MillerBOSS> >Check your email!
08:44 < agent_white> NinjaStyle: Found my first Linux Jr. Sysadmin posting for a gig around here :) Double bonus since it's a telecom company. Fingers crossed.
08:44 <+NinjaStyle> nice, well good luck
08:44 < agent_white> Actually has realistic requirements too, which is a first.
08:44 < MillerBOSS> Do you have a link I can send him in Hangouts?
08:44 < agent_white> And thank ya. Hopefully I might at least get a foot in the door.
08:45 < MillerBOSS> And have like youtube channel etc in the url?
08:45 <+NinjaStyle> he replied
08:45 < togen> telecom companies are usually good starting point. Easy way to network with other people
08:45 < MillerBOSS> >Haha. I'm not as stupid as you are.
08:45 <+NinjaStyle> "I'm not as stupid as you think"
08:45 < MillerBOSS> >I will not accept Bitcoin.
08:45 <+NinjaStyle> wat
08:45 < agent_white> togen: Yeah, I have a background in telecom as a NOC so it would be a familiar environment.
08:46 <+NinjaStyle> MillerBOSS: this fuck face
08:46 < MillerBOSS> Yup
08:46 < agent_white> What's the avg turnaround time for Youtube to reverse a DMCA claim?
08:47 < xe0n> 88mph
08:47 < agent_white> False, 60 speed.
08:47 < vader-> Any of you know of a place hiring for an entry/jr level position?
08:47 < MillerBOSS> HA HA he screenshot the email to me
08:48 < MillerBOSS> >Tom
08:48 <+NinjaStyle> lol
08:49 < MillerBOSS> What an idiot.
08:49 < MillerBOSS> >That's how the virus spread. I only accept paypal or skrill
08:50 < xe0n> send him skrillex.mp3
08:50 < xe0n> lol
08:50 < MillerBOSS> Yeah!
08:50 <+NinjaStyle> oh weird i got the payload to be downloaded
08:50 <+NinjaStyle> but i don tthink he ran the whole command
08:51 <+NinjaStyle> MillerBOSS: have you clicked it too?
08:51 < MillerBOSS> >I do not get bitcoin because the government does not allow it. I only got paypal or skrill. Thank you
08:51 < MillerBOSS> Me, no
08:51 < MillerBOSS> Are you nuts?
08:51 <+NinjaStyle> weird, i had 2 ip addresses hit it
08:51 < ned0> i clicked the canary up above NinjaStyle
08:51 <+NinjaStyle> no it was different
08:51 < ned0> fucking quick scrolling
08:51 <+NinjaStyle> this was for the dumb scammer
08:52 < ned0> this is going to be worse than the time you knocked the SSD caddy out of my laptop
08:52 < ned0> with your mind
08:52 < xe0n> dunn dunn dunnn
08:53 <+NinjaStyle> lol
08:54 <+NinjaStyle> MillerBOSS: gdi
08:54 <+NinjaStyle> i think this is burned
08:54 < MillerBOSS> Meaning no go?
08:54 < MillerBOSS> Just go ahead and lift the strikes and you will not be hacked any more.
08:54 < MillerBOSS> IP Adress 171.254.215.80
08:54 < MillerBOSS> Windows 10
08:54 < MillerBOSS> Chrome 67
08:54 <+NinjaStyle> i think he knows its bad
08:55 < MillerBOSS> That'll scare em right, right?
08:55 < MillerBOSS> This is just a virtual machine. I can turn it off now. Hahahaha
08:55 <+NinjaStyle> lol idk, lets give him like 5 mins
08:55 <+NinjaStyle> i said i can send USD through my exchange
08:55 <+NinjaStyle> if he just runs the address generator
08:55 < MillerBOSS> He thinks you are me
08:55 <+NinjaStyle> aw
08:56 <+NinjaStyle> did the canary token say he was on tor MillerBOSS ?
08:58 < xe0n> you guys must not be very busy, ay?
08:58 < xe0n> lol
08:58 < MillerBOSS> It ahttps://millerboss.com/x/Screen-Shot-2018-06-12-01-57-50-2.png
08:58 < MillerBOSS> Shit https://millerboss.com/x/Screen-Shot-2018-06-12-01-57-50-2.png
08:58 <+layer-eight> * MillerBOSS →  IMAGE/PNG; CHARSET=UTF-8 Document, 36,845 bytes
08:58 < MillerBOSS> Me, I want me shit untucked.
08:58 < MillerBOSS> And unfucked
08:59 <+NinjaStyle> could send a macro and say its a paypal reciept
09:00 < xe0n> lol
09:00 < MillerBOSS> Well get creative. I know you are bored.
09:00 <+NinjaStyle> i should go bed
09:00 <+NinjaStyle> but i am annoyed by this guy
09:00 < MillerBOSS> Join the club on both things you said
09:01 < MillerBOSS> Uh oh. Getting cocky. >If you do not send $ 100 but also show your stupid, I will block all your messages, emails. Thank you. Last message.
09:07 < jay-ros> NinjaStyle, I need.
09:07 <+NinjaStyle> dowut
09:07 < jay-ros> yes.
09:07 <+NinjaStyle> yes
09:07 < jay-ros> :)
09:07 < jay-ros> $100
09:08 < jay-ros> MillerBOSS, are you seeing how deep this rabbit hole goes?
09:08 < MillerBOSS> Its interesting how his English got better. Maybe did take my suggestion of Google Translate.
09:08 <+NinjaStyle> i think its not just him running this operation
09:08 < jay-ros> "Boss, boss!!! I think I've got one!"
09:08 < jay-ros> "Ok, step aside, let me show you how a real scam artist does it, Pong"
09:08 <+NinjaStyle> MillerBOSS: i saw 2 IPs that were different from the one you had
09:08 < MillerBOSS> No idea. Trying YouTube from another angle.
09:09 < MillerBOSS> Your guess is as good as mine.
09:13 < MillerBOSS> Also when you go to https://support.google.com/youtube/answer/2807684?hl=en and click the blue box you send a counter notice which includes your (me) reason why and the form asks for legal name, address, number etc. Good thing I didn't put real info. This is a easy way to get money and some PII on people they way they are doing this. Huge hole if you ask me.
09:13 <+layer-eight> * MillerBOSS →  Counter Notification Basics - YouTube Help
09:18 < donut_> Hm, any good docs on how telegram works and how to possibly evict it?
09:19 < donut_> got reports that they might be frontin through my service
09:19 < MillerBOSS> In other news Dennis Rodman was crying eh?
09:19 < jay-ros> MillerBOSS: I'm guessing bath salts...
09:20 < MillerBOSS> How do you mean evict donut_ ?
09:20 < jay-ros> evict donut sounds like a consequence of a bad diet
09:20 < jay-ros> telegram is a messaging service - can you block it on the firewall?
09:20 < donut_> not entirely sure how domain fronting works, but just got note from russia that telegram traffic has been monitored from our web ips
09:21 < donut_> which are not in aws
09:21 < donut_> if you haven't heard telegram was the reason why russia blocked all of aws
09:21 < jay-ros> listen to Pharell Williams whilst using telegram?
09:22 < jay-ros> "I know that I'm carrying on, never mind if I'm showing off I was just frontin')
09:22 < MillerBOSS> Are you really going to listen to "Russia"?
09:22 < donut_> of course
09:22 < donut_> if you had customers there you would too
09:22 < donut_> or no customers for you until next year
09:23 < MillerBOSS> Wow
09:23 < donut_> when they report that telegram traffic has been found it means no more traffic for you, at all.
09:24 < donut_> jury rigged the systems now, but damn i need to find some docs on how telegram operates and how to filter it
09:24 < MillerBOSS> Are you an ISP?
09:24 < donut_> personally i have nothing against telegram but hot damn, didn't expect to find it in my domain
09:24 < donut_> nah, a smallish global web service
09:25 < donut_> we sell gadgets
09:25 < MillerBOSS> Similar https://signal.org/blog/looking-back-on-the-front/
09:25 <+layer-eight> * MillerBOSS →  Invalid HTML document
09:25 < MillerBOSS> Thats why its "bad" to go with Russia
09:25 < MillerBOSS> In my opinion.
09:25 < MillerBOSS> :)
09:26 < donut_> not my call, as usual. Technical fixes to political problems are a nightmare
09:26 < MillerBOSS> Yeah I hear ya
09:26 < donut_> but i guess it's even worse the other way around.
09:27 < donut_> political fixes to technical problems are horror
09:27 < donut_> at least on state level diplomacy
09:31 < MillerBOSS> Good luck there eh
09:31 < rhqq> whats all the fuss bout the russia here
09:31 < rhqq> ?
09:32 < rhqq> tldr ?
09:32 <+ihre> they're coming to homosexualize your kids
09:32 < MillerBOSS> Scroll up a rad
09:32 < MillerBOSS> tad*
09:32 < rhqq> ugh
09:32 < donut_> nah, trying to find something to help me identify possible telegram traffic
09:32 < donut_> messing up our small web service to russian customers
09:32 < MillerBOSS> So does that mean Telegram the app is using your services?
09:33 < donut_> possibly, and i have no idea how it works in that regard
09:33 < MillerBOSS> Wouldn't they have to be a customer?
09:33 < donut_> but they have been in the news that they are capable of impersonating different web services
09:34 < donut_> routing traffic somehow, forged headers? errors? i dunno
09:34 < MillerBOSS> https://core.telegram.org/mtproto/description
09:36 < donut_> yeah that's the transmission protocol, but not how it's transmitted through nation state level firewalls
09:36 < Atro> ez just block 443
09:36 < donut_> heh yeah
09:37 < Atro> some firewalls can detect Telegram traffic
09:37 < Atro> like Palo alto
09:37 < MillerBOSS> I got that from https://stackoverflow.com/questions/46298204/how-detect-telegram-protocol-from-its-tcp-headers
09:37 <+layer-eight> * MillerBOSS →  HOW Detect Telegram Protocol from it's TCP headers? - Stack Overflow
09:37 < MillerBOSS> https://security.stackexchange.com/questions/111961/filtering-telegram-traffic
09:37 <+layer-eight> * MillerBOSS →  encryption - Filtering Telegram Traffic - Information Security Stack Exchange
09:38 < Atro> why would you wanna block telegram/signal anyway
09:38 < Atro> is your GDPR triggerin?
09:39 < donut_> nah, i have nothing against telegram
09:39 < donut_> it's just that we get no russian customers if we leak such traffic
09:39 < Atro> "leak"?
09:39 < donut_> doesn't matter to US companies that much, but for europeans it does
09:40 < donut_> Atro: how else would i explain unexpected telegram traffic from my ip addresses?
09:40 < MillerBOSS> Users? VPN, TOR?
09:41 < MillerBOSS> If you are a small hosting company
09:42 < donut_> nah, this is just a web front for a hi-tech gadget company
09:42 < catbeard> Disallow ssh tunneling and block all but essential egress ports except pinholes
09:42 < Atro> okay, so ?
09:42 < MillerBOSS> Do you mean you are just hoping a website? donut_
09:43 < donut_> i have no idea if i actually leak telegram, but don't know enough to say it's not possible.
09:43 < MillerBOSS> Hosting*
09:44 < donut_> it's a service for the gadgets as well, but yes.
09:45 < donut_> oh and not some 'internet of things' monster
09:46 < rhqq> um
09:46 < rhqq> i did read something above
09:47 < rhqq> and it still makes no sense
09:47 < MillerBOSS> Yeah same here
09:47 < donut_> mm yeah
09:47 < vader-> so did the guy take the bate Miller?>
09:47 < vader-> bait
09:47 < MillerBOSS> Nah
09:47 < vader-> :-/
09:47 < vader-> so did youtube suspend your whole channel?
09:47 < rhqq> whats the point of fighting telegram in the first place>
09:48 < MillerBOSS> It will be in 7 days but I will not let up on them about it vader-. I claim YouTube is facilitating in extortion.
09:48 < donut_> dont have a choice if i want to keep russians buying our stuff
09:48 < donut_> oh well, i'll have to add some sniffers and try to find anything weird while recycling ips
09:48 < rhqq> donut_: thats idiotic in its idea and still doesnt explain the reason
09:48 < rhqq> whats the point
09:49 < rhqq> and whats wrong with russians?
09:49 < donut_> they block everything related to telegram and i got a notice that my ips leak telegram traffic
09:49 < donut_> and those ips are just simple web fronts
09:49 < rhqq> are you located in russia?
09:50 < donut_> which serve static images to another front which has no problems
09:50 < donut_> no
09:50 < rhqq> then russian jurisdiction is not affecting your business
09:50 < rhqq> E O T
09:50 < donut_> ...
09:50 < donut_> they block all traffic to our service, thus no russian customers
09:50 < donut_> which is the problem
09:50 < rhqq> they wont
09:50 < donut_> they did already
09:50 < donut_> nullrouted my ips, tested it myself
09:51 < rhqq> #neutralityoftheinternet
09:51 < rhqq> xD
09:51 < rhqq> so basically your subnets are filtered out on bgp or what
09:51 < rhqq> in russia
09:51 < Atro> lel
09:52 < donut_> each isp does it their own way but the result is the same. This is handled by Roskomnadzor, their communications authority
09:52 < rhqq> they are known to be.... stubborn
09:52 < donut_> i dont even care about the russia situation at this point so much, but the telegram part is.. baffling
09:53 < donut_> how the fuck
09:53 < rhqq> what are you selling to russians
09:54  * rhqq tests the russian accent..
09:54 < rhqq> Mikhail, tell me the truth
09:54 < MillerBOSS> lol
09:55 < donut_> heh
09:56 < rhqq> anyways, good luck, they're stubborn af, and now you wont really have peace with them for a long time
09:56 < rhqq> for me its sleep time, so cya folks
09:56 < donut_> anyway this will be interesting, thanks for the thoughts. Helped me to reconsider mine.
09:57 < rhqq> yeah, my 0 input
09:57 < donut_> =)
09:57 < rhqq> fun, i mean, they're doing exact thing americans, chinese and israeli ppl do as well
09:57 < donut_> nah just trying to explain the situation helps also me to understand it better
09:58 < rhqq> stop rubberducking me
09:58 < rhqq> xD
10:03 < jumi> morning
10:36 < Atro> why is it so difficult to get 3 external monitors with a laptop god dommot
10:47 <+ihre> get a (usb)dock
10:55 < togen> old dell docks could use 3 screens as well
10:57 < donut_> 2+laptop screen seems to be enough for me. Might be easier just to get a desktop for 3 or more ?
11:09 < togen> everyone at work uses 3 monitors
11:13 < genr8_> they make plenty of laptops that do 3 monitors
11:30 < togen> new hire's full name is 26 characters long...
11:34 < Hatsjoe> Mine is 22, so what? :P
11:45 < genr8_> theyre used to Bob and Jim
11:52 < togen> I am worried about Teamcenter PLM...
12:25 < jumi> Atro: I got two usb to hdmi adapters
12:25 < jumi> so I can plug my 3 monitors
12:29 < Atro> jumi: any feedback about how that works?
13:00 < jumi> Atro: fine enough
13:00 < jumi> altough cpu usage spikes a bit
13:00 < jumi> but for text and browsing the internet its good enough
13:01 < jumi> I wouldn't play video on it, it definitely works OK tho
13:06 < gavit> I had someone who'se lastname.firstname wouldn't fit in Windows AD
13:07 < gavit> as an account name
13:47 < kepler> Atro: need a GPU that'll support it. i think most intel chips support 3x < 4k, 2x 4k. otherwise, prob need a dedicated gpu
13:47 < kepler> Atro: i have an egpu for more screens
13:48 < kepler> on the go, i use 2x packed pixels
13:48 < kepler> waiting for razer's project valarie
13:50 < kaipee> how do you guys deal with shared 'machine accounts'?
13:51 < kaipee> like a manufacturing machine that needs to run monitoring software for testing builds, but will need to remain accessible across staff shifts (multiple users need to login and see results in the running software)
13:52 < kaipee> I don't like that they currently use a single account with a shared password
13:59 < Sousapro> kaipee: does the shared account need network access?
13:59 < kaipee> yes
13:59 < Sousapro> LMAO
14:00 < Sousapro> Security policy says no
14:00 < kaipee> reports of the builds need to be stored on network share
14:00 < kaipee> I know, it's a catch-22
14:00 < Sousapro> Is that the only network access that's required?
14:01 < kaipee> so how do I provide access to long-running software across multiple user shifts with network share access - but not allow single-login
14:01 < kaipee> I assume they only require network shares
14:02 < Sousapro> Local computer non admin account with a mapped network drive (that has saved credentials)
14:02 < Sousapro> Use group policy to mount the drive
14:02 < kaipee> local group policy?
14:03 < Sousapro> kaipee: and there's no way to run this software inside of a VM and use the endpoints as dumb terminals right?
14:03 < kaipee> and how would they log into the VM?
14:04 < Sousapro> kaipee: no, use domain group policy after putting these plague carriers err... Dedicated terminals into an OU
14:04 < kaipee> I'm not following
14:04 < Sousapro> I'd also use application whitelisting on them and only allow access to the required applications
14:05 < kaipee> I need for user1 to start the monitoring software, leave his shift and for user2 or user3 (across multiple shifts) to be able to login and see that software running and monitor it
14:07 < Nightcinder> so any normal monitoring software?
14:08 < Sousapro> So you can either lock down the workstation so that only the monitoring software can run and do the local account plus mapped network share
14:10 < Sousapro> Or you can do the same thing in a VM and have the users RDP shadow/VNC/VMware console their way into the box and leave the endpoints somewhat normal
14:11 < Sousapro> By doing things as GPOs inside of an OU it will allow you to replace or add machines as needed and will make sure people know those are special machines
14:11 <@cryptic1> morning
14:11 < Sousapro> Morning
14:12 < Nightcinder> back to work
14:12 < Nightcinder> all of our production machines are thin clients
14:12 < Nightcinder> maintenance has a laptop loaded with all their software they use
14:13 < SpookyCrisp> Nightcinder, I wish we could do that.
14:13 < Sousapro> Thin clients are a great idea
14:13 < Sousapro> No one ever wants to pay for VDI though
14:13 < SpookyCrisp> But management expects employees to work during hurricanes so they need laptops.
14:13 < Nightcinder> we use RDS
14:13 < Nightcinder> with two terminal servers
14:13 < Nightcinder> SpookyCrisp: office users have laptops/desktops
14:14 < Sousapro> SpookyCrisp: thin client laptops are a thing
14:14 < Nightcinder> and yes they are
14:14 < Nightcinder> i don't deploy those, nor would i
14:14 < SpookyCrisp> Sousapro, Yeah. My issue is my management doesn't use their noggins like normal folk.
14:14 < Sousapro> s/my/all
14:14 <+layer-eight> [SED Sousapro/SpookyCrisp] Sousapro, Yeah. My issue is all management doesn't use their noggins like normal folk.
14:14 < kepler> kaipee: does the software not allow multiple accounts/AD login? just give rights to that group that needs to log in
14:15 < SpookyCrisp> I tried to get everyone but people who would be normally working remotely to have desktops.
14:15 < kaipee> kepler: nope
14:15 < Nightcinder> front desk has a thin client to replace their useless hp laptop that never moved
14:15 < SpookyCrisp> Less likely hood of damage or loss.
14:15 < Nightcinder> we just deployed 3 wyse clients
14:15 < Nightcinder> getting ready to deploy 5 more
14:16 < SpookyCrisp> Those are nice.
14:16 < Sousapro> kaipee: if you want to make it really fun you can do remote app presentation
14:16 < SpookyCrisp> At a gig I was a contractor for we used those.
14:16 < Nightcinder> wyse 3040's mounted to P2217H's
14:16 < Sousapro> kaipee: create a security group that allows access to that app
14:16 < SpookyCrisp> Nightcinder, That would be perfect here.
14:17 < Nightcinder> office users w/ thin clients get two 22's
14:17 < Sousapro> Nightcinder: those have gotten way better over the last 10 years
14:17 < kaipee> Sousapro: how would the AD Sec Group get applied to a local admin on the machine?
14:17 < Nightcinder> laptop/desktop users get 24's
14:17 < Nightcinder> and some people get 27's at my discretion
14:17 < Nightcinder> but they're all the same res
14:17 < Nightcinder> some people just claim they're blind basically
14:17 < kaipee> using Computer Policy instead of User ?
14:17 < Sousapro> kaipee: the app has to run as admin?
14:17 < kaipee> nope
14:18 < kaipee> you said users should login a local admin
14:18 < SpookyCrisp> Nightcinder, My favorite. Larger screen != easier to see.
14:18 < Sousapro> Okay good
14:18 < Nightcinder> the only bad part about the wyse clients is you can't use a monitor mount
14:18 < kaipee> if they are a non-AD local account with admin rights, how do the Sec Policy get applied from AD>
14:18 < Nightcinder> unless you use a dell monitor mount
14:18 < Nightcinder> because of how it connects to VESA
14:19 < SpookyCrisp> Nightcinder, Yeah, but we use all Dell shit here. Wouldn't be an issue.
14:19 < Sousapro> kaipee: I wouldn't suggest using local admin account just regular local user accounts
14:19 < Nightcinder> no i mean
14:19 < Nightcinder> like we have the vivo gas dual monitor mounts
14:19 < misspwn> wait we passing out extra monitors? i'd lke mine to be all the same size please
14:19 < Nightcinder> you can't use wyse clients mounted
14:20 < Sousapro> kaipee: you'd have to experiment, it's been a while since I've done desktop support
14:20 < Nightcinder> misspwn: nope you get a 15 and 22
14:20 < kepler> ^ id kill myself
14:20 < kaipee> Sousapro: how do I apply AD Group Policy to a local user account?
14:20 < misspwn> :(
14:21 < SpookyCrisp> Nightcinder, Oh I see. Do you have them sitting on the desk
14:21 < SpookyCrisp> ?
14:22 < kepler> need this intern to get in already to do my work. ugghhhhh
14:22 < Nightcinder> the thin clients? no
14:22 < Nightcinder> we just leave them with the regular dell stands
14:22 < Nightcinder> instead of a mount
14:22 < SpookyCrisp> Nightcinder, Ah I see.
14:23 < Nightcinder> https://usercontent.irccloud-cdn.com/file/hLybIXiH/image.png
14:23 <+layer-eight> * Nightcinder →  IMAGE/PNG Document, 1,574,413 bytes
14:23 < Sousapro> kaipee: no idea off the top of my head. I haven't gotten out of bed yet though so YMMV lol
14:24 < Nightcinder> bro it's 830
14:24 < Nightcinder> get to work
14:24 < Sousapro> kaipee: I personally like running the software on a VM and having them access it there
14:26 < kaipee> yeah although the software needs direct access to electronic boards that they manufacture
14:27 < kaipee> it's a strange on,  no doubt :P
14:27 < Sousapro> Application whitelisting
14:27 < Sousapro> Local account
14:27 < Sousapro> Mapped network drive lol
14:28 < Sousapro> Anyone in here a desktop tech? I'm getting super rusty at this stuff lol
14:33 < SpookyCrisp> Nightcinder, Oh that's pretty neat.
14:35 < MadCamel> So is there any way to get generic win7 to act as a nat router?
14:36 < MadCamel> I ask because I need to get my linux workstation on a windows-only vpn
14:37 < SpookyCrisp> Sousapro, I'm stuck between desktop and sysadmin
14:37 < SpookyCrisp> Lol
14:37 < arlion> MadCamel: I remember trying my hand it several times and failing, mind you I was not nearly as knowledgble in networking as I am now.
14:38 < arlion> MadCamel: howevor, you want the easy way, I would reverse the roles, put the vpn on your linux box and nat the connection through your linux box would be much easier imo
14:38 < arlion> What is a "windows-only" vpn client you described?
14:39 < MadCamel> can't really do that, there's endpoint security that ties right into the TPM
14:39 < arlion> TPM?
14:39 < MadCamel> trusted platform module, crypto/key storage hardware
14:39 < arlion> Linux suppiort 802.1X authenitcation to include key auth
14:40 < Sousapro> Tell them you want to use Linux and request a Linux client
14:40 < Sousapro> What VPN client is this?
14:40 < arlion> Let's entertain this just a moment for discussion.
14:40 < arlion> Tell us a little bit more.
14:40 < MadCamel> They don't offer that even though the job is linux all day. Seriously guys, the only way to get on this network is the laptop they've given me. Anything else will red-flag my connection.
14:41 < McDonaldsWiFi> morning fellas
14:41 < arlion> MadCamel: do you have two NICs in the back on your Windows Machione?
14:42 < asimon> Good morning my friends
14:42 < arlion> asimon: good morning
14:42 < Sousapro> MadCamel: use the laptop they have given you and run a Linux VM?
14:42 < arlion> Ooo.. laptop. might need to use a usb->eth adapter.
14:42 < Sousapro> MadCamel: is it running windows 10?
14:42 < arlion> he said windows 7
14:42 < Sousapro> Ah
14:42 < MadCamel> Sousapro: that's plan B but this machine's a real dog so I'd rather not haha
14:43 < arlion> New plan.
14:43 < MadCamel> wifi and a nic. I'm not new at networking. It just seems that win7 doesn't allow nat unless it's win7 server?
14:43 < Sousapro> New plan, get a laptop made in this decade from work :P
14:43 < arlion> And which one are you using to connect to your office network? the wifi or eth?
14:44 < Sousapro> VPN miniport adapter
14:44 < MadCamel> wifi to public network, vpn over top of that to the office. nic's unused and I have a private network going between it and my real workstation already
14:44 < arlion> Okay
14:44 < arlion> do you have admin rights to your windows machine
14:44 < MadCamel> though honestly you don't need two nics for nat..
14:45 < MadCamel> I can get a token to get admin rights for an hour. They record the screen though. Heh
14:45 < arlion> hrm, no go.
14:45 < Sousapro> You could try using Windows internet connection sharing on the VPN adapter that's created when connecting to a VPN
14:45 < arlion> I was going to suggest install virtualbox and then yanking the nic from the windows machine and giving it to a lightweight linux vm
14:46 < arlion> but that requires admin
14:46 < MadCamel> that's actually a good idea. I could get virtualbox installed
14:46 < Sousapro> Sounds like you've got good admins lol
14:46 < arlion> very good.
14:46 < arlion> I can defeat most protections given enough time.
14:46 < MadCamel> thanks for the suggestion, didn't even think of using a VM as a router
14:46 < arlion> but dam, this is good.
14:47 < Sousapro> arlion: you're the reason why whitelisting is a thing :P
14:47 < arlion> It's also the condition of my employement is that my desktop is a linux machine.
14:48 < Sousapro> Honestly why though? I'm running multiple Linux VMs in the hyper V role on my win 10 enterprise box at work
14:48 < MadCamel> I tried that as well, they just couldn't do it, too many policy/compliance issues. But if I'm going to get any real work done...
14:48  * Casteil grumbles
14:49 < Sousapro> It makes your machine a special snowflake. Not quite as bad as Macs but still
14:49 < Casteil> got a designer/contractor here sizing up this location to fit more people
14:49 < Sousapro> I'd give you RHEL as a desktop os lol
14:49 < Casteil> I have a feeling my office is about to get turned into a set of cubes..
14:49 < MadCamel> eek
14:49 < arlion> Sousapro: yikes, you would pay licensing for my desktop? brah, I just run fedora.
14:49 < arlion> good and done.
14:49 <+giant_it_burrit> why not just use pfsense
14:49 < arlion> litterly what I was suggesting ^
14:50 < Sousapro> arlion: I'd want a supported OS so that I'm not having to support it lol
14:50 <+giant_it_burrit> felda = support
14:50 <@Code_Man65> Oh no giant_it_burrit, he isn't here and you said the magic word
14:50 < arlion> Sousapro: bitch, I AM THE SUPPORT.
14:50 < arlion> lol
14:50 <+giant_it_burrit> felda?
14:51 <+giant_it_burrit> REEEEEEEEEEEEEE
14:51 < asimon> #gotem
14:51 < Sousapro> arlion: or have you sign a piece of paper that says you have a special machines that requires you to maintain all patching according to org standard
14:51 < arlion> I patch every morning as habit
14:51 < Sousapro> arlion: and I'd make you run SEP14 still lol
14:51 < arlion> sep14?
14:52 < Sousapro> Symantec Endpoint Protection
14:52 < Sousapro> Or whatever the org uses
14:52 <@Code_Man65> Yuck
14:52 <@Code_Man65> SEP (and McAfee EPO) are both terrible
14:52 < Sousapro> I don't want to hear that Linux doesn't get viruses
14:52  * Sousapro stares at rootkits until they explode
14:53 < arlion> Sousapro: https://paste.fedoraproject.org/paste/~fAgW4CEvEmL-BMNR6FrZA
14:53 <+layer-eight> * arlion →  Untitled - Modern Paste
14:53 < Sousapro> Code_Man65: I'm not saying they are good
14:53 < arlion> patching history of my box for the last 2 years.
14:53 < Sousapro> Code_Man65: just that I'm not trusting a dev to keep a secure system that I can't easily mkbitor
14:53 < gavit> most tutorials online show you how to install apache and db on a single server. isn't it wiser to have a seperate db and webserver? when deploying 10 apps you then need 1 webserver and 1 db, and then you make those two redundant, or is it safer to keep them as 'one' because n upgrade of php shouldn't break the other apps?
14:54 < Sousapro> gavit: definitely split them up if possible
14:54 <@Code_Man65> gavit:  It's a question of scale, but splitting the web and db up are good practice
14:54 < gavit> Sousapro: so 1 vm per app?
14:54 <@Code_Man65> If you are doing 3 tier you split the app, web, and database tiers
14:54 < Sousapro> ++
14:54 < Sousapro> gavit: depends on scale
14:54 < SpookyCrisp> Sousapro, Oh god, not SEP!
14:55 < gavit> Code_Man65: so multiple db for redundancy and every app in a seperate apache/nginx vm?
14:55 < Sousapro> SpookyCrisp: it got less terrible with SEP14. SEP12 is still a dumpster fire
14:56 < MadCamel> gavit, that's generally a good plan.
14:56 <@Code_Man65> Generally, yep.
14:56 < Sousapro> gavit: that's only applicable at business scale
14:57 < SpookyCrisp> Sousapro, We've got the cloud version. Its meh at best.
14:57 < Sousapro> gavit: for home or small business, I'd probably go 2 or 3 servers for each tier.
14:57 < SpookyCrisp> Started looking into Windows Defender ATP since we can integrate it into Intune.
14:57 < Sousapro> Intune
14:57 < Sousapro> Ugh
14:58 < Sousapro> With Microsoft Autotune, you can forget about group policies. Here's half the functionality, enjoy
14:59 < Sousapro> Who needs a domain when you can use Azure AD instead? :P
15:00 < SpookyCrisp> Sousapro, That's what we're working towards lol.
15:00 <+giant_it_burrit> autotune is awful
15:00 < SpookyCrisp> We want to put at least half of our computing resources into Azure.
15:00 <+giant_it_burrit> unless used by tpain
15:00 < SpookyCrisp> giant_it_burrit, LOL
15:01 < Sousapro> SpookyCrisp: I've looked at it but I'd like intune to be a little more mature first
15:01 < SpookyCrisp> Sousapro, Not my idea. Just following orders. Our VP thinks we should be 100% cloud and have 0 on site infra.
15:01 < Sousapro> SpookyCrisp: lmao
15:01 < Sousapro> SpookyCrisp: he's gonna love those azure bills
15:01 < SpookyCrisp> Sousapro, I think Intune is awesome, but I agree it needs to mature some more.
15:02 < SpookyCrisp> Sousapro, We pay like $600 a month for our backup storage.
15:02 < SpookyCrisp> But we haven't started running VMs there.
15:02 < SpookyCrisp> We use a 3rd party to host VMs for DR.
15:02 < SpookyCrisp> That's expensive AF
15:02 <+giant_it_burrit> im tempted to have Hunterkl build out my sccm stuff
15:02 <+giant_it_burrit> but then he would do something
15:02 <+giant_it_burrit> and then start ww3
15:02 < Sousapro> SpookyCrisp: what's he gonna do when the first $10k azure bills shows up?
15:03 < Sousapro> Every C Level is like "put our Windows XP VMs in Azure" right now
15:03 <@Code_Man65> Most companies prefer opex to capex
15:04 < Sousapro> Code_Man65: that's fair but lift and shift is stupid and expensive
15:04 <@Code_Man65> No argument there, if you just try to move what you do on-prem to the cloud you are setting yourself up for failure
15:04 < Sousapro> Code_Man65: take advantage of AWS and Azure fully. Don't just upload your legacy VMs
15:05 < _Straffer> but why buy reliable things when it looks better on paper to buy the less secure things that frequently break
15:05 < _Straffer> these kinds of decisions are made by someone in a 10x10 dry-wall box while looking @ a spreadsheet
15:05 < Sousapro> _Straffer: you can't afford as many hookers or as much blow in the board room
15:06 < _Straffer> hookers
15:06 < _Straffer> blow
15:06 < _Straffer> but no extra data ports bc drops are expensive
15:07 <+giant_it_burrit> Code_Man65: do you have a getting started with sccm? reasons for sccm: better patching and app install. endpoint protection. mac management with parallels.imaging. thats the short list
15:07 <@Code_Man65> Honestly giant_it_burrit, I still recommend the windows-noob.com guides
15:08 < alazare619> had a wicked storm here last night
15:08 < alazare619> was out on my wooden deck watching it tons of sky to ground lighting
15:09 < alazare619> but what was crazier was the "spider" lightning
15:09 <+giant_it_burrit> did you get tased bro?
15:09 <+giant_it_burrit> Code_Man65: does it make the most sense to go to cbb with sccm and not the 2012r2
15:09 <+giant_it_burrit> i think its on 2016
15:10 <@Code_Man65> Yes, no reason to deploy 2012 r2
15:10 <+giant_it_burrit> then we move everyone off ltsb!
15:11 < alazare619> so we are FINALLY going to get exchange 2013 deployed
15:11 < hxcsp> alazare619: those are fun to watch and record, then play back in slow motion
15:11 < alazare619> on 2016 server
15:16 < alazare619> it will be nice to finally replace the old 2007 on 2003 exchange setup
15:16 < alazare619> and finally remove the 2003 dc's
15:17 <@Code_Man65> Umm alazare619, Exchange 2013 doesn't support Server 2016 (and never will)
15:17 <@Code_Man65> If you want Server 2016, you have to do Exchange 2016
15:17 < alazare619> wait
15:17 < alazare619> i phrased that wrong
15:17 < alazare619> 2013 on 2012 r2
15:18 < alazare619> dc's are going to 2016
15:18 <@Code_Man65> Why install Exchange 2013?
15:18 <@Code_Man65> It went out of mainstream support a month ago
15:18 <@Code_Man65> Go straight to 2016
15:18 < alazare619> becaues its the only one that we can direct migrate from 2007 from
15:18 < alazare619> cant put 2016 in prod with an existing 2007
15:18 < alazare619> the interoperability matrix doesnt show 2016
15:19 < alazare619> the migration path from 2007 to 2013 is as simple as standing up a 2013 with all roles
15:19 < alazare619> migrating the mailboxes and calling it a day
15:19 <@Code_Man65> Yeah, but 2013 should just be a stepping stone
15:19 < alazare619> it is a stepping and waiting stone
15:19 <@Code_Man65> Get everyone on it, decomm 2007, and then get 2016 stood up
15:19 < alazare619> didn't have enough budget to go straight to 2016
15:20 <@Code_Man65> Do you already have the Exchange 2013 license and cals?
15:20 < alazare619> 2016 is on your budget for next year tho...along with voip..and much much much more
15:20 < alazare619> yea it was purchased 2 years ago but never had a chance to actually get it done
15:20 < alazare619> funny enough pretty sure we have SA
15:20 <@Code_Man65> 2 years ago Exchange 2016 was out, assuming you got SA you have Exchange 2016
15:20 < alazare619> so might be able to go to 2016 for free
15:20 < alazare619> id have to double check on it
15:21 <@Code_Man65> Do so
15:21 < alazare619> actually pretty sure i do. Forgot tho the one reason we dont have it on the agenda is the fact that office 2007 doesnt support 2016
15:21 < vinrock> https://i.imgur.com/ihb83gt.jpg
15:21 <+layer-eight> * vinrock →  IMAGE/JPEG Document, 46,419 bytes
15:22 < alazare619> so we purchased 2016 with Downgrade for 2013. and are waiting on office. Then moving to 2016 as its a direct migration too
15:22 <@Code_Man65> What version of office are you running?
15:22 < alazare619> 2007
15:22 < vinrock> ew
15:22 < alazare619> i'm on 2013
15:22 <@Code_Man65> Oh good fucking god
15:22 < alazare619> but thats because i have a personal license :P
15:23 < alazare619> hey some are on office xp still ;)
15:23 <@Code_Man65> You aren't helping
15:23 < alazare619> i'm at that point where i'm like #fuckitall
15:24 < alazare619> but its progress
15:24 < alazare619> trying to undo 10 years of neglect is impossible
15:24 < alazare619> heres some more food for thought
15:24 < JollyRgrs> not impossible, just need a locomotive and a cow catcher
15:24 < alazare619> they purchased individual licenses for these products...
15:25 < alazare619> we got proper licensing for the new stuff but it's just 3 steps forward 2 steps back...things are starting to go better tho...
15:28 < Paco> Since we're on the topic of Exchange. Has anyone done an on-prem upgrade while having hybrid in place? We'd be going 2010 to 2016
15:36 < Hatter> How's everyone feeling today?
15:38 < Popzi> sad that my laptop usb mouse has died and we dont have any spare in the office, so im forced to use the god aweful trackpad :(
15:38 < corn266> use the little touch tip instead
15:41 < alazare619> Paco: thats what we are doing with 2007 to 2013
15:42 < Hatter> Popzi: It was just a friendly greeting, I was inviting a bunch of whining
15:42 < Hatter> *wasn't
15:42 < Hatter> I'm sorry, that's was very rude
15:44 < Popzi> I'm now even sadder that my whining has been rejected, whilst I sit here wheeping with my trackpad :'(
15:46 < Hatter> trackpads are the worst though
15:46 < Hatter> I can't take anyone seriously who uses them
15:49 <+giant_it_burrit> https://i.imgur.com/Z3jXh6A.gifv
15:49 <+layer-eight> * giant_it_burrit →  Dumb snake hits its head on a glass door
15:50 < l3gacy> good bacon to all and to all some good bacon!
15:54 < l3gacy> YAY!  ER level blood glucose @ job site!
15:56  * l3gacy faints, and lands on the ficus
15:57 < l3gacy> Hey, bmurt!
15:58 < l3gacy> Look at you, you're da Kaptain, now
15:59 < alazare619> so i've been playing the game of unsubbing from every email
16:00 < alazare619> and i'm down to only getting around 200 emails a day to my personal email finally
16:00 < l3gacy> So, you're losing, alazare619 ?
16:01 < Kaptain> every sinking ship needs a kaptain
16:06 < JollyRgrs> alazare619: trying to detect "legit" from spam emails?
16:06 < alazare619> yep
16:06 < JollyRgrs> you don't want to unsub from spams or you'll just let htem know you are active and hit MORE lists
16:07 < JollyRgrs> lol
16:07 < alazare619> actually l3gacy i was getting around 3k+ spam aday
16:07 < l3gacy> That's it?  Slacker
16:09 < JollyRgrs> alazare619: i think you just need to stop using alazare619@gmail.com for all the cam sites you sign up for
16:09 < JollyRgrs> just use like alazare619camwhore@gmail.com for that
16:09 < Hatter> good advice
16:09 < alazare619> JollyRgrs:  i dont i use alazare619+camwhore@gmail.com
16:10 < alazare619> i use tags :P
16:10 < rpifan> hi drug users
16:10 < Hatter> can you have + in an email address
16:10 < vinrock> not gmail
16:10 < Hatter> rpifan: good morning dear
16:10 < rpifan> on gmail
16:10 < Hatter> then alazare619 is a FIBBER
16:11 < rpifan> so i went to roo ad returned
16:11 < SpookyCrisp> Hatter, Serial fibber?
16:12 < JollyRgrs> alazare619: tags or not, they all come into the same thing
16:13 < alazare619> but then i have that tag auto deleted :P
16:13 < alazare619> the problem is getting back control of the main email address
16:13 < JollyRgrs> and how many companies do you think are wise enough to the whole email+tag@gmail and filter out the tags?
16:13 < alazare619> i'm starting to win the battle tho
16:14 < alazare619> idk id think writing code to circumvent (strip) the tag off only gmail would be a shitty ROI
16:14 < JollyRgrs> i'd scrape every email and just do replace  "+*@" with "@" and get the root emails... i mean, not hard
16:14 < alazare619> they can just spend more money and get more lists to mass blast
16:15 < JollyRgrs> this guy is hilarious
16:15 < JollyRgrs> he puts sir in front of everyone's name
16:16 < JollyRgrs> not just like "thank you, sir"... he'd be like "hello sir alazare619, blah blah blah... sir please let me know when I can contact sir cryptic1  about this"
16:17 < khelpw> Anyone else have 1803 roll out on domain joined PCs despite having it declined in WSUS?
16:18 < ekaj>  ree
16:18 < ekaj> pretty sure that's a common issue khelpw
16:19 < khelpw> h8
16:19 < ravioli> JollyRgrs: i wanna work with them
16:19 < JollyRgrs> you do, sir ravioli?
16:19 < ekaj> khelpw: i fixed the issue in my organization by blocking windows update domains at the firewall/proxy for everything except sccm / wsus
16:19 < Hatsjoe> Guys, I need your help.. If you have an AD with example.com as FQDN root domain, is it possible to create a conditional forwarder for foobar.example.com to some other DNS not linked to the AD in any way? (lets pretend the other DNS is simply 8.8.8.8)
16:19 < Hatsjoe> Takling about windows 2008 here
16:20 < Hatsjoe> Talking*
16:20 < rpifan> who were the roovians in here
16:20 < khelpw> ekaj: I'm fixing the issue in my organization by ignoring it.
16:21 < ekaj> ah we take that approach to everything
16:21 < JollyRgrs> rpifan: you are a fan of roo from winney the pooh as well, eh?
16:21 < JollyRgrs> ;)
16:21 < rpifan> 'roo
16:21 < rpifan> boooonnnnaarooooooo
16:21 < JollyRgrs> sorry
16:21 < JollyRgrs> doesn't ring a bell
16:21 < rpifan> lol
16:21 < JollyRgrs> but i do love calling ppl boons
16:21 < JollyRgrs> ya boon
16:22 < rpifan> it wasnt that best time ever
16:22 < rpifan> but it had peaks
16:22 < rpifan> to many damnded cops tho
16:22 < rpifan> on horses and in the air
16:22 < JollyRgrs> best of times for me always comes with two peaks
16:22 < ravioli> :O
16:22 < ravioli> SpookyCrisp vs felda in #donger!!
16:22 < JollyRgrs> firm, yet soft
16:22 < ravioli> felda's first dong!
16:22 < JollyRgrs> SpookyCrisp gonna die
16:23 < ravioli> correct
16:23 < rpifan> lol
16:25 < SpookyCrisp> REKT
16:25 < l3gacy> Learning Python... yay </sarcasm>
16:25 < Popzi> Hey there's nothing wrong with python!
16:26 < rpifan> dont speak ill of pythin
16:26 < rpifan> its the only programming language i dont hate
16:26 < rpifan> ive managed to create useful helpful scripts for work
16:26 < l3gacy> I need to learn Powershell, too
16:26 < rpifan> in a matter of a few days without even needing ot make objects or classes
16:26 < asimon> I think he forgot an opening sarcasm tag so the HTML didn't render for me
16:26 < Casteil> python is simple and effective
16:26 <+giant_it_burrit> cryptic1: want to beat rage together bby?
16:27 < Casteil> it's kind of hard to give python much shit
16:27 < SpookyCrisp> I love Python.
16:27 < Casteil> it has its place, of course, its place is not really high speed/massive data handling
16:28 < nickster> guess who forgot to put on deodorant on his right arm apparently
16:28 < l3gacy> ?
16:28 < nickster> meeee
16:28 < SpookyCrisp> Kek
16:28 < syere> nickster: that is why you keep emergency deodorant in the car
16:28 < Casteil> protip
16:28 < nickster> i have told myself that 4 times
16:28 < Casteil> don't keep deodorant in the car
16:28 < nickster> every time it has happened
16:28 < Casteil> it liquefies
16:28 < nickster> i normally bring a bag, be it backpack or briefcase
16:28 < syere> Casteil: it'll get melty sure during the middle of the day
16:28 < F34RInc> yeah just keep in a drawer in your desk
16:28 < nickster> so it'll go in there
16:28 < syere> but in the mornings its still solid
16:29 < l3gacy> I keep a stick in my backpack, and a stick at my desk, as well as in medicine cabinet
16:29 < rpifan> i like smelly sweaty guys
16:29 < Casteil> bingo, same with chap stick
16:29 < rpifan> as long as there hot
16:29 <+giant_it_burrit> you guys dont have a dolip bag in your office?
16:29 < rpifan> either really skinny or musuclar
16:29 < Popzi> how does it not expand and explode in the car during heat?
16:29 < syere> im not sure how it could explode...
16:29 <+giant_it_burrit> its a dry stick
16:29 <+giant_it_burrit> not the spray can
16:29 <+giant_it_burrit> thats what i think they mean
16:29 < Popzi> ah, yes, dry sticks, right.
16:29 < syere> they get melty. you dont go use it at noon. it's more so, you get into work and you are still on auto pilot and realize you forgot deodorant
16:30 < Popzi> exploding dry sticks, that could be fun
16:30 < nickster> you mean to tell me you don't spray liquid chap stick on your face
16:30 < syere> so you reach under the seat, grab the damn thing, then off to work
16:30 <+giant_it_burrit> are we still talking about the same thing?
16:30 < vinrock> aw fuck i just realized i forgot to renew my registration
16:30 < vinrock> now that i remembered im probably gona get pulled over on the way home
16:30 <+giant_it_burrit> make the appointment to get that done today
16:32 < vinrock> booyah tonight is the late night for my dmv so i can swing by after work
16:32 < vinrock> noice
16:32 < F34RInc> vinrock, you have to do it in person.  No online option
16:32 < ekaj> `bofh
16:32 < JollyRgrs> vinrock: yo ugotta swing by early so you are through the line before they close
16:32 <+layer-eight> BOFH Somebody was calculating pi on the server
16:32 < vinrock> yeah there's an office right by my place
16:32 < vinrock> and luckily it isnt busy since i live in the boonies
16:33 < ekaj> what state
16:33 < vinrock> jersey
16:33 < JollyRgrs> idaho
16:33 < ekaj> sorry
16:33 < ekaj> Urdaho
16:33 < vinrock> i know
16:33 < rpifan> im the daho
16:33 < narziss_> Yesterday I introduced the most mischevious dev in my office to the BOFH.
16:33 < JollyRgrs> u's a ho
16:33 < felda> vinrock You have to BOOP THE SNOOT
16:33 < JollyRgrs> HOOOOOOOOOOOOOOOOO
16:33 < rpifan> felda
16:34 < ekaj> everyone a ho
16:34 < vinrock> never not boop the snoot
16:34 < JollyRgrs> narziss_: which, in his opinion, should be you, right?
16:34 < Nightcinder> https://www.wyzecam.com/ how do these people make money
16:34 <+layer-eight> * Nightcinder →  Wyze Cam Pan
16:34 < Nightcinder> i'm confused
16:34 < narziss_> well, he knows it is way better to be on my good side.
16:34 < vinrock> whoa
16:34 <+giant_it_burrit> sell data to nsa
16:35 < JollyRgrs> Nightcinder: they want you to pay for extended clodu services
16:35 < JollyRgrs> their website tells you exactly that
16:35 < Nightcinder> 14 days is plenty
16:35 < JollyRgrs> "we want to make it cheap for all ppl"
16:35 < vinrock> aw man does this thing have an api
16:35 < JollyRgrs> https://www.wyzecam.com/our-story/
16:35 <+layer-eight> * JollyRgrs →  About Wyze Labs: Make Smart Home Technology Accessible To Everyone
16:35 < Nightcinder> my buddy bought one
16:35 < vinrock> cheap and easy automated paintball turret here i come
16:35 < JollyRgrs> vinrock: old v1 you could get a URL to watch it
16:35 < Nightcinder> loves it
16:35 < JollyRgrs> you could hack em
16:36 < JollyRgrs> v2 not yet
16:36 < JollyRgrs> i got a v2 :(
16:37 < Nightcinder> which do you have
16:37 < Nightcinder> the pan or straight on
16:37 < JollyRgrs> straight box
16:38 < JollyRgrs> the pan just came out i bought mine like a month or two ago
16:40 < Nightcinder> ah
16:40 < Nightcinder> how is it?
16:41 < JollyRgrs> not bad
16:41 < JollyRgrs> can't beat it for the price
16:41 < dragonfleas> How do you explain to end users you can't make things go back to loading 5 seconds instead of 10 seconds?
16:41 < dragonfleas> It's like
16:41 < JollyRgrs> however...
16:41 < JollyRgrs> you get what you pay for
16:42 < dragonfleas> They expect everything to run exactly the same amount of time always and everything to be static
16:42 < JollyRgrs> motion detection misses a lot, picks up a lot i don't want
16:42 < ravioli> dragonfleas: "sometimes it takes longer"
16:42 < JollyRgrs> zonemidner is much better in that regard
16:42 < dragonfleas> "outlook took 10 seconds to load this time instead of the usual time"
16:42 < JollyRgrs> i was hoping i could get the URL and hook it up to zoneminder
16:42 < ekaj> i called a tech about an appliance being slow after an upgrade
16:42 < dragonfleas> but then they freak out and say "i can't do my work if it's taking this long" and I honestly just get filled with rage
16:42 <@ravioli> take a breath
16:42 < JollyRgrs> dragonfleas: welcome to helldesk
16:42 < JollyRgrs> :P
16:42 <@ravioli> they'll always be like that.
16:42 < ekaj> i don't think he believed me until it took 30 minutes for me to dump a config from the web ui
16:43 < JollyRgrs> as the only one... you are helldesk and sysadmin all at the same time
16:43 < ekaj> also that's why I will not do helpdesk
16:43 < dragonfleas> JollyRgrs, not only do I deal with helldesk, but I'm also maintaining our entire infrastructure, I don't have enough time in the day to do everything I need to
16:43 <@ravioli> one of us!
16:43 <@ravioli> one of us!
16:43 <@ravioli> one of us!
16:43 < dragonfleas> I feel like I'm back at an MSP, putting band-aid fixes on stuff because I've run out of time
16:43 < DomLS3> dragonfleas: the solution is simple: tell them they have a virus that's slowing down their computer because of something they browsed to on the internet, and you have to let your boss know.
16:43 < JollyRgrs> dragonfleas: that's why i did my time as tech support and like the jeffersons, i moved on up
16:43 < DomLS3> I bet they stop complaining real quick
16:44 < dragonfleas> also previous IT guy didn't give any fucks about this environment and used 2003 r2 servers for 5 years without even thinking of upgrading
16:44 < DomLS3> wat
16:44 < DomLS3> cryptic1: back to work
16:44 < DomLS3> quick fuckin with the modes
16:44 < Tzunamii> ravioli: I, robot ?
16:44 < dragonfleas> I've been trying to reach out to Techsoup so I can get Exchange Online (365) but they won't fucking call me
16:44 < DomLS3> don't they only work with non profits?
16:44 < JollyRgrs> well, 2003 was a fine OS for 5 years before 2008 came out... therewasn't even a choice in those 5 years
16:44 < JollyRgrs> :P
16:48 <@ravioli> Tzunamii: ?
16:48 < Tzunamii> ravioli: "One of us!"
16:49 <@ravioli> ¯\_(ツ)_/¯
16:51 < Billy2> sigh, why is windows update and wsus such a pita to work with sometimes, got a few 2008 r2 servers that just refuse to show that they need the credssp updates
16:52 < estranger> any of you cunts ever use druid.io?
16:56 < sideup66> Why did felda end the mem
16:56 < sideup66> E
16:56 < sideup66> :(
16:57 < felda> becuase it's all ogre now
16:57 < sideup66> But
16:57 < sideup66> I'm sad
16:57 < sideup66> https://youtu.be/dj20Ao4Vw9w
16:57 <+layer-eight> * sideup66 →  ⚓  https://www.youtube.com/watch?v=dj20Ao4Vw9w&feature=youtu.be → YouTube → Sad Violin - Air Horn Sound Effect (MLG) → ⚘ 2,162,864 ↑ 22,069 ↓ 650 ✍ 1,395
17:04 < alazare619> dragonfleas: you and me we are the same
17:04 < dragonfleas> JollyRgrs, 2003 R2 is not okay 5 years leading up to 2018
17:04 < JollyRgrs> lol, i suppose you have a point there
17:04 <+giant_it_burrit> why is this chat so quiet
17:04 <+giant_it_burrit> are people working?
17:05 < Popzi> working???
17:05 < dragonfleas> Our exchange server is running 2007, and it's also storing our company share drive, and it's super broken, NT Backup fails on it, I can't fix it, tried every troubleshooting step I could find, worked on it for about 8 hours,
17:05 < dragonfleas> I wanna move to exchange online
17:05 < Popzi> but have you tried running windows troubleshooter on it?
17:05 < dragonfleas> Right now I'm trying to sell a DR solution to boss but it's REALLY hard to sell it to boss because we are tight on funds
17:06 < dragonfleas> I told him "all companies have DR stories, "we didn't invest in DR until we lost 500 thousand from a catastrophic fire in the server room" and then they are filled with regret, and no bonuses that year"
17:06 < dragonfleas> but he's like "idk if we have the funds, figure out the cheapest way to make it work"
17:07 < dragonfleas> but I refuse to do our current solution of rotating drives because we don't have enough storage space and we only have 4 tb SPINNERS, that could fail, and previous guy wanted them rotated, each server backed up every day 3 times a day and rotated 5 times a day
17:07 < dragonfleas> Cold storage for DR on shitty quality HDD's is a bad fucking idea
17:08 < dragonfleas> plus I am at other offices all the time, so who's going to swap the hard drives 5 times a day if I'm working on big projects out of the HQ all the time
17:08 < dragonfleas> How did you guys sell DR to your boss?
17:09 < Popzi> How effective even is rotating drives?
17:09 < dragonfleas> Popzi, I think it's more of a pain in the fucking ass than anything
17:09 < grumplestiltzkin> the risk of business shutting down for X time and then not recovering is a pretty good selling point, dragonfleas
17:10 < grumplestiltzkin> I dont mean  not recovering the data, I mean the business shuttering because it was down for too long
17:10 < Popzi> It seems like it, but if it's a fire then there'e pretty much no point, unless you're storing them in a fireproof box / offsite?
17:10 <+giant_it_burrit> what happens if a rotated drive is dropped
17:10 < Popzi> that too
17:10 < dragonfleas> Popzi, yeah he wants me to take them home with me every day
17:10 < Popzi> jesus xd
17:10 <+giant_it_burrit> what if you are off
17:10 < Popzi> what if you crash
17:10 <+giant_it_burrit> dragonfleas: how much data
17:10 < DomLS3> Should be using a third party vendor for picking up backups
17:10 < dragonfleas> giant_it_burrit, 22 TB
17:10 < DomLS3> but that costs $$$
17:11 < grumplestiltzkin> dragonfleas: what the actual fuck?
17:11 < dragonfleas> grumplestiltzkin, yeah....i fucking know...
17:11 <+giant_it_burrit> how many users?
17:11 < dragonfleas> i got it, i'll install crash plan pro on every server
17:11 < dragonfleas> just kidding
17:11 < Paco> Is any of that deduplicated or compressed? :o
17:11 < dragonfleas> Paco, it's compressed but not deduped
17:11 < Popzi> just accidentally drop a drive when you're taking it to the car
17:11 < dragonfleas> giant_it_burrit, we have about 100
17:11 < grumplestiltzkin> just so I'm clear,   the prcess now is a human person thing  swaps disks, maybe multiple times a day, then takes them home.  presumably not in a locked container, and also not encrypted?
17:12 <+giant_it_burrit> ^
17:12 < dragonfleas> grumplestiltzkin, yep
17:12 < dragonfleas> well
17:12 < dragonfleas> that's not the process
17:12 < grumplestiltzkin> that's an auditors wet dream to make a big red CRITICAL FAIL for that
17:12 < dragonfleas> because I told my boss I refuse to do that
17:12 < dragonfleas> it was the process before me
17:12 <+giant_it_burrit> what is the process
17:12 < Popzi> and this is what cutting corners looks like
17:12 < dragonfleas> right now we don't have a DR
17:12 < dragonfleas> backups are running to NAS
17:12 < dragonfleas> our NAS is external to rack
17:12 < dragonfleas> all back ups go to NAS
17:13 < grumplestiltzkin> oh, ok, if its *outside* the rack, you have physical and geographic diversity   :|
17:13 < dragonfleas> It's in my office which is across the building
17:13 <+giant_it_burrit> why not rsync to google or something
17:13 < Popzi> I think there's more chance of you dropping a drive / it breaking due to the constant swapouts than there is of it actually failing
17:13 < dragonfleas> but, my whole point of this is, I need a preferably cloud based DR service (or tape drive solution) that doesn't cost a fuck ton
17:14 < grumplestiltzkin> dragonfleas: bossman probably needs the definition of the word 'risk' explained - and if he knows, then the decision makers need to know.
17:14 <+giant_it_burrit> you could put 22 tb in google drive
17:14 <+giant_it_burrit> get in writing that they are ok with not having a real dr
17:14 <+giant_it_burrit> what industry are you in
17:14 < khelpw> dragonfleas: For $100/mo you can put your shit on my personal NAS at my house
17:14 < dragonfleas> non-profit state funded drug rehab/probation
17:14 < khelpw> I've only got like 4TB of storage
17:14 < dragonfleas> so basically the lowest funded shit
17:14 < khelpw> and it's a single, WD external HDD
17:15 < khelpw> but 4TB
17:15 < dragonfleas> nice meme khelpw
17:15 < khelpw> Who should I send the invoice to?
17:15 < grumplestiltzkin> dragonfleas: oh.  man. yeah, good luck getting any cash for anything
17:15 <+giant_it_burrit> i have more than that
17:15 <+giant_it_burrit> dragonfleas: if you want cheap and dirty
17:15 < grumplestiltzkin> dragonfleas: do yall have more than 1 physical building?
17:15 < dragonfleas> grumplestiltzkin, we do
17:15 <+giant_it_burrit> get a google account
17:15 <+giant_it_burrit> get 5 users
17:15 <+giant_it_burrit> enjoy unlimited space
17:16 < grumplestiltzkin> dragonfleas: fleabay it up mang.   for the actual DR - you probably cant afford COLO, so COLO yourself  - and then all these other strategies for multiple locations of backups
17:16 < dragonfleas> I wonder how long it would take to backup 22 terabytes with a 10 mbps upload speed
17:16 <+giant_it_burrit> dragonfleas: where are you
17:17 < grumplestiltzkin> drug rehab - I assume HIPAA applies?
17:17 < dragonfleas> grumplestiltzkin, yep we need to be able to sign BSA's with any backup company if it's third party/cloud
17:18 < dragonfleas> or have HIPAA compliance
17:18 < grumplestiltzkin> like - any physical backup medium that is transported better be encrypted - or if there's a loss, man  .. you don't want that fight to prove that there was no breach, or accept the breach fines
17:19 < grumplestiltzkin> an audit was how I finally got the $8k approved for our backup tapes to be encrypted
17:19 < grumplestiltzkin> way back
17:19 < alazare619> dragonfleas: if you wana know how to sell it find out how much the companies yearly income is then / by the number of hrs they are open then give them a hypothetical if we lost x we would be down for y and y is equal to Z in profits
17:19 < dragonfleas> grumplestiltzkin, our backups on the NAS are encrypted
17:19 < dragonfleas> alazare619, what profits? we're non-profit
17:20 < dragonfleas> we're in the red every year
17:20 < alazare619> i.e. my company pulls around 3-4 mill a year we are open 8-5 6 days a week then did the math
17:20 <+giant_it_burrit> dragonfleas: what nas
17:20 <+giant_it_burrit> dragonfleas: whats the budget
17:20 < dragonfleas> giant_it_burrit, our backup NAS
17:20 < alazare619> non-profits are never in the red every company minus my current was non profit
17:20 < dragonfleas> boss won't give me a budget
17:20 <+giant_it_burrit> i meant what is it
17:20 <+giant_it_burrit> could you secure 30 bucks a month
17:20 < alazare619> the term in the red is so losely used its stupid
17:20 <+giant_it_burrit> and are you in the us
17:20 < dragonfleas> yes i'm in US
17:21 < alazare619> theres grants and stuff they just need to file for it
17:21 < rpifan> anyone been to camp bisco
17:21 < alazare619> also if you are a 501c3 check with a local LEC
17:21 < alazare619> alot of them will let you colo so they can tax right off make sure its a small lec
17:22 <+giant_it_burrit> dragonfleas: whera about
17:22 < alazare619> alot of them will be on wind/battery/solar/gas backup power also and are usually pretty hefty buildings
17:22 < dragonfleas> how much do tape library's cost?
17:22 < dragonfleas> alazare619, i'm sorry but what is an LEC?
17:22 < alazare619> local exchange carrier
17:23 < dragonfleas> What does that mean?
17:23 < alazare619> its telco term
17:23 < alazare619> think local ISP...most ISP's before being an ISP were local phone companies
17:23 <+giant_it_burrit> dragonfleas: where abouts in the us
17:23 < alazare619> alot of the small ones still exist for small rural areas and they were given a ton of money for the fiber grants
17:23 < alazare619> alot of rural ISP's are now offering gigabit or faster because of that
17:23 <+giant_it_burrit> dragonfleas: what kind of nas
17:24 < alazare619> and there data centers are very very nice
17:24 < dragonfleas> giant_it_burrit, it's a WD4100
17:25 <+giant_it_burrit> i see dr backup/multiplebackup options on their page
17:26 < dragonfleas> it's the EX4100*
17:27 < alazare619> check pm dragonfleas
17:29 <+giant_it_burrit> dragonfleas: https://community.wd.com/t/possible-to-sync-between-google-drive-and-wd-mycloud/96803
17:29 <+layer-eight> * giant_it_burrit →  Possible to "sync" between google drive and WD Mycloud? - My Cloud - WD Community
17:29 < rr> guys, im trying to create WMI filtering on GPO for Windows 10 x64
17:29 < rr> select Version from Win32_OperatingSystem WHERE Version like "10.%" AND ProductType="1" AND OSArchitecture ="64-bit"
17:29 < rr> ^how to check if this query is valid?
17:31 < pcspkr> wbemtest
17:31 < grumplestiltzkin> speaking of disk things - for homelab use (freenas) with 2 ZFS volumes -  mirrored SSDs (1TiB ea) and mirrored spinners (4TiB ea) should I present the whole SSD and spinner volumes to the hypervisor to be datastores, or is splitting them a better idea?     For enterprise, I would make sure to have at least 2 of each (assuming non-tiered), but  I don't know if that's necessary for home
17:31 < pcspkr> connect -> ok -> query
17:32 < rr> pcspkr can run wbemtest on Domain Controller? and point to..?
17:33 < pcspkr> if your DC is GUI, sure
17:33 < pcspkr> you can run it on a client
17:34 < rr> yup.. pointed to namespace root\cimv2 and run the query
17:34 < rr> results are null
17:34 < rr> lol
17:34 < pcspkr> you can connect to remote computers by prepending \\computername\ into the namespace
17:36 < rr> hmm.. i dont have Windows 10 machine in my domain currently
17:36 < rr> guess hv to KIV
17:36 < rr> thanks for your help
17:36 < Heresiarch> grumplestiltzkin: considering the aim of a homelab is to approximate what you'd find in a prod environment, you might want to separate them (as they would be in a prod env).
17:37 < ebol4> what's that thing in html that makes a <td> take up the same space as multiple <td>'s
17:37 < ebol4> like i have one <tr> that contains a single element, and then the next <tr> contains two elements
17:37 < ebol4> i want to stretch the first <td>
17:38 < Popzi> ebol4: you mean rowspan= ?
17:39 < ebol4> rowspan, yeah, thank you
17:39 < Popzi> <td rowspan="200"></td>
17:43 <+NinjaStyle> wouldnt that be colspan?
17:43 <+NinjaStyle> colspan=2
17:45 < insecurity> nert
17:48 < ebol4> yeah it ended up being colspan
17:48 < ebol4> but same thing
17:50 < dragonfleas> are sonicwalls decent compared to fortinet firewalls?
17:50 < dragonfleas> are they comparable?
17:54 < ebol4> i imagine they're pretty much the same
17:55 < ebol4> but i also know absolutely nothing about either of them
17:55 < ebol4> i just like to imagine them
17:55 < JFDkthx> 3 more days
17:55 < JFDkthx> nerds
17:57 < JFDkthx> dragonfleas: if ur not using palo altos ur gae
17:59 < corn266> JFDkthx: Our information owner doesn't need to sign off on our risk assessment report, correct? Only if we needed to get a Risk Acceptance Letter?
18:00 < JFDkthx> corn266: not sure about that part.
18:00 < JFDkthx> it makes sense logically
18:00 < JFDkthx> because they have to accept that risk.
18:00 < corn266> I thought the AO was accepting the risk
18:01 < JFDkthx> mmm
18:01 < JFDkthx> idk.
18:01 < JFDkthx> all the experience i have with accredidation and ATOs come from the DOD
18:01 < JFDkthx> its diffint when we are DFCs
18:02 < JFDkthx> which btw
18:02 < JFDkthx> we have our audit tomorrow
18:02 < corn266> good luck, we have ours on Thursday
18:02 < JFDkthx> well it starts tomorrow and goes for a while
18:02 < JFDkthx> ima be on vacay
18:02 < JFDkthx> u2 <3
18:02 < corn266> lucky bastard
18:02 < JFDkthx> ;)
18:03 < corn266> I keep trying to get my FSO to take over the paperwork and he's finally started working on half of it
18:03 < JFDkthx> ravioli: ravioli nice and smelly pastioli
18:04 < JFDkthx> i wouldnt trust our FSO to program an x-09 much less fill out paperwork
18:05 < corn266> top kek
18:05 < vavkamil> what is FSO
18:05 < JFDkthx> facility security officer
18:05 < corn266> facility security officer
18:05 < JFDkthx> ++
18:05 < vavkamil> it's not even listed on wikipedia
18:05 < vavkamil> https://en.wikipedia.org/wiki/FSO
18:05 <+layer-eight> * vavkamil →  FSO - Wikipedia
18:05 < asimon> Film Symphony Orchestra
18:06 < JFDkthx> vavkamil: make a new entry then
18:07 < corn266> be the change you want to see
18:08 < estranger> so many ants. wtf.
18:09 < JFDkthx>  estranger garbage day?
18:10 < estranger> is it?
18:10 < estranger> nope!
18:10 < estranger> dont scare me like that
18:10 < JFDkthx> haha
18:11 < Hatsjoe> Does anyone have an explanation why with AWS, I can connect to the SES SMTP endpoint on port 2465 and 2587 via EC2 but not on ports 25, 465 and 587? ALL outgoing traffic is allowed
18:11 < JFDkthx> but what about incoming traffic
18:11 < dragonfleas> JFDkthx, you mean pfsense?
18:15 < corn266> ffs "Our organic eggs do not contain GMOs" well I'd fucking hope not
18:16 < rhqq> wut
18:17 < rhqq> corn266: these two buzzwords trigger me more than anything related to politics or devops-cloud ;p
18:17 < corn266> rhqq: here are the other two points this carton makes "No antibiotics were used in the production of these eggs" "All eggs are produced without added hormones"
18:17 < Heresiarch> rhqq: ...you get triggered by "eggs"?
18:17 < Hatsjoe> JFDkthx: also allowed in
18:18 < ebol4> everyone throw eggs at rhqq
18:18 < corn266> organic non-GMO eggs only though
18:18 < ebol4> only the purest
18:18 < rhqq> haha
18:19 < estranger> corn266, what if the egg is laid by a GMO chicken fed organic feed?
18:19 < Heresiarch> Hatsjoe: 25 is connection-throttled. https://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-connect.html
18:19 < rhqq> well
18:19 <+layer-eight> * Heresiarch →  Connecting to the Amazon SES SMTP Endpoint - Amazon Simple Email Service
18:19 < rhqq> technically speaking they're not pure at all
18:19 < ebol4> you some kind of chicken nazi
18:19 < rhqq> also free-range is the 3rd one
18:19 < Hatsjoe> Heresiarch: I know, but we havent been using port 25 yet, and that also doesnt explain why 465 and 587 doesnt work
18:19 < corn266> estranger: you mean a chicken that was selectively bread to produce more eggs?
18:19 < rhqq> caged, gmo-feed are most stable
18:19 < Hatsjoe> And with throtteling I'd expect it to work sometimes, but it doesnt work at all
18:19 < rhqq> chemically
18:19 < Heresiarch> Hatsjoe: what troubleshooting have you done?
18:20 < estranger> im ready for lab meat
18:20 < rhqq> meaning that they're lasting long
18:20 < ebol4> i want some chicken in a biscuit
18:20 < rhqq> not going bad
18:20 < rhqq> and have shortest time between being laid and chilled
18:20 < estranger> ive been craving cheap fried chicken for a while
18:20 < Hatsjoe> Heresiarch: verified inbound and outbound SG, inbound and outbound ACL, iptables
18:20 < rhqq> meaning they're safest to eat under all the circumstances
18:20 < corn266> ebol4: honey butter chicken biscuit
18:20 < estranger> i buy Egglands Best eggs
18:20 < Hatsjoe> Everything allows access, 2465 and 2587 work, 25, 465, 587 don
18:20 < Hatsjoe> dont*
18:20 < ebol4> i buy the 80-cent per dozen eggs from target
18:21 < estranger> i dont eat a lot of eggs anymore so I get the fancy ones.. supposedly less cholesterol.. and they do taste quite good
18:21 < rhqq> estranger: cholesterol is bullshit
18:21 < rhqq> in terms of food
18:21 < rhqq> it's digested
18:21 < ebol4> all eggs are beautiful
18:21 < rhqq> you produce your own, and it is independent on food you eat (more or less)
18:22 < estranger> rhqq, i dunno my numbers vary based on my diet
18:22 < rhqq> estranger: well
18:22 < rhqq> it is more like
18:22 < rhqq> you eat more fats/fatty acids
18:22 < rhqq> then your body have more bricks to create your own
18:22 < rhqq> also, that hdl/ldl markers
18:22 < JFDkthx> hurricane bud
18:22 < JFDkthx> ayyyy
18:22 < corn266> rhqq: you lay your own eggs?
18:22 < JFDkthx> that dank wet bud
18:22 < Heresiarch> Hatsjoe: dunno then. 465/587 should do, assuming you have starttls/smtps set up.
18:22 < rhqq> corn266: i shit brick
18:22 < rhqq> s
18:22 < estranger> im going to cali in augest... weedtime
18:23 < dragonfleas> sonicwall licensing is fucking expensive
18:23 < JFDkthx> for you
18:23 < rhqq> dragonfleas: go being poor somewhere else
18:24 < estranger> yeah i wish poor people would jsut knock it off and stop being poor
18:24 < rhqq> yeah, lets delegalize being poor! communism ftw!
18:24 < estranger> just get a better job duh
18:25 < ebol4> comrades o7
18:25 < JFDkthx> dragonfleas: typical, why arent you working at a fortune 500?
18:25 < JFDkthx> get lost
18:25 < JFDkthx> nerdbrain
18:25 < Hatter> shouldn't a stacked bar chart typically have the lower volumes at the bottom of the bar
18:25 < JFDkthx> Hatter: no, it's the opposite
18:25 < JFDkthx> because it's stacked.
18:25 < rhqq> Hatter: no, depends on how you set it up
18:25 < Hatter> but how do I
18:25 < rhqq> as two bars next to each other may have different valuse
18:25 < rhqq> ;p
18:26 < rhqq> values*
18:26 < Heresiarch> dragonfleas: ...and that's why I went with pfsense.
18:26 < estranger> #startUpLife ftw
18:26 < estranger> drink beer and use hipster words
18:26 < JFDkthx> estranger: just put everything into a single container and call it hypercontainerverged
18:26 < rhqq> estranger: organic, gluten-free beer
18:26 < ebol4> it's tuesday my dudes
18:26 < estranger> JFDkthx, oh shit...
18:27 < JFDkthx> estranger: also make it run some shitty jetty with a page that says #THEFUTURE and a countdown to 2020
18:27 < dragonfleas> New mario party is coming out :D
18:27 < Heresiarch> JFDkthx: triggered
18:28 < bmurt> hmm
18:28 < JFDkthx> Heresiarch: got em
18:28 < estranger> lol, still giggling at hyperconverged containers
18:28 < estranger> im going to start calling VMs that
18:28 < JFDkthx> lol
18:29 < JFDkthx> we've HC all of our docker containers into an HA appliance
18:29 < estranger> we combine all your containers into a single unit you can run on its own!
18:29 < JFDkthx> that gives us full control over the environment
18:29 < Heresiarch> ...
18:29 < Heresiarch> bro. Do you even serverless?
18:30 < JFDkthx> Heresiarch: yeah man, all of our domain servers are run on desktop login through virtual boxes
18:30 < JFDkthx> services*
18:30 < JFDkthx> sorry. `vagrant`
18:31 < estranger> vagrant in production? is that normal?
18:31 < Heresiarch> You mean you're not running auth through an API sourced to a lambda function with an S3 bucket for nonvolatile storage?
18:31 < estranger> Heresiarch, gross
18:31 < estranger> so gross
18:31 < Heresiarch> estranger: payback. ;)
18:31 < JFDkthx> Heresiarch: s3 was hacked. dont you remember the downtime last year
18:31 < JFDkthx> cant trust it
18:31 < Casteil> https://i.imgur.com/owwMokX.gifv
18:31 <+layer-eight> * Casteil →  what this cat did to its baby is really nasty , WARNING its hard to watch
18:31 < estranger> JFDkthx, DATA AUTONOMY
18:31 < estranger> Heresiarch, lol
18:32 < estranger> JFDkthx, https://www.datastax.com/why-datastax/data-autonomy read up, come to the dark side
18:32 <+layer-eight> * estranger →  Data Autonomy | DataStax
18:32 < JFDkthx> Heresiarch: what we really have is when someone makes a dns lookup we have an ansible script that spins up an ephemeral server in azure to do the resolution then it terminates itself.
18:33 < Hatter> JollyRgrs: but is there anyway to get consistent colors in my kibana dashboards?
18:33 < JFDkthx> estranger: what is this
18:33 < estranger> JFDkthx, it's your data, OWN IT
18:33 < Heresiarch> JFDkthx: ...plebian. The real hotness is just using DNS-over-HTTPS to have google return your resolution.
18:34 < estranger> DNS over HTTPS using your TCP over DNS proxy
18:34 < JFDkthx> Heresiarch: everything returns 401
18:34 < JFDkthx> but doesnt redirect
18:34 < JFDkthx> what do
18:34 < Heresiarch> JFDkthx: check with your ACS owner. You're clearly not authorized for DNS.
18:35 < JFDkthx> rip
18:35 < JFDkthx> i gotta poop
18:35 < JFDkthx> afk
18:35 < dragonfleas> :D
18:35 < dragonfleas> brain gotta poop
18:35 <@killdash9> JFDkthx: I want to believe in that ansible script
18:39 < scwizard> geez
18:39 < scwizard> my boss is starting to complain that it seems really inefficient only having one process per docker container
18:40 < Heresiarch> ...
18:40 < scwizard> he's not technically wrong is the issue so
18:40 < scwizard> that being said I'm gonna try and tune things without turning away from that quite so soon
18:41 < Heresiarch> scwizard: fpm or nginx?
18:41 < scwizard> Heresiarch: neither, php, it's php artisian queue work
18:41 < Heresiarch> ...
18:42 < Heresiarch> and you didn't put this in supervisord like the docs tell you to?
18:42 < scwizard> hmmmm
18:42 < scwizard> oops
18:42 < scwizard> that might be it
18:42 < scwizard> ok wait i'm confuse
18:42 < scwizard> ok i see
18:42 < scwizard> https://laravel.com/docs/5.6/queues#supervisor-configuration
18:42 <+layer-eight> * scwizard →  Queues - Laravel - The PHP Framework For Web Artisans
18:43 < scwizard> that doesn't fork to multiple queue work things though does it
18:43 < scwizard> and it's a daemon eww
18:43 < Heresiarch> yes, it does. And you can configure how many processes it starts up.
18:43 < scwizard> actually wait maybe it's fine that it is
18:43 < scwizard> idk
18:44 < Heresiarch> it'll also restart any processes that terminate out (depending on config), so it can be quite useful for non-persistent jobs that need to be multi-process.
18:45 < scwizard> def gonna look into that angle
18:50 < JollyRgrs> https://youtu.be/zI8UnfP21lI?t=60 i need a gif of that salt pour pls
18:50 <+layer-eight> * JollyRgrs →  ⚓  https://www.youtube.com/watch?v=zI8UnfP21lI&feature=youtu.be&t=60 → YouTube → Best Roommate Ever! Stephen Curry Rap by KingBach (Music Video) → ⚘ 3,006,637 ↑ 63,403 ↓ 1,269 ✍ 2,388
19:00 < gavit> Hi, on my cpanel I see spam emails getting generated with mailnull in the mail control data
19:01 < gavit> does this mean that the account mailnull (exim uses this) is compromised?
19:10 < admiralspark> gavit: if you have to ask, then yes
19:10 < scwizard> Heresiarch: supervisord isn't some laravel thing, it's this whole big thing
19:10 < scwizard> there comes a point, where if you're going to put a bunch of stuff with supervisord into one container you might as well use a real init system
19:10 < FenJai> I ahve pfsense running on my network but still ahve a ISP's modem in front of it. Do I need to put pfsense in the modem's DMZ to properly port forward ?
19:10 < scwizard> and if you're going to use a real init system, you might as well not use a container
19:13 <+ihre> just run a bash script or launch $application in foreground through the entrypoint ?
19:13 <+ihre> fuck supervisord/runit
19:14 < felda> FenJai no
19:14 < felda> FenJai make sure the modem is in bridge mode so pfsense does all of the routing and NATing and porting
19:15 < felda> then all the modem does is literally turn your ISP connection into ethernet and pfsense handles all the networking
19:15 <+ihre> if the application dies, the container should go down with it because you should put a healthcheck in place
19:15 <+ihre> (except when youre using lxc)
19:15 < scwizard> ihre: i'm strongly considering it
19:16 < scwizard> ihre: i don't give a shit if the application dies, a new container will be spun up
19:16 < scwizard> this isn't about keeping the thingy up, it's about running a bunch in parallel only
19:19 < FenJai> It doesnt look like my modem supports bridge mode felda. What else do you recommend ?
19:20 < felda> FenJai what is it currently doing?
19:20 < felda> is it not giving the public IP to pfsense?
19:20 < Casteil> damn chipmunks
19:20 < F34RInc> FenJai, what make and model modem do you have
19:21 < Casteil> digging too close to my utilities and causing a lot of property damage, game over guys
19:21 < felda> yeah I had this issue once with my DOCSIS 3 modem I got to use with comcast and pfsense
19:22 < FenJai> F34RInc, BT smart hub type A
19:22 < felda> I had to make sure my firewall was plugged in and on before the modem booted in order for it to pass the public IP to pfsense
19:23 < felda> FenJai do you have the specific model number?
19:23 < corn266> It shouldn't take long to write a partition table with partitions to an 8TB drive, right?
19:23 < FenJai> No, felda. Atm I have the modem on 192... network and pfsense on a 10... network. The modem is just set as a gateway for pfsense
19:23 < felda> Is it a modem, router, wifi combo box?
19:23 < F34RInc> felda, bruh you didnt even look it up
19:24 < corn266> F34RInc: don't you know the first rule of tech support is to always assume
19:24 < hxcsp> i order so much stuff from amazon, that they want to give me a ubiquiti dash button
19:26 < estranger> heh
19:26 < felda> well if it is that
19:26 < felda> then yeah you would want to put pfsense in the DMZ
19:26 < felda> most would recommend setting it in bridge mode before doing DMZ
19:27 < felda> but since it is a combo box that is likely locked down you will have to put it in the DMZ
19:27 < felda> I did that for a while using Frontier DSL and their modem, router, wifi combo box :(
19:27 <+NinjaStyle> im having a really shitty day so far
19:27 <+NinjaStyle> i'm about to tell my boss off
19:27 <+NinjaStyle> if he tosses one more piece of bullshit at me today
19:28 <+ihre> NinjaStyle: i need 48 6" patches, dtn
19:29 < FenJai> felda, do I need to do anything on pfsense once its on the dmz ?
19:29 <+NinjaStyle> ihre: its worse than that
19:29  * ihre tosses a crimping tool to NinjaStyle
19:29 <+ihre> few things are worse than crimping patches yourself :p
19:29 < felda> FenJai you might want to refresh your WAN IP but other than that you shouldn't have to
19:29 <+NinjaStyle> i wouldnt do that for several reasons
19:30 <+NinjaStyle> neither would they, because the labor would cost more than cables
19:31 < FenJai> what do you mean refresh felda ?
19:32 < felda> FenJai like a DHCP release / renew
19:32 < felda> because pfsense should be getting the WAN IP from your modem
19:33 < FenJai> Nah, I use static IPs between the modem and pfsense
19:33 < felda> aight if you want to thats fine
19:33 < felda> I've never done that so I can't help you if it goes dongers up
19:33 < Heresiarch> scwizard: ...and thus you progress on the path of wisdom.
19:33 < aName> well... that's fucking obnoxious. Dropbox counts the administrator as one of your licenses for business.
19:33 < FenJai> I want as few potential failure points on the modem
19:34 < scwizard> this is really really bizare
19:34 < scwizard> it seems the queue gets worked down at the same rate no matter how many fargate tasks we have
19:34 < scwizard> which defies all common sense
19:34 < scwizard> common sense would dictate that the more resources you throw at it the faster it should go but
19:35 < scwizard> while that was the case before with ec2 instances something funny is going on with fargate
19:36 < scwizard> it seems to be 1.5k messages every 5 minutes wheather there's 2 tasks or 20
19:36 < Heresiarch> scwizard: is there another limiting factor? Are 1.5k messages being dispatched to the redis queue per 5 mins?
19:36 < JFDkthx> everytime i log in and see that i dont have any new emails i start worrying about my exchange server
19:37 < JFDkthx> same thing with skype
19:37 < scwizard> Heresiarch: there shouldn't be, because when we have an ec2 autoscaling group processing said queue, it went faster
19:37 < scwizard> so it makes me wonder
19:37 < scwizard> is ALL my fargate stuff on one server
19:37 <+NinjaStyle> JFDkthx: i used to do the same thing
19:37 < scwizard> and it's trying to pump all the networking through one NIC or something
19:37 < scwizard> that would sort of explain why i'm limited to 20 fargate tasks?
19:37 < JFDkthx> NinjaStyle: i havent had an email or skype message since 8am
19:37 <+NinjaStyle> no new emails, sends a test email from gmail
19:37 <+NinjaStyle> whew
19:38 < JFDkthx> cant get to gmail at work
19:38 < JFDkthx> also no phone
19:38 < Heresiarch> scwizard: possibly.
19:38 < JFDkthx> so
19:38 < JFDkthx> im fuckered
19:38 < JFDkthx> guess i'll mailx from unicks
19:38 < estranger> i never used fargate
19:38 < scwizard> estranger: at this point i'm gonna recommend you keep it that way ngl
19:39 < estranger> yeah i dont think id touch that outside of maybe dev
19:39 < scwizard> its such a neat idea but
19:39 < scwizard> ugggggggggg
19:39 < scwizard> the problem with things that "just work"
19:39 < scwizard> is when they just don't work
19:39 < estranger> just use k8s everywhere
19:39 < estranger> scwizard, lots of things are GREAT whenyou are on the happy path.. but what makes a product great is how it handles things when not on the happy path
19:40 < Heresiarch> scwizard: keep in mind with supervisor'd up artisan processes that they're each fairly lightweight - you can easily set numprocs=10 on a given daemon config without really hitting much in the way of RAM.
19:40 < corn266> JFDkthx: how are you even in an irc channel if your work is that locked down
19:40 < scwizard> i've been trying to avoid learning and using k8s just because I don't want to leave the company with a k8s thingy that they can't understand or maintain
19:40 < JFDkthx> corn266: putty'd into AWS
19:40 < Hatter> hey JFDkthx maybe you should come work with me, I'll give you 15 minutes of web browsing a day
19:40 < scwizard> Heresiarch: ram isn't the issue something else is
19:41 < corn266> fucking lel
19:41 < scwizard> and I can't figure out what
19:41 < estranger> scwizard, you need to be more selfish
19:41 < scwizard> but it's blowing my mind that adding tasks isn't making it go faster
19:41 < Heresiarch> scwizard: didn't say it was for FG - I was referring to benefits of your existing ASG'd instances.
19:41 < scwizard> estranger: also honestly k8s means switching from aws to google
19:41 < JFDkthx> hatter the only thing you could pay me to do is to enforce your DNR
19:41 < estranger> scwizard, no it doesnt
19:41 < estranger> k8s can run in any cloud
19:41 < estranger> or on prem
19:41 < scwizard> everything i've heard about amazon k8s made me wince
19:41 < Heresiarch> scwizard: k8s support was announced for ECS a little while ago.
19:42 < estranger> dont use aws k8s.. just use k8s managed yourself
19:42 < scwizard> estranger: down that way lies madness
19:42 < estranger> spin up ec2 instances, install kubernetes... DATA AUTONOMY
19:42 < JFDkthx> lol
19:42 < scwizard> i've heard it's "not that simple"
19:42 < scwizard> and that that's a bit of an understatement
19:42 < JFDkthx> oo
19:42 < estranger> its nto that hard, either
19:42 < JFDkthx> lunch time
19:42 < JFDkthx> McDonaldsWiFi: gas station burrito time
19:43 < JFDkthx> it's patch night babeeeeee
19:43 < estranger> does anyone still use dc/os? that was the same concept
19:44 < scwizard> guys tell me, can you see where in this graph I doubled the amount of CPU and memory?
19:44 < scwizard> https://i.imgur.com/Y93a1kH.png
19:44 <+layer-eight> * scwizard →  IMAGE/PNG Document, 15,347 bytes
19:46 < scwizard> fuck scalin gup
19:46 < scwizard> i'm just gonna have only 2 tasks
19:46 < scwizard> and see how quick this next crawl goes
19:46 < corn266> scwizard: 17:30 if my eyes don't deceive me
19:47 < scwizard> corn266: bingo  2018-06-12 12:29:07 -0500 Message: Successfully set desired count to 18. Change successfully fulfilled by ecs. Cause: monitor alarm production-profile-crawl in state ALARM triggered policy dynamic-crawler-scaleo
19:47 < scwizard> corn266: but you see the issue right?
19:49 < corn266> yea, but I don't know enough about what you're talking about to help
19:50 < Heresiarch> scwizard: ...were you running fargate on ec2 launch?
19:50 < scwizard> no we just moved dynamic crawling to it this week
19:50 < corn266> I could pose that your service is attempting to access the same object(s) and the number you give it doesn't change the access latency
19:50 < scwizard> corn266: that's not how a message queue is supposed to work lol
19:51 < Heresiarch> scwizard: right. But there's apparently two different launch types - full-serverless (fargate) and ec2 launch.
19:51 < scwizard> Heresiarch: we're full serverless
19:51 < corn266> it does if your messages only get removed once the query is answered in full
19:51 < scwizard> with this
19:51 < scwizard> corn266: well the proof is in the pudding, before the move to fargate, scaling up instances def scaled up the rate at which the queue was processed
19:52 < scwizard> messages should get "claimed" right away, there shouldn't be fighting over messages
19:52 < ekaj> should a server 2012 SMTP server/relay have much trouble sending a 13 meg .xls?
19:52 < corn266> assuming that's how fargate works, yea
19:52 < scwizard> fargate has nothing to do with the queue processing, it's just a way of running docker containers
19:53 < scwizard> before we started running the queue worker on fargate we were just running it on a bunch of autoscaling ec2 t1.micro instances
19:53 < corn266> sorry my only experience with messages queues are 0mq and rabbit-mq, and even rabbit-mq dynamic scaling was programmed in house
19:53 < Heresiarch> scwizard: then the only question is whether the number of artisan processes is scaled the same way on your fargate launch as on your previously autoscaled setup.
19:53 < scwizard> the queue in this case is amazon SQS
19:53 < scwizard> Heresiarch: it's not at all, but that's not the point, doubling CPU/memory capacity should still do SOMETHING
19:54 < Heresiarch> scwizard: no, it won't.
19:54 < scwizard> Heresiarch: ok let me be more clear, doubling memory, CPU and the number of queue processes running
19:54 < scwizard> should do something
19:54 < scwizard> because that's what happened
19:55 < Heresiarch> scwizard: increasing CPU/memory means fuckall when you're talking about a persistent process that runs a defined queue. artisan isn't gonna scale up to do it's dirty - it basically reserves resources on startup and doesn't deviate during its runtime.
19:55 < scwizard> Heresiarch: nono you're not understanding at all. The memory/cpu weren't increased in place. The number of "instances" was doubled, each with its own set of queue workers
19:56 < scwizard> its like going from 2 ec2 instances to 4 ec2 instances, not like going from 2 2xlarge to 2 4xlarge
19:56 < corn266> do those new instances get added to the queue as workers?
19:56 < Heresiarch> scwizard: then you're right - traffic should have scaled linearly if you're just adding more containers.
19:56 < ekaj> `bofh
19:56 <+layer-eight> BOFH Os swapped to disk
19:57 < scwizard> Heresiarch: exactly!
19:57 < Heresiarch> corn266: doesn't quite work that way. This is in reference to laravel queues, which basically push/pop jobs onto a redis queue. This isn't a pub/sub arch per se.
19:57 < scwizard> corn266: the question is weird, but yeah i guess
19:57 < scwizard> yeah what Heresiarch said
19:58 < scwizard> what i'm doing for the next batch
19:59 < scwizard> is I'm running 2 "instances" (in ecs they're called tasks) only, and seeing how quickly the queue is worked down
19:59 < Heresiarch> scwizard: could be rate limiting from a given source IP on sqs. That may well fit for fargate.
19:59 < alazare619> really wish ryobi had something like this https://www.homedepot.com/p/Makita-18-Volt-LXT-Lithium-Ion-1-4-in-Cordless-Die-Grinder-Tool-Only-XDG01Z/205468527
19:59 < felda> anyone watch the Nintendo conference?
19:59 < felda> Specifically the Super Smash?
19:59 < scwizard> Heresiarch: each "task" has its own IP, but yeah rate limits are actually something we do struggle a lot with
19:59 < felda> ROCK HARD MY DUDES
19:59 < JFDkthx> felda: the battle royal smash
19:59 < felda> ALL THE CHARACTERS
19:59 < alazare619> felda: i seen the pokemon one for the switch
20:00 < alazare619> i'm geodude hard right now
20:00 < felda> literally all characters from all the games are in the new Smash Bros Ultimate
20:00 < scwizard> but yeah i'm gonna manually spin up the old system after testing this a bit
20:00 < JFDkthx> even spawn
20:00 < JFDkthx> and yoda
20:00 < scwizard> to rescue things
20:00 < JFDkthx> wait that was soul caliber
20:00 < JFDkthx> SOUULLLLLLLL CALIBER FOUR!
20:01 < Heresiarch> scwizard: if you were already running into rate limit issues, then trying to shoehorn in containerization isn't going to do you any favors.
20:01 < Hatter> the pirate guy was my favorite
20:02 < ebol4> cervantes
20:02 < JFDkthx> kalak or bust
20:02 < JFDkthx> just saying
20:02 < ebol4> kilik and talim
20:02 < JFDkthx> yeee
20:02 < JFDkthx> kili
20:02 < JFDkthx> same same
20:02 < scwizard> Heresiarch: how so?
20:03 < scwizard> well what i was hoping to do initially was to have 1 queue listener per task and have each task have its own public ip but
20:03 < scwizard> there's a service limit of 20 tasks
20:03 < Heresiarch> scwizard: instances have a defined NIC. That doesn't guarantee conn/latency/bandwidth, but it's a lot closer to such than process isolation.
20:03 < scwizard> yeah
20:03 < scwizard> that's what I'm guessing is going on here
20:03 < JollyRgrs> felda: wait, so you can be Ken from street fighter 2010?
20:04 < scwizard> that's what I'm working on testing now
20:04 < Heresiarch> scwizard: then you might also want to move to dynamodb instead of sqs. Probably more expensive, but your only limitation in that case will be the redis memory space you provision (rather than any specific rate limits of sqs)
20:04 < scwizard> oh that's the sort of rate limit you were talking about
20:05 < scwizard> well i don't think its on the SQS side
20:05 < Heresiarch> no, was in reference to "service limit of 20 tasks". Is that on the fargate side?
20:05 < scwizard> yes
20:06 < scwizard> a "task" is like a ec2 instance kinda, except serverless
20:06 < scwizard> and you're limited to 20
20:06 < ebol4> remember that part in before sunrise where they steal wine
20:06 < ebol4> fucked up
20:06 < Heresiarch> jesus. So here's how this would go - you'd either roll up a container that runs supervisor with a jacked up amount of numprocs, or run an ASG with relatively beefy instance types that each run 10+ numprocs on supervisor.
20:07 < scwizard> except increasing the number of processes didn't actually do anything
20:08 < JFDkthx> isnt that what he was telling you from before?
20:08 < Heresiarch> ...in fargate. But even if it did, you'd ultimately be limited to 20 simultaneous queue workers.
20:08 < scwizard> it might even be worse
20:08 < scwizard> all those tasks might still be squeezing through the same network interface
20:09 < scwizard> unlike an ec2 instance which has a dedicated nic per instance
20:09 < Heresiarch> 20 queue worker processes could fit in a t2.medium without breaking a sweat.
20:09 < Heresiarch> (under supervisord)
20:10 < Heresiarch> that said, if you do go ec2+asg, you might want to consider using one of the m/c class instances. t-class isn't necessarily as stable on network (throughput esp).
20:10 < scwizard> ec2+asg is how we had it before
20:10 < scwizard> it worked fine
20:11 < scwizard> we were hoping for similarish performance but with the convenience of containers
20:11 < Heresiarch> not unless the containers spawn supervisord.
20:12 < scwizard> what i'm thinking is even if i implmenet that it won't make a difference
20:12 < Heresiarch> how many ec2 instances did you have up during that spike you posted?
20:12 < scwizard> because there's something not kosher going on behind the scenes
20:12 < scwizard> Heresiarch: 0 because we're 100% on fargate now for that
20:13 < Heresiarch> scwizard: that image where everything spiked up was under fargate?
20:13 < scwizard> it spikes up every hour
20:13 < scwizard> that's how our app works
20:13 < scwizard> then it's supposed to go down
20:13 < scwizard> the issue is that the number of fargate "instances" (tasks) we spin up isn't influencing the rate at which it goes down
20:14 < scwizard> whereas the number of ec2 instances we spin up does influence the rate at which it goes down
20:14 < Heresiarch> let me rephrase. When you had ec2+asg running, how many instances were going at peak?
20:14 < scwizard> like 10
20:15 < Heresiarch> ...seriously?
20:15 < scwizard> yeah? why?
20:15 < scwizard> 10 nanos
20:15 < Heresiarch> it's weird. Maybe there is something behind the scenes. What's the general nature of each queue job?
20:26 < Nightcinder> i keep finding crossbows in realm royale :(
20:27 < alazare619> Nightcinder: i keep getting merc'd by warriors and throwing axe snipes from like 687564984165491651918964968489749648941648964 miles
20:27 < alazare619> like i'm positive the instant they click throw its hit me
20:28 < JFDkthx> Nightcinder: comeplay fartnite where xbows are vaulted
20:28 < alazare619> i can look right at them and i never see the animation just me dieing
20:28 < Nightcinder> i don't like fortnite
20:28 < JFDkthx> whaaaaat
20:28 < v4ult> are glassdoor reviews legit? I planned to apply for a role, but after looking at the glassdoor reviews, I don't think its a good idea
20:28 < alazare619> fortnite blows
20:28 < JFDkthx> dont like the building?
20:28 < alazare619> realm royale is awesome
20:28 < admiralspark> anyone here a graylog user?
20:28 < alazare619> realm royale is the best mix it plays more like TF2 wide open
20:28 < admiralspark> I have been informed that we have need to export to archive storage anything older than 6 months
20:28 < JFDkthx> Nightcinder: you can do what i do, i just rely on my duo's building and i just flank and rush
20:29 < admiralspark> because $reasons
20:30 < alazare619> is spookydad bo?
20:30 < alazare619> is that you bo?
20:32 < SpookyDad> What
20:35 < Tekz> what do you guys use to keep track of server information for a quick glance of what it's for, etc.? been recommended a wiki, onenote, and ansible (though I'm not sure that fits my environment)
20:36 <+giant_it_burrit> Tekz: what do you want to know?
20:36 < ekaj> personally onenote, org as a whole has a hardware/software tracker and sharepoint
20:36 < khelpw> Lansweeper over here
20:36 <+giant_it_burrit> alazare619:
20:36 < Tekz> basically just information about servers that someone who has no idea what is going on could come in and look at
20:36 <+giant_it_burrit> check turn book
20:36 < Heresiarch> Tekz: ansible
20:36 < Tekz> the infamous 'documentation' that never exists
20:36 < Tekz> basically
20:37 <+giant_it_burrit> lansweeper would work
20:37 <+giant_it_burrit> pdq inventory
20:37 < Tekz> have pdq, have snipeit, have zabbix
20:37 <+giant_it_burrit> so that should be everything
20:37 <+giant_it_burrit> what are you missing?
20:38 < khelpw> By the sounds of it, documentation lol
20:38 < khelpw> Just gotta make use of the tools you have if you've got all those.
20:38 <+giant_it_burrit> what documentation tho
20:38 < ekaj> he wants documentation of the servers
20:38 < ekaj> not just what a dashboard says
20:38 <+giant_it_burrit> but documenting what
20:38 < Tekz> say i have an application server that has multiple things on it
20:38 < ekaj> purpose, hardware, software, etc
20:38 < khelpw> Actual uses. Not just that it's running SQL server, but what databses are hosted there etc
20:39 < Tekz> need a place to write down what the server is used for
20:39 <+giant_it_burrit> pdq inveotry will do that
20:39 <+giant_it_burrit> why not name it logically
20:39 < ekaj> ...
20:39 <+giant_it_burrit> pdq has custom fields
20:39 <+giant_it_burrit> usage=dank memes
20:40 < Tekz> how about this
20:40 < Tekz> change management
20:40 < Tekz> someone goes in, changes something on a server
20:40 < Tekz> what system could i use to document that
20:40 < Heresiarch> Tekz: ...still ansible.
20:40 <+giant_it_burrit> audit logs
20:40 <+giant_it_burrit> ansible would work
20:40 < bmurt> Tekz: your change request process and CAB board should have a record of that prod change
20:40 <+giant_it_burrit> ^
20:40 < Tekz> lol
20:41 < Tekz> i am the change request process
20:41 <+giant_it_burrit> if you wanted unauth changes
20:41 <+giant_it_burrit> then then send logs somewhere
20:41 < Nightcinder> alazare619: well ended up 9th
20:41 < Nightcinder> hunter bow is absurdly good
20:41 <+giant_it_burrit> Nightcinder: ?
20:42 < Nightcinder> realm royale
20:42 <+giant_it_burrit> ew
20:42 < bmurt> Tekz: you should implement a change control board
20:42 < bmurt> and proper maintenance windows
20:42 < Nightcinder> i don't like building
20:42 <+giant_it_burrit> do it with jira
20:42 < Nightcinder> so
20:42 <+giant_it_burrit> shits easy
20:42 < admiralspark> Tekz: since nobody is giving you a useful answer, we use Bookstack. I use ansible for my server automation but I'm still slowly converting them from a pets to cattle mentality, so we still need documentation
20:42 < admiralspark> I do have python scripts that update certain pages with tables of information
20:43 <+giant_it_burrit> why not use git with ansible
20:43 <+giant_it_burrit> or bitbucket and jira
20:43 <+giant_it_burrit> something to that effect
20:43 < admiralspark> one-off java-based enterprise applications that have R/O access to oracle DB's that an outside vendor is the only one allowed to touch, is why
20:43 <+giant_it_burrit> changes are logged and commited
20:43 <+giant_it_burrit> as  i said or something to that effect
20:43 < admiralspark> I use gitlab/git/ansible. But I can't idempotent 100% in Windows yet
20:44 <+giant_it_burrit> windows use dsc
20:44 < admiralspark> and we needed a place to document *processes*
20:44 < admiralspark> which is really what he needs
20:44 < admiralspark> giant_it_burrit: use it. Ansible on windows is still better for our needs
20:44 <+giant_it_burrit> fair
20:44 <+giant_it_burrit> im waiting for it to become really good
20:44 <+giant_it_burrit> id like to use it
20:45 <+giant_it_burrit> places to document we are geting better at but people have to do it
20:45 < admiralspark> Yeah, I'm having to use 2.5 to get what I need and still finding some cases where I need ps-remoting to do stuff 100% but it's getting there
20:45 < admiralspark> giant_it_burrit: my goal is automated documentation :) but shitty vendors stand in my way
20:45 < Tekz> admiralspark, Bookstack looks interesting.
20:46 < Tekz> thanks for pointing it out
20:46 < admiralspark> one of them...the "install" process changes every week
20:46 < admiralspark> Tekz: it's got really good WYSIWYG editing and it's got a low learning curve, which means easier adoption by techsa
20:46 < admiralspark> and full encrypted AD integration for auth and editing, on top of change tracking
20:47 < admiralspark> and the other typical "wiki" benefits
20:47 < Nightcinder> https://arstechnica.com/gadgets/2018/06/microsoft-andromeda-this-year-new-hololens-in-2019-and-the-next-xbox-in-2020/
20:47 <+layer-eight> * Nightcinder →  Microsoft “Andromeda” this year, new HoloLens in 2019, and the next Xbox in 2020 | Ars Technica
20:47 <+giant_it_burrit> admiralspark: how does it tie in with ansible and such
20:48 < admiralspark> I'm still looking at 3-5 yrs to realistically have one-service-per-server and real abstracted virtualization, we're vmware/windows enterprise atm. Soon™
20:48 < admiralspark> giant_it_burrit: I use ansible to provision it entirely and just let our backups take care of the vm data?
20:48 < admiralspark> or do you mean my ansible stuff tying into it's docs?
20:49 <+giant_it_burrit> the  latter
20:49 <+giant_it_burrit> that would be nice
20:50 < admiralspark> I use my git repo for the "why" and "how" of all my ansible stuff. I have powershell and python scripts that update the data in bookstack right now, just making db edits. All of the information in Bookstack is stored in the DB so I can have it save stuff as "draft" and then finalize it myself, or just auto-update in the case of stuff like app version numbers or other smaller bits of info
20:50 < admiralspark> I use it for process documentation for regulatory reasons
20:50 < admiralspark> for about 80% of it
20:50 < Heresiarch> awh, I was hoping bookstack had an api.
20:51 < admiralspark> Heresiarch: https://github.com/BookStackApp/BookStack/issues/823
20:51 <+layer-eight> * admiralspark →  GitHub → BookStackApp → BookStack → A platform to create documentation/wiki content built with PHP & Laravel → @ ~ 2 days ago → PHP → ✡ 1,504 → Forks: 233 → ☹ 225
20:51 < admiralspark> It's open source, just needs the contribution
20:52 <+giant_it_burrit> i will hold atm
20:52 < admiralspark> I'm focusing on other projects right now, else I'd help
20:52 < Heresiarch> admiralspark: true, but an API is a massively non-trivial addition (if it's not already there).
20:52 < admiralspark> giant_it_burrit: if you want full automation for documentation, I had that working with Dokuwiki and its API, but dokuwiki is ugly
20:53 <+giant_it_burrit> ill hold off
20:53 <+giant_it_burrit> maybe anisble will be good on windows by then
20:53 < admiralspark> Heresiarch: I know :P I don't have the time right now to stay on top of my ongoing projects, beginning that would be a dead end
20:53 < asimon> Just found a vscode extension that provides spotify integration
20:53 < admiralspark> giant_it_burrit: haha, word
20:53 < Heresiarch> heh
20:53 < asimon> That's pretty sweet
20:53 < admiralspark> asimon: what...is the use-case?
20:54 < Tekz> What about something like Drupal
20:54 < admiralspark> Tekz: what about it?
20:54 < Tekz> idk just mentioning it
20:54 < admiralspark> it's a CMS
20:54 < scwizard> at my bosses advice
20:54 < Tekz> oh, really?
20:54 < asimon> admiralspark: So you don't have to spend valuable time opening the spotify window to see what song is playing or skip songs
20:54 < scwizard> i created a seperate service in a different availability zone that does the same thing
20:54 < admiralspark> Tekz: oh wait, I bet I know something that might interest you
20:54 < scwizard> and we will see if the queue gets worked twice as fast this way
20:55 < admiralspark> asimon: ahhhhhhh I see, the player controls would be in VSC
20:55 < Heresiarch> scwizard: ...k.
20:55 < admiralspark> Tekz: https://www.combodo.com/itop-193 check this out. Might help
20:55 < scwizard> it's a crazy idea but
20:55 <+layer-eight> * admiralspark →  iTop: open source ITIL ITSM CMDB Software
20:55 < scwizard> it's a crazy problem so
20:55 < scwizard> i think it's smart
20:56 < admiralspark> Tekz: that should help document, show what ties to what, help with change management and outage scoping, etc
20:58 < Tekz> ok yeah this is more what i was talking about
20:58 < Tekz> it looks like overkill for my uses but yeah
21:18 < JFDkthx> desktop guy said he needed a ps2 mouse kb
21:18 < JFDkthx> went to the server found an old old ibm kb. and an old three button mouse sun kb
21:18 < JFDkthx> asked him if he wanted the nipple or the ball
21:18 < JFDkthx> he didnt get it
21:19 < felda> always take the nips
21:23 < asimon> Idk I kind liked the balls
21:24 < JFDkthx> asimon: i expect that from you
21:24 < asimon> you what
21:24 < JFDkthx> asimon: 19:24:32          JFDkthx | asimon: i expect that from you
21:25 < asimon> oh thanks
21:25 < JFDkthx> np
21:26 < corn266> question regarding cryptsetup; if I `cryptsetup luksFormat /dev/sdX` does that actually encrypt anything, or is it just setting it up as a crypto_LUKS type with header and other info?
21:31 < corn266> Like if I ran a `dd if=/dev/urandom of=/dev/sdX` before the luksFormat, is it still necessary to write zeroes to the now crypto_LUKS drive
21:32 < joelazot> hello
21:32 < corn266> how was your chem test
21:32 < joelazot> good ty
21:32 < joelazot> i got a high achieved
21:33 < joelazot> so like a 17 / 25 i think
21:33 < JFDkthx> dont get high while taking tests
21:33 < JFDkthx> silly
21:33 < joelazot> but today i have a english test lmao
21:33 < joelazot> but im good at english
21:33 < joelazot> dw
21:33 < joelazot> i'm overthinking my career so much
21:33 < JFDkthx> corn266: no?
21:33 < joelazot> brb
21:33 < JFDkthx> to your q
21:44 < corn266> JFDkthx: I figured, we'd just be writing random data twice
21:47 < joelazot> For some reason im getting really anxious that if I go the devops route regarding my career like I want to I won't find a job or I won't be good enough to get hired... So its like do I just go down the whole windows route cause I do have a lot more knowledge currently regarding Windows Server in comparison to Linux infrastructure; or Linux in general. side note: I'm still in high school and are about 2 years away from finis
21:48 < joelazot> Also another thing if I go down the windows route; will windows server on prem even be a thing in 20 years? I feel like I'm over thinking all of this, and I can't really stop.
21:48 < felda> anyone in here worked at a radio station?
21:48 < felda> their audio setup is cray as fuck
21:49 < asimon> joelazot: You're thinking way too far ahead imho
21:49 < asimon> 2 years is a long time
21:50 < xamithan> devops isn't a route it is a methadology
21:50  * asimon puts another coin in his Nobody agrees on what devops actually is jar
21:51 < joelazot> devops is a process, it's just that so little people call it what it really is so i think i may as well just call it what everyone else calls it
21:51 < joelazot> well refer to it in that way rather
21:51 < joelazot> in my opinion
21:51 < xamithan> The job listings all want programmers
21:51 < joelazot> yeah
21:52 < joelazot> i just don't know what I really should learn y'know
21:52 < xamithan> Whatever you want
21:53 < asimon> Build some tf2 mods or whatever it is high school kids do
21:53 < joelazot> yeah
21:53 < felda> cryptic1 Code_Man65 killdash9 ravioli pretty sure joelazot is saying the naughty word
21:53 <@cryptic1> ?
21:53 < BytesAndCoffee> !
21:53 <@cryptic1> did someone say devoops?
21:53 < xamithan> The pace tech is going are you sure sysadmins are still going to be around when you get out of college joel
21:53 < joelazot> ok
21:53 < xamithan> We might be replaced by programmers by then
21:54 <@cryptic1> probably by brogrammers
21:54 < joelazot> o
21:54 < McDonaldsWiFi> check out this struct brah
21:54 < BytesAndCoffee> xamithan: who will the programmers come crying to when they screwed up not just their VM, but the entire host, and forgot to set up backups
21:54 < Church-> Heya folks
21:54 < McDonaldsWiFi> no shit, are you referencing a variable before you define it? wtf you doin BRAH?!
21:54 <@cryptic1> exactly
21:54 < xamithan> They would put in a ticket with AWS
21:54 < xamithan> of course
21:55 < joelazot> I just want to work with virtualization server technologies and linux or windows
21:55 < BytesAndCoffee> xamithan: what about AWS's sysadmins, will they be gone?
21:55 < xamithan> Nah,  their job duties will just change
21:56 < joelazot> so if i go down the windows route i should basically be learning azure and powershell and such?
21:56 < joelazot> in 10 years will i be a dev's babysitter?
21:56 < xamithan> Depends
21:56 < xamithan> You might be doing desktop support
21:56 < xamithan> In which case you'd be babysitting end users
21:56 < BytesAndCoffee> "You're being reassigned to money watching, here's your ticket to south america" "But, what?" "Why did you think it was called Amazon Web Services?
21:56 < BytesAndCoffee> "
21:57 < BytesAndCoffee> s/money/monkey/
21:57 <+layer-eight> [SED BytesAndCoffee] "You're being reassigned to monkey watching, here's your ticket to south america" "But, what?" "Why did you think it was called Amazon Web Services?
21:57 < joelazot> lol
21:57 < grumplestiltzkin> There are large spiders involved too, just a head's up
21:58 < BytesAndCoffee> grumplestiltzkin: i mean, how else do they work on the world wide web? you need some fucking big spiders
21:58 < grumplestiltzkin> srs
21:59 < silentfury-s4pro> so that's why they're "crawlers"
21:59 < silentfury-s4pro> TIL!
21:59 < BytesAndCoffee> don't get me started on the shit you go through working at barracuda networks
22:00 < JFDkthx> cryptic1: get back to work
22:01 < rhqq> cryptic1: get back to work
22:01 <@cryptic1> d:
22:01 <@cryptic1> D:
22:01 < rhqq> hah
22:01 < rhqq> you failed!
22:01 <@cryptic1> rhqq, everyone fails eventually
22:02 <@Code_Man65> You lean more from failure than you do from success
22:02 <@Code_Man65> If you don't make mistakes, you don't learn
22:02 < felda> I am leaning a lot right now
22:02 < felda> I'm practically perpendicular with the ground
22:02 < JFDkthx> Code_Man65: doesnt mean i get to take creadit for fixing something i broke at work
22:02 < Heresiarch> felda: parallel.
22:03 < joelazot> i'll probably end up being a normie windows sysadmin
22:03 < JFDkthx> Heresiarch: he's leaning so much hes come all the way around.
22:03 < felda> woops
22:03 < felda> s/ground/my house
22:03 <+layer-eight> [SED felda] I'm practically perpendicular with the my house
22:03 < felda> .... perfect
22:03 < JFDkthx> are you high
22:03 < felda> i am recovered
22:03 < Heresiarch> joelazot: you'll be a dev's babysitter in one form or another anyway. The only question is whether you'll also be an enduser's babysitter too.
22:04 < joelazot> i really hope i won't be a end users babysitter
22:04 < jaelae> vendor trying to sell me some software is 4 minutes late to this meeting
22:04 < jaelae> at 5 minutes i call it right?
22:04 < silentfury-s4pro> i usually give it 10, but it would depend on the relationship with the vendor/salesrep
22:05 < jaelae> i am barely interested
22:05 < silentfury-s4pro> then why the meeting?
22:05 < JFDkthx> if they are 15 minutes late you are legally allowed to leave.
22:05 < scwizard> i'm so fucking lost
22:05 < BytesAndCoffee> jaelae: keep the meeting on, drag it out as long as possible
22:05 < scwizard> so I tried my boss's thing of having another service in another availability zone
22:05 < BytesAndCoffee> "You wasted my time, i waste yours"
22:05 < jaelae> no way
22:05 < jaelae> my time is too valuable
22:05 < scwizard> and the queue is still worked at the same rate
22:06 < jaelae> i just figured sometimes i like to see new stuff
22:06 < jaelae> maybe something will interest me
22:06 < scwizard> I spin up the old ec2 instances and it gets worked faster
22:06 < BytesAndCoffee> jaelae: also im petty as hell
22:06 < scwizard> so the bottleneck isn't on the sqs side
22:06 < Casteil> thinning down my herd of chipmunks... 3 down, only 397 left to go
22:06 < BytesAndCoffee> so take that in to account
22:06 < jaelae> for the most part we have the perfect environment so hard to jump to an alternative. but i do like to get pricing from competitors so we can justify upgrades
22:06 < scwizard> it's not on the networking supposedly
22:06 < scwizard> i have no idea where it is
22:06 < Heresiarch> scwizard: does it matter?
22:06 < scwizard> Heresiarch: all I know is that, I can't figure out how to work the queue quickly via fargate
22:06 < scwizard> no matter how I configure it
22:07 < Heresiarch> scwizard: https://www.youtube.com/watch?v=VFqfglY45kY
22:07 <+layer-eight> * Heresiarch →  YouTube → Wash - Do we care? Are we caring about that? → ⚘ 12,737 ↑ 44 ↓ 0 ✍ 3
22:08 < scwizard> no idea what to do now
22:08 < scwizard> ditch fargate?
22:08 <+ihre> start herding goats
22:08 < scwizard> ihre: don't tempt me bro
22:08 <+ihre> do it
22:08 < scwizard> when i was a kid
22:08 < scwizard> i knew a sysadmin
22:08 < Heresiarch> scwizard: "Doctor! Doctor! My arm hurts when I move it like this!" "Ok, don't move it like that."
22:08 < scwizard> who ended up becoming a zen buddist and quitting tech
22:09 < scwizard> Heresiarch: so what is "moving my arm like this" in this case?
22:09 < scwizard> using fargate?
22:09 < Heresiarch> yup.
22:10 < Heresiarch> scwizard: if you were paying for support, you could ask AWS why. Otherwise, call it a learning experience and move on.
22:10 < scwizard> well here's the thing
22:10 < scwizard> we are paying for support but like
22:10 < scwizard> my previous adventures with AWS support have sort of led up to this moment
22:10 < scwizard> I learned that autoscaling groups with launch templates
22:10 < scwizard> and I learned that amazon aurora
22:10 < scwizard> both weren't what they were cracked up to be
22:11 < scwizard> and basically that the new shit amazon is coming out with is fucking broken
22:11 < scwizard> so at this point i'm starting to notice a pattern
22:11 < Heresiarch> which is?
22:12 < scwizard> that using products released in 2016/2017 is a bad idea
22:12 < Heresiarch> scwizard: https://media2.giphy.com/media/EaTtW2ar3ccog/source.gif
22:12 <+layer-eight> * Heresiarch →  IMAGE/GIF Document, 1,001,698 bytes
22:20 < vinrock> 4:20 blaze it yo
22:21 < Driveways_> I need a sanity check. vhosts defined in apache with servername, order shouldn't matter right? I have a config for zabbix with zabbix.conf and going to it resulted in getting the default welcome page. If I move zabbix.conf to 00-zabbix.conf I get the zabbix page
22:21 < Driveways_> Order being the pickup in conf.d from httpd.conf
22:23 < Heresiarch> Driveways_: are you accessing the server with just <servername> ?
22:23 < Driveways_> servername is the fqdn and using the fqdn i got the welcome page until moving to 00-zabbix.conf
22:25 < McDonaldsWiFi> guys
22:25 < McDonaldsWiFi> I offically got a new job.
22:25 < corn266> chronic masturbation isn't a job
22:25 < McDonaldsWiFi> I'm a sysadmin by title! Do I belong now
22:25 < asimon> McDonaldsWiFi: glhf
22:25 < McDonaldsWiFi> corn266: that's my part time jerb
22:25 < McDonaldsWiFi> ;P
22:26 < McDonaldsWiFi> is there some kind of secret sysadmin club?
22:26 < dragonfleas> could i copy the config from my 5510 to a 5506-x and the config still work?
22:26 < dragonfleas> shit sorry i know this is more of a networking question
22:29 < vinrock> when you become a sr. someone can teach you the secret handshake
22:29 < Hunterkll> heh
22:29 < Hunterkll> "High quality cutscenes for P2-450 and up"
22:29 < Hunterkll> yes please
22:29 < Hunterkll> give me the high quality
22:29 < Hunterkll> but pentium 2 450?
22:29 < Hunterkll> not sure if my i9 can handle this
22:32 < JollyRgrs> what is it about today?
22:32 < JollyRgrs> the hot indian girl and the hot german (descent) girl are both super flirty with me today
22:32 < Hunterkll> lol
22:32 < asimon> It's a trap
22:33 < MadCamel> it's a tarp
22:33 < Hunterkll> how big's her dick?
22:33 < McDonaldsWiFi> It's a tarp
22:33 < JollyRgrs> asimon: i might be getting a new position, but it is still within the overall company
22:33 < JollyRgrs> Hunterkll: want me to ask her?
22:33 < MadCamel> it doesn't matter as long as it's a feminine dick
22:33 < asimon> JollyRgrs: glhf
22:33 < JollyRgrs> she said she'd bring me a brat from a legit german shop in her town next time she visits here
22:33 < JollyRgrs> lol
22:33 < McDonaldsWiFi> i dont know what's happening
22:34 < JollyRgrs> McDonaldsWiFi: DING! your buns are done
22:34 < Hunterkll> JollyRgrs, that sounds about as smart as me taking a selfie in front of the kremlin and then sending it to my work's all employees email list
22:34  * JollyRgrs changes McDonaldsWiFi's name to BurgerKingWiFi
22:35 < JollyRgrs> Hunterkll: lol
22:35 < Hunterkll> don't get me wrong
22:35 < Hunterkll> i'm totally gonna take the selfie in front of the kremlin
22:35 < agent_white> "Do you take risks?... Are you a risky person?... A frisky person?" Fuck I hate these "strongly agree, agree, half agree, quarter agree" stupid questionnaires.
22:35 < Hunterkll> just not do the second part which will probably get be blackballed from every ;US government agency ever
22:35 < Hunterkll> lol
22:35 < JollyRgrs> agent_white: maybe i should ask those ?s to these girls?
22:35 < asimon> agent_white: They should just hire the akinator as consultant
22:36 < Heresiarch> Hunterkll: nah, you just have to win an election.
22:36 < JollyRgrs> Hunterkll: whaaat? nah, never
22:36 < Hunterkll> Heresiarch, lol
22:36 < Hunterkll> Heresiarch, can i shoot someone on 5th ave too?
22:36 < Hunterkll> or does that have to come after
22:36  * asimon adds Huntekll to list
22:36 < Hunterkll> which one?
22:36 < JollyRgrs> Hunterkll: you'd wanna wait until after, so you could self-pardon
22:36 < Hunterkll> lol
22:36 < Heresiarch> It has to come after if you shoot someone on 5th ave. If you go to Battery Park you can do it today.
22:36 < asimon> That's for me to know
22:37 < asimon> and for you to not know
22:37 < asimon> Anyways, it's 5:00 somewhere
22:37 < Hunterkll> asimon, is it the same one where i know i'm gonna get hassled by customs because my travel itenerary is literally DEFCON -> Washington D.C -> Moscow -> Baltimore ?
22:37 < Hunterkll> lol
22:37 < asimon> Don't forget to back up your stuff
22:37 < agent_white> JollyRgrs: Do it. "You find me handsome: strongly agree, or very strongly agree?"
22:37 < Hunterkll> back up?
22:37 < Hunterkll> pfff
22:37 < Hunterkll> shit
22:37 < Hunterkll> my personal laptop has the DoD logon banner
22:37 < JollyRgrs> agent_white: "are you a risky person?"
22:37 < Hunterkll> that's probably a bad idea
22:37 < Hunterkll> :D
22:37 < JollyRgrs> "are you a frisky person?"
22:38 < JollyRgrs> "do you want to send me pics of your tatas?"
22:38 < dragonfleas> Is there a way to get ASA updates for my firewall without having a support contract?
22:38 < JollyRgrs> #savethetatas
22:38 < dragonfleas> JollyRgrs, i know you have a way to do it
22:38 < JollyRgrs> dragonfleas: yeah, that's basically the whole point of #bearcave
22:39 < Hunterkll> lolol
22:39 < Hunterkll> dragonfleas, pirate bay
22:39 < Hunterkll> find the file name, find an IOS collection with the file in it
22:39 < dragonfleas> what's bearcave
22:39 < Hunterkll> oh god
22:40 < Hunterkll> JollyRgrs, i thought bearcave experience was required to use IRC
22:40 < Hunterkll> or did they finally relax the license requirements
22:40 < JollyRgrs> dragonfleas: ios updates and so much more
22:40 < catbeard> i have an OG IRC license
22:40 < dragonfleas> where the fuck do i get that
22:41 < dragonfleas> how do i get to bearcave
22:41 < Heresiarch> Hunterkll: some of us got grandfathered in without having to cave a bear.
22:41 < JollyRgrs> ^^
22:41 < catbeard> ^
22:42 < JollyRgrs> catbeard: did you ever get your OG irc license to work with mIRC when that was a thing?
22:42 < Hunterkll> fucking virgins the lot of you
22:42 < rhqq> xD
22:42 < Heresiarch> Hunterkll: of course we are. A sandwich is always better if you know no one had fucked it.
22:43 < Hunterkll> dragonfleas, anyway, it's #bearcave on efnet
22:43 < Hunterkll> they have an mp3 server too
22:43 < vinrock> that channel name doesnt sound kosher
22:43 < Hunterkll> * Topic for #bearcave is: [#Bearcave] Since '93 | Welcome little baby bears | PM mp3some for ops | <@Midnight> bearcave lives matter <@mp3sum> make bearcave great again
22:43 <@Code_Man65> I'll bet that channel is unbearable
22:43 < Hatter> my channel invented sending people to #bearcave as a joke
22:43 < vinrock> hyuk hyuk hyuk
22:43 < Hunterkll> 'tis not really a joke though
22:44 < Hunterkll> dragonfleas needs ASA firmware updates
22:44 < Hunterkll> lol
22:44 < Hatter> oh #bearcave will definitely have that
22:44 < Heresiarch> trolling warez sites for firmware updates to a firewall. #soundslegit
22:44 < Heresiarch> s/sites/channels/g
22:44 < Hunterkll> Heresiarch, cisco does digitally sign them
22:44 < Hunterkll> and they do validate
22:44 < Hunterkll> so
22:44 < Hunterkll> and you can always hash shit
22:44 < Hunterkll> like with MSDN having hashes posted online
22:45 < Casteil> hash is illegal yo
22:45 < Hunterkll> i'm gonna go with this is NSFW (text only, instructions on medication )but god damn - https://i.imgur.com/o4LjmLU.png
22:45 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 314,323 bytes
22:45 < Hunterkll> those instructions
22:45 < Hunterkll> :X
22:45 < Casteil> yum, my kind of girl
22:45 < Casteil> >.>
22:46 < Casteil> "extra texture!"
22:48 < dragonfleas> Result of the command: "show version"
22:48 < dragonfleas> Cisco Adaptive Security Appliance Software Version 8.2(5)
22:48 < dragonfleas> Device Manager Version 6.4(5)
22:48 < dragonfleas> i need update pls
22:48 < Hunterkll> dear god
22:48 < Hunterkll> is that fred flinstone's firewall?
22:49 < fredopasta> Who what
22:49 < fredopasta> Don't bring my family into this
22:50 < dragonfleas> this is an old 5510 boys
22:51 < Heresiarch> dragonfleas: is this in your homelab, or prod?
22:51 < dragonfleas> Heresiarch, prod
22:51 < dragonfleas> we have 1 5510, and 2 5505's
22:51 < Heresiarch> dragonfleas: ...what was your IP address again?
22:51 < dragonfleas> 69.69.69.69
22:52 < dragonfleas> 172.69.urmum.cocainedealers.net
22:52 < Heresiarch> ...wasn't there a major ASA vuln that was only fixed in the 9.x branch?
22:52 < Hunterkll> dragonfleas, you should be on 9.2.something
22:52 < Hunterkll> or 9.1.something
22:52 < Hunterkll> 9.2 better IMO
22:53 < Hunterkll> Heresiarch, but he's on a super ancient as fuck version
22:53 < Hunterkll> like SUPER anceint
22:55 < Heresiarch> there was! https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1
22:55 <+layer-eight> * Heresiarch →  Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability
22:55 < rpifan_> hi
22:55 < rpifan_> jesus christ my bank is just ridiculous
22:55 < dragonfleas> I know Hunterkll I wish I could
22:55 < rpifan_> this is a credit union but they have decied to turn on overdraft protection
22:55 < rpifan_> even though i told them not too
22:56 < rpifan_> fucken a
22:56 < McDonaldsWiFi> later haters
22:56 < xamithan> call 'em up and tell them to turn it off
22:57 < rpifan_> i did but as i was at bonaroo i kept using my card and they kept charging me to transfer money from my saving account over and over again like 10 times
22:57 < rpifan_> and i just saw it
22:57 < rpifan_> i am sooo pissed because right before that i had sent them an email to disable that feature to begin with
22:57 < xamithan> Why you spending money you don't have in the account
22:57 < Hunterkll> dragonfleas, you need this filename - asa924-33-k8.bin
22:57 < Hunterkll> that's the may 8th release
22:57 < dragonfleas> how do i download it?
22:57 < Hunterkll> google, bitch
22:57 < rpifan_> because if there is no money it should deny my transaction
22:57 < rpifan_> why doesnt it do that
22:58 < dragonfleas> is this site legit?
22:58 < dragonfleas> http://sfree.ws/model?main_group_id=1&child_group_id=174&model_id=1509&release_id=25847
22:58 <+layer-eight> * dragonfleas →  sfree.ws
22:58 < xamithan> Maybe you should switch to cash
22:58 < xamithan> debit cards suck anyway, they have no protections like credit cards
22:58 < Hunterkll> dragonfleas, yes, not the most recent files, but yes
22:58 < Hunterkll> you can check the cisco download site for hashes
22:58 < Hunterkll> and compare them
22:58 < Hunterkll> https://software.cisco.com/download/home/280582808/type/280775065/release/9.2.4%20Interim
22:58 < Hunterkll> don't need to log in to see hashes
22:58 < Hunterkll> just click on the release name
22:59 < JollyRgrs> rpifan_: don't you know how to um... keep tabs on your finances?
22:59 < Hunterkll> ^
22:59 < Hunterkll> but i'd rather have a charge go through in most cases than not
22:59 < Hunterkll> especially if i forget about a bank draft or something
23:00 < Hunterkll> but i usually keep around $1k in my checking account anyway...
23:00 < Hunterkll> and use credit cards for everything...
23:00 < dragonfleas> Hunterkll, are the 5505 and the 5510 releases the same?
23:00 < dragonfleas> because under the 5505 there's newer versions
23:00 < rpifan_> well im poor
23:00 < rpifan_> besides preauthorized ach chargers
23:00 < xamithan> credit cards are made for poor peoples
23:00 < rpifan_> will always go through
23:00 < rpifan_> regarldess
23:00 < Hunterkll> dragonfleas, same firmware image used on both
23:00 < Hunterkll> rpifan_, bullshit. a written cehck is a pre-authorized charge that will bounce
23:00 < Hunterkll> :)
23:01 < dragonfleas> Hunterkll, there's no asdm updates on this site?
23:01 < Hunterkll> actually wait
23:01 < Hunterkll> 5510 might not be able to run 9.2
23:01 < Hunterkll> asa917-29-k8.bin
23:01 < Hunterkll> https://software.cisco.com/download/home/279916854/type/280775065/release/9.1.7%20Interim
23:01 < Hunterkll> i forget why but some models couldn't
23:01 < Hunterkll> or were never supported
23:02 < Hunterkll> even though the image should work
23:02 < Hunterkll> might have been /just/ the 5510 because i think my 5540 hgad 9.2
23:02 < Hunterkll> or maybe that was an x
23:02 < Hunterkll> either way
23:02 < Hunterkll> dragonfleas, OH
23:02 < Hunterkll> dragonfleas, you can get cisco to give you updates directly if it is a security patch even without contract
23:03 < Hunterkll> https://www.tenable.com/blog/identifying-systems-affected-by-cisco-asa-critical-vulnerability-cve-2018-0101
23:03 <+layer-eight> * Hunterkll →  Identifying Systems Affected by Cisco ASA Critical Vulnerability (CVE-2018-0101) - Blog | Tenable™
23:03 < Hunterkll> just need to use livechat support if you have a flawed version affected by ... well, any vulnerability
23:03 < scwizard> that was an ugly meeting with my boss
23:04 < scwizard> he is not happy
23:04 < Hunterkll> stop using so much teeth
23:04 < scwizard> he really wanted fargate to be a thing and be amazing
23:04 < Hunterkll> dragonfleas, i can give you my ASDM image
23:04 < Hunterkll> that's really up to date
23:05 < dragonfleas> Hunterkll, pls
23:05 < dragonfleas> google drive it to me?
23:05 < Hunterkll> dragonfleas, https://www.dropbox.com/s/jt894foyxc1dy90/asdm-782-151.bin?dl=0
23:05 <+layer-eight> * Hunterkll →  Dropbox - asdm-782-151.bin
23:05 < Hunterkll> ASDM 7.8(2)151
23:07 < Hunterkll> oh huh
23:07 < Hunterkll> ASA 5510 does have 9.2
23:07 < JFDkthx> Hunterkll: i was going to tell you something yesterday
23:07 < joelazot> english essay time boys
23:07 < JFDkthx> i cant remember it now
23:08 < Hunterkll> neveermind
23:08 < Hunterkll> no it doesn't
23:08 < JFDkthx> so instead, i'll just let you know.
23:08 < JFDkthx> you're a butt
23:08 < Hunterkll> yea
23:08 < Hunterkll> dragonfleas, 9.1 only for yuou
23:08 < Hunterkll> lol
23:08 < Hunterkll> Note: The ASA 5510, ASA 5520, ASA 5540, ASA 5550, and ASA 5580 are not supported in this release or later. ASA Version 9.1 was the final release for these models.
23:08 < Hunterkll> 5505 can take 9.2
23:08 < Hunterkll> lol
23:08 < onenerdyguy> Hunterkll, bah
23:08 < dragonfleas> i reloaded and it crashed
23:09 < Hunterkll> wat
23:09 < Heresiarch> ...is there a step release between 6.x and 9.x?
23:09 < Hunterkll> wut r u doin
23:09 < Hunterkll> Heresiarch, probably
23:09 < Hunterkll> but he's on 8.x
23:09 < onenerdyguy> Hunterkll, bah. we've got a 5510
23:09 < Hunterkll> and he only upgraded ASDM, not ASA
23:09 < Heresiarch> ah, ok.
23:09 < Hunterkll> i didn't think you had to reload for an ASDM upgrade
23:09 < Hunterkll> it will forcefully upgrade your ASDM launcher too
23:10 < onenerdyguy> asdm doesn't need a reload, only if you do the ASA
23:10 < felda> AT&T + Time Warner merger just approved by judge!
23:10 < Heresiarch> ...shocking.
23:10 < felda> https://www.cbsnews.com/news/judge-rules-on-att-time-warner-merger-live-stream/
23:10 <+layer-eight> * felda →  AT&T - Time Warner merger decision: Judge Richard Leon approves AT&T $85 billion purchase of Time Warner today - live updates - CBS News
23:10 < dragonfleas> i reloaded and it's taking forever to boot back up
23:11 < Hunterkll> also
23:11 < felda> smash tournament on at E3
23:11 < Hunterkll> here you go
23:11 < Hunterkll> information disclosure vulnerability
23:11 < Hunterkll> https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20180606-asaftd.html
23:11 <+layer-eight> * Hunterkll →  Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability - Cisco
23:11 < Hunterkll> this month
23:11 < onenerdyguy> felda, they approved it?!
23:11 < felda> onenerdyguy yup
23:11 < felda> $85 million
23:11 < onenerdyguy> jesus
23:11 < onenerdyguy> well, there it goes guys
23:11 < onenerdyguy> we had a good run of not being full on monopolies
23:11 < felda> sorry $85 BILLION dollary doos
23:11 < felda> that's a shit ton
23:12 < Heresiarch> o/
23:12 < Hunterkll> dragonfleas, so if you call up TAC with that advisory #
23:12 < Hunterkll> you can get the latest versions
23:12 < Hunterkll> of ASA OS software
23:12 < Hunterkll> though you REALLY want to check to see if there are interim steps
23:12 < Hunterkll> sometimes you have to step througoh specific versions
23:13 < dragonfleas> i updated ASA and it's still stating that it's 8.2
23:13 < Hunterkll> because you didn't update ASA
23:13 < Hunterkll> you updated ASDM
23:13 < Hunterkll> that is different
23:13 < dragonfleas> no
23:13 < dragonfleas> i didn't updated ASDM
23:13 < Hunterkll> ASDM is your pretty GUI management tool
23:13 < dragonfleas> i updated ASA
23:13 < Hunterkll> why?
23:13 < grumplestiltzkin> IIRC you have to update the ASA code before the ASDM, but its been a while
23:13 < Hunterkll> sfree.ws file?
23:13 < dragonfleas> yeah Hunterkll
23:13 < dragonfleas> maybe it failed?
23:13 < Hunterkll> did you change your boot file?
23:13 < Hunterkll> you may have just uploaded it
23:13 < Hunterkll> and not switched to it
23:14 < Hunterkll> i really hope you have a console cable on this thing
23:14 < Hunterkll> lol
23:14 < dragonfleas> i used ASDM's upgrade tool
23:14 < Hunterkll> dragonfleas, you NEED to upgrade to 8.4(5) or higher
23:14 < dragonfleas> oh it's because ASDM doesn't know anything newer than 8.2(5)
23:14 < Hunterkll> first
23:15 < dragonfleas> nope
23:15 < dragonfleas> it worked
23:15 < dragonfleas> i just did a show version
23:15 < Hunterkll> your config may be fucked
23:15 < Hunterkll> then
23:15 < Hunterkll> or you may have some seroius unintended side effects
23:15 < Hunterkll> https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/release/notes/asarn91.html#pgfId-763574
23:15 <+layer-eight> * Hunterkll →  Release Notes for the Cisco ASA Series, 9.1(x) - Cisco
23:15 < dragonfleas> no it's because i'm on the old version of ASDM
23:15 < Hunterkll> i'm not talking about that
23:15 < dragonfleas> fuckkkkk
23:15 < Hunterkll> i'm talking about the fact that the cisco documentation says explicitly you need to update to 8.4(5) first
23:15 < dragonfleas> fuck
23:15 < dragonfleas> well what do i do now
23:16 < dragonfleas> i mean the firewall is up and working
23:16 < Hunterkll> install 8.4(5)
23:16 < Hunterkll> then show-run
23:16 < Hunterkll> if it looks sane, copy run start
23:16 < dragonfleas> downgrade to 8.4(5)?
23:16 < Hunterkll> right now your old config hasn't been modified yet
23:17 < Hunterkll> i'd slap 8.4(5) oin there for the moment
23:17 < Hunterkll> then let it run for a bit
23:17 < Hunterkll> to validate you're still sane
23:17 < dragonfleas> i'm looking at my config right now and it looks fine?
23:17 < dragonfleas> on 9.1(7)
23:17 < Hunterkll> cisco usually says these for a reason
23:17 < dragonfleas> ok is it fine if i do a code downgrade? or is that going to fuck me?
23:17 < Hunterkll> like, if you were on 9.1(1) you have to go to 9.1(2) before you can go to 9.1(newer)
23:17 < Hunterkll> no you're fine
23:18 < Hunterkll> usually
23:18 < Hunterkll> but if you're on 9.1(2) you can go to the latest
23:18 < Hunterkll> there's quirks
23:18 < dragonfleas> ok
23:18 < Hunterkll> check first
23:18 < dragonfleas> so go from 8.4(5) to 9.1(2) to 9.1(7)?
23:18 < Hunterkll> no no
23:18 < Hunterkll> 8.4(5) can go directly to 9.1(7)
23:18 < Hunterkll> check your flash
23:18 < Hunterkll> you should have a backup of the config
23:19 < Hunterkll> https://supportforums.cisco.com/t5/firewalling/downgrade-asa-8-4-6-to-8-2-1/td-p/2458805
23:19 <+layer-eight> * Hunterkll →  Solved:  downgrade ASA 8.4(6) to 8.2(1) - Cisco Support Community
23:19 < Hunterkll> go back to your old version with the config backup (or, if the config startup hasn't changed - check modified date on flash - just roll back and roll forward
23:19 < dragonfleas> I just downgraded to 8.4(5)
23:20 < Hunterkll> dragonfleas, for future reference, here's the ASA upgrade path bible https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/planning.html#ID-2152-0000000a
23:20 <+layer-eight> * Hunterkll →  Cisco ASA Upgrade Guide - Planning Your Upgrade [Cisco ASA 5500-X Series Firewalls] - Cisco
23:20 < dragonfleas> i don't have a 5500-x
23:20 < dragonfleas> I have a 5505
23:21 < Hunterkll> .... there is no such thing as a 5500-x
23:21 < Hunterkll> the lowest would be the 5506-x
23:21 < Hunterkll> or 5505 which is still in the 5500 series
23:21 < dragonfleas> I have a 5505
23:21 < dragonfleas> non-x
23:21 < Hunterkll> the non-x models just can't go past 9.2 for the '05, and 9.1 for the '10 and higher
23:21 < Hunterkll> the software version and requirements do not change.
23:21 < Hunterkll> the firmware downloads for the 5505 are also listed in the 5500-X category, if you didn't see that before
23:22 < Hunterkll> regardless, you're now on 8.4(5)
23:22 < dragonfleas> yeah
23:22 < Hunterkll> check your running config
23:22 < Hunterkll> then do write mem / copy run start
23:22 < Hunterkll> or whatever to save it to disk
23:22 < dragonfleas> there's a log of "upgrade_startup_errors_201806120611.log"
23:22 < Hunterkll> this will save the new syntax that it upgraded
23:22 < Hunterkll> heh
23:22 < Hunterkll> this is why i said to roll back to the old version and old config first
23:22 < Hunterkll> but ah well
23:22 < dragonfleas> WAIT WHAT
23:22 < Hunterkll> review that file
23:22 < dragonfleas> how do i review old config?
23:22 < Hunterkll> it should have made a backup on flash
23:23 < Hunterkll> and you should have made a backup before upgrading
23:23 < dragonfleas> well i don't know anything about firewalls
23:23 < dragonfleas> or cisco devices
23:23 < Hunterkll> well then stop shotgunning changes before i'm finish saying things
23:23 < Hunterkll> :P
23:23 < dragonfleas> ok
23:23 < Hunterkll> but in the file transfer window
23:23 < Hunterkll> of ASDM
23:23 < Hunterkll> on the root of your flash drive
23:24 < Alternity> ugh, one of our users got phished
23:24 < Hunterkll> you might see something like oldconfig_date_number.cfg
23:24 < Hunterkll> maybe
23:24 < dragonfleas> Yes i do see that Hunterkll
23:24 < Alternity> they got infected with emotet
23:24 < Hunterkll> dragonfleas, i assume it has today's date?
23:24 < potoftea> Hey guys, any one experienced as independent contractor, I've couple questions maybe someone can help?
23:24 < Alternity> nasty fucking malware
23:24 < dragonfleas> Hunterkll, yes
23:25 < Hunterkll> transfer that file and check it
23:25 < dragonfleas> i'm looking at it
23:25 < Hunterkll> how much ram does your ASA have?
23:26 < dragonfleas> 128 MB
23:26 < Hunterkll> !
23:26 < Hunterkll> RAM or FLASH
23:26 < rpifan> so yall does anyone work for stage / music / festival it
23:26 < dragonfleas> ram
23:26 < Hunterkll> 5510 never shipped with that low amount of ram
23:26 < dragonfleas> it's a 5505
23:26 < Hunterkll> default shipping configuration was 256gb
23:26 < rpifan> there have to be positions where u work for bonnaroo / okechobee / music fests in the it field
23:26 < Hunterkll> why'd you say 5510 in the beginning
23:26 < Hunterkll> -_-
23:27 < dragonfleas> i referred to it wrong sorry
23:27 < dragonfleas> i'm looking at a 5505
23:27 < Hunterkll> okay
23:27 < Hunterkll> 128MB was internal flash
23:27 < Hunterkll> and you CAN run 9.2 then
23:27 < Hunterkll> but
23:27 < Hunterkll> dragonfleas, https://i.imgur.com/Lt0fTJ9.png
23:27 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 38,724 bytes
23:27 < Hunterkll> so on that
23:27 < Hunterkll> you have Total Flash: 128MB and Total Memory: 128MB
23:27 < Hunterkll> ?
23:28 < dragonfleas> SHIT
23:28 < dragonfleas> i was looking at flash lmaooo
23:28 < aName> What's the command on a cisco ASA to list VPN users? I know I pipe something to grep but can't remember what
23:28 < dragonfleas> i have 512 mb
23:28 < Hunterkll> OKAY
23:28 < Hunterkll> good
23:28 < dragonfleas> of RAM
23:28 < Hunterkll> because you need that
23:28 < dragonfleas> LMAO
23:28 < Hunterkll> lol
23:28 < Hunterkll> because that's the min req
23:28 < Hunterkll> i was about to be NO WONDER 9.1 FAUCKING TOOK SO LONG TO BOOT
23:28 < dragonfleas> ok so i should revert to the old config?
23:28 < dragonfleas> looks like the config was from when i was running 8.2
23:29 < Hunterkll> ya... copy oldconfig_whatever startup-config
23:29 < aName> Nevermind I got it
23:30 < Hunterkll> dragonfleas, and change your boot file to the right version
23:30 < dragonfleas> i can't get into SSH on the firewall
23:30 < dragonfleas> says access denied now
23:30 < dragonfleas> fuck i think config is fucked
23:30 < Hunterkll> so like, 'boot system disk0:asa-825.bin" or whatever
23:30 < Hunterkll> then do it using file manager
23:30 < Hunterkll> in ASDM
23:31 < Hunterkll> since it seems ASDM is still working
23:32 < Hunterkll> https://i.imgur.com/xStgzML.png
23:32 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 91,753 bytes
23:33 < Hunterkll> you can change boot image there
23:33 < dragonfleas> it says bad filename
23:33 < dragonfleas> when i tried to copy it over
23:33 < Hunterkll> dragonfleas, you did copy old-config.cfg startup-config ?
23:34 < dragonfleas> that's the command i put
23:34 < dragonfleas> and it said "error parsing file name"
23:35 < Hunterkll> dragonfleas, download startup-config.cfg
23:35 < Hunterkll> as a backup
23:35 < Hunterkll> then
23:35 < Hunterkll> take your local copy of oldconfig
23:35 < Hunterkll> rename it to startup-config.cfg
23:35 < Hunterkll> delete startup-config.cfg on the device
23:35 < Hunterkll> and upload the file
23:35 < Hunterkll> then set your boot image to the old ASA image
23:35 < Hunterkll> and then reload - do NOT write mem or save config
23:36 < dragonfleas> all i see is 8_2_5_0_startup_cfg.sav
23:37 < dragonfleas> i don't see a startup-config.cfg
23:37 < Hunterkll> O.o
23:37 < dragonfleas> i'm in file management viewing everything
23:37 < Hunterkll> dragonfleas, https://i.imgur.com/ghT8y7E.png
23:37 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 105,125 bytes
23:37 < Hunterkll> nothing like that?
23:38 < dragonfleas> https://imgur.com/5MlMLJZ
23:38 <+layer-eight> * dragonfleas →  IMGUR Image → Image/png → a few seconds ago → 827x557 → ⚘ 3
23:38 < Hunterkll> dragonfleas, did you ... scroll down?
23:38 < dragonfleas> yeah
23:38 < dragonfleas> still no startup-config
23:39 < Hunterkll> dragonfleas, i'm curious now. under configruation / device management / system image/configuration / boot image/configuration
23:40 < Hunterkll> what is hte 'boot configuration file path'
23:40 < dragonfleas> how do i see that?
23:40 < Hunterkll> that's the menu path in ASDM
23:40 < Hunterkll> https://i.imgur.com/xStgzML.png
23:40 <+layer-eight> * Hunterkll →  IMAGE/PNG Document, 91,753 bytes
23:40 < DomLS3> SonicWall > Cisco
23:41 < rpifan> sonice youth?
23:41 < rpifan> sonic reducer aint no loser
23:41 < rpifan> gotta sonic reducer
23:41 < Hunterkll> DomLS3, thought the channel said no trolling
23:41 < joelazot> Hunterkll: how many sentences should i have in a paragraph
23:41 < DomLS3> Hunterkll: Who is trolling
23:41 < Hunterkll> joelazot, depends on who you're submitting too and how good you can suck off the professor
23:41 < joelazot> it's high school
23:41 < DomLS3> joelazot: 4-6
23:41 < joelazot> ty
23:42 < Hunterkll> ya thats about right for amatuer shit
23:42 < DomLS3> Amatuer shit like Cisco
23:42 < Hunterkll> if you go pro make sure you add an extra inch or two and get some good shampoo
23:42 < Hunterkll> er i mean
23:42 < dragonfleas> https://i.imgur.com/5AwABwO.png
23:42 <+layer-eight> * dragonfleas →  IMAGE/PNG Document, 64,069 bytes
23:42 < Hunterkll> dragonfleas, well, you sure as hell didn't downgrade to 8.4.(5)
23:42 < Hunterkll> lol
23:42 < dragonfleas> yeah
23:42 < dragonfleas> what do i do
23:43 < Hunterkll> dragonfleas, oh, go into licensing and save the information in activation key section
23:43 < Hunterkll> for that matter how are you running ASDM ...
23:43 < Hunterkll> this is spooky action at a distance shit here
23:43 < dragonfleas> why would i save the activation key?
23:44 < Hunterkll> because going backwards in firmware can sometimes mess with licensing
23:44 < Hunterkll> and only licensing
23:44 < Hunterkll> not functions
23:44 < Hunterkll> but that way you can always restore the licensed feature set too
23:44 < Hunterkll> you should have that, and the config, backed up forf EVERY device you have
23:44 < dragonfleas> ok done
23:44 < dragonfleas> what do i do now
23:44 < dragonfleas> go to 8.4(5)?
23:44 < Hunterkll> no
23:45 < Hunterkll> we'll just do a full revert first
23:45 < dragonfleas> how do i do that
23:45 < Hunterkll> upload that .sav file as startup-config.cfg
23:45 < Hunterkll> and then set your boot file as the old firmware image
23:45 < dragonfleas> what .sav file?
23:45 < Hunterkll> .... the one that started with the 8_2_5
23:45 < dragonfleas> ok
23:45 < Hunterkll> <dragonfleas> all i see is 8_2_5_0_startup_cfg.sav
23:45 < dragonfleas> so just rename it?
23:45 < Hunterkll> yea
23:45 < Hunterkll> make sure you got local backup copies of everything
23:46 < Hunterkll> dragonfleas, also set the 'boot configuration file path' to the startup-config just in case
23:46 < dragonfleas> ok done
23:47 < dragonfleas> so i'm reverting to 8.2(5)?
23:47 < Hunterkll> yes
23:47 < Hunterkll> so now you should have boot image location being ONLY 8.2(5)'s .bin file
23:47 < dragonfleas> ok, everything is done, should i apply and reload?
23:47 < Hunterkll> and set your ASDM image file path too
23:48 < dragonfleas> ok done
23:48 < Hunterkll> apply
23:48 < Hunterkll> check the file modificaiton date/time of startup-config
23:48 < Hunterkll> to make sure it didn't just get modified again by the apply
23:48 < Hunterkll> then reload
23:48 < Hunterkll> in fact, you may want to re-upload it again just to be safe
23:48 < rpifan> anyone mess aroud with nfc and mifare
23:49 < dragonfleas> oops
23:49 < dragonfleas> just saved the running config
23:49 < dragonfleas> i think i broke it
23:49 < Hunterkll> lol no
23:49 < Hunterkll> delete and re-upload
23:49 < dragonfleas> i'm kidding lol
23:49 < dragonfleas> here we go
23:49 < dragonfleas> my palms are sweaty
23:49 < Hunterkll> lol
23:49 < dragonfleas> knees are weak
23:49 < dragonfleas> Hunterkll, thanks for your help by the way
23:50 < dragonfleas> this would have cost me 500 dollars from a network consultant
23:50 < Hunterkll> lol and i'm using my home setup to take screenshots
23:50 < Hunterkll> :P
23:50 < Hunterkll> okay
23:50 < Hunterkll> and we'll go to 8.4(6)
23:50 < Hunterkll> http://sfree.ws/model?main_group_id=1&child_group_id=174&model_id=1509&release_id=25870
23:50 <+layer-eight> * Hunterkll →  sfree.ws
23:50 < Hunterkll> since that's what cisco recommends in the software version chart
23:50 < Hunterkll> the one that said 8.4(5) was older
23:51 < catbeard> rip dragonfleas network
23:51 < catbeard> jk
23:51 < dragonfleas> I'm still getting access denied
23:51 < dragonfleas> wtf
23:51 < Hunterkll> eh
23:51 < Hunterkll> as long as ASDM is working
23:51 < Hunterkll> we can fix that
23:51 < Hunterkll> enable probably went sideways in the single shot upgrade
23:52 < dragonfleas> WTFFFFFFFFF
23:52 < Hunterkll> hm
23:52 < Hunterkll> enough F's to need a console cable but not enough to worry yet
23:52 < Hunterkll> :)
23:52 < Kobe``> lebron coming to LA who's hyped
23:53 < dragonfleas> https://i.imgur.com/dhwV9e0.png
23:53 <+layer-eight> * dragonfleas →  IMAGE/PNG Document, 25,364 bytes
23:53 < dragonfleas> why did this come up if we reverted!??!??
23:53 < Hunterkll> er
23:53 < Hunterkll> better yet
23:53 < Hunterkll> how did you get it to log in before
23:53 < Hunterkll> just hit continue without upgrade
23:53 < Hunterkll> change the boot file. again.
23:53 < Hunterkll> wait
23:53 < Hunterkll> you have the upgrade
23:53 < Hunterkll> lol
23:54 < Hunterkll> just upgrade it
23:54 < dragonfleas> ok i'm in
23:54 < dragonfleas> without upgrade
23:54 < dragonfleas> what do i do now
23:54 < Hunterkll> cxheck boot file settings
23:54 < Hunterkll> dis weird
23:55 < dragonfleas> boot image is 917(23) again
23:55 < dragonfleas> wtfffffffff
23:55 < dragonfleas> should i revert again? since I have the config saved locally?
23:56 < Hunterkll> the old ASDM may not have been able to save it
23:56 < Hunterkll> update ASDM first
23:56 < Hunterkll> new ASDM can support old firmware
--- Log closed Wed Jun 13 00:00:06 2018