--- Log opened Wed Sep 13 00:00:42 2017
00:06 -!- northrup [~northrup@52.177.192.239] has quit [Ping timeout: 240 seconds]
02:57 -!- northrup [~northrup@52.177.192.239] has joined #se2600
02:57 -!- mode/#se2600 [+o northrup] by ChanServ
06:22 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:5dfb:7ad9:7d43:de67] has joined #se2600
06:27 <@Dolemite> mr0ning, be0tches and h0ez!
06:41  * aestetix_ hugs Dolemite 
07:11 -!- aestetix_ is now known as aestetix
07:29 -!- k3ymkr [~KeyMaker@ec2-52-6-16-39.compute-1.amazonaws.com] has joined #se2600
07:43 < aestetix> http://time.com/4939051/berkeley-protest-police-pepper-spray/
07:43 < PigBot> Title: Berkeley Police Can Now Use Pepper Spray Against Protesters | Time.com (at time.com) http://tinyurl.com/y8ko5985
07:43 < aestetix> This basically repeals a law that was passed in 1997.
07:44 < aestetix> It's funny how Strass-Howe theory really seems to be proving true
07:57 < k3ymkr> I understood the logic to be that it's better to use pepper spray than tear gas and batons as they were doing
08:18 < k3ymkr> I tend to buy Strass-Howe, but I also believe in the Ziegest moving us ever upward.  Maybe I'm too optomistic :)
08:19 < k3ymkr> So something like X*sin(x)
08:20 < k3ymkr> Nah x+sin(x)
08:22 -!- Corydon76 [~quassel@zett.abyt.es] has joined #se2600
08:22 -!- mode/#se2600 [+o Corydon76] by ChanServ
08:24 -!- dc0de[m] [dc0dematri@gateway/shell/matrix.org/x-zofaxnnoccalutvj] has quit [Ping timeout: 240 seconds]
08:26 -!- vaneck [~vaneck@107.170.47.45] has quit [Remote host closed the connection]
08:35 -!- vaneck [~vaneck@section9.vaneckzero.com] has joined #se2600
08:35 -!- mode/#se2600 [+o vaneck] by ChanServ
08:47 -!- dc0de[m] [dc0dematri@gateway/shell/matrix.org/x-ukhwpfoexzfsalsk] has joined #se2600
09:08 -!- remoford [~remo_lapt@c-68-52-35-32.hsd1.tn.comcast.net] has joined #se2600
09:41 < TheDukh> GM k3ymkr
09:41 < k3ymkr> Good morning!
09:50 < TheDukh> haven't seen you in here in a moment or two
09:50 < k3ymkr> I get busy and forget to join :)
09:55 < TheDukh> terrible excuse!
09:56 < k3ymkr> It is.  At least I'm honest?
10:13 < TheDukh> True.
11:02 <@Mirage> this seems backward... VPN+RDP is unstable using IP's for everything, but stable using fqdn's
11:03 <@Mirage> But only on CentOS7... On CentOS6 everything is awesome either way
11:04 <@Corydon76> Mirage: IPv4/v6 mixed network?
11:04 <@Mirage> no, just ipv4
11:04 <@Corydon76> Yeah, that's odd
11:05 <@Mirage> probably some oddity in the newer version of openconnect or in Remmina vs tsclient
11:06 <@Corydon76> I wonder if something might be trying to reverse the IPs.  Is it a timeout for not resolving or just a failure code?
11:07 <@Mirage> just hangs when it decides not to work and finally times out.  no error code.   haven't run tcpdump against it when it happens yet
11:07 <@Mirage> oh, well..will dig into it more after lunch
11:19 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:5dfb:7ad9:7d43:de67] has quit []
12:01 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:b98c:593b:4e31:cb0e] has joined #se2600
12:17 < k3ymkr> Only thing I can think is that the ips are changing dynamically...but both those connection are pretty damn stateful so seems unlikely
12:22 <@Corydon76> Or they're sitting in a class that is bandwidth limited, and once they hit their quota, packets are cut off
12:23 <@Corydon76> RDP is usually pretty conservative on bandwidth, though
12:23 < k3ymkr> But using a domain name would break that too
12:24 <@Corydon76> All things being equal, yes.
12:25 <@Corydon76> But I'm wondering if the difference is greater, like the FQDN is set as a static IP, while the IP-only connections are in a dynamic range with a different class of service
12:26 <@Corydon76> That he's using a VPN for those suggest that it's out in the cloud, and providers can do some weird things
12:26 < k3ymkr> I'd assume he's looking up the domain to get the IP, so they should be the same....assuming, I know
12:26 < k3ymkr> If I had to guess, I'd say it's just coincidence and there's just some stability issues he only saw when he connected by IP.
12:27 < k3ymkr> Or if I was a betting man.
12:27 < k3ymkr> That's what I was thinking.  Like the way ELBs work by domain
12:27 < k3ymkr> But if you put in an IP...you're going to have an outage.
12:28 < k3ymkr> But if that's the case you're going to have an outage anyways.  VPNs don't stop and reassess if the domain you connected to is still right and reconnect if not
12:28 < k3ymkr> At least non that I've used.
12:54 -!- brimstone [~brimstone@unaffiliated/brimstone] has quit [Ping timeout: 240 seconds]
12:57 < xray> https://www.armis.com/blueborne/
12:57 < PigBot> Title: BlueBorne Information from the Research Team - Armis Labs (at www.armis.com) http://tinyurl.com/ya87py4o
12:57 < xray> patch NOW
13:01 <@Mirage> So why would using IP's only work perfectly fine on CentOS6 and be goofy as hell on CentOS7?
13:03 <@Mirage> and it's a VPN for accessing a customer network, not some goofy public cloud
13:03 <@Corydon76> Mirage: to clarify, are you talking about the servers on CentOS, or the clients?  Or both?
13:04 <@Mirage> clients are CentOS.   I have no clue what they use for the VPN concentrators or whatever...since it's using Cisco protocols (openconnect), I assume it's likely a Cisco solution.
13:06 <@Corydon76> So it's gotta be something within the OS
13:06 <@Mirage> Because of the insanity of EMC/Dell and their firewalls, gpo, etc it's impossible to connect to an outside VPN from your host system and still be able to connect to any EMC/Dell resources.   That's why we use a CentOS VM running in VMware Workstation to do the connections and work from.
13:06 <@Corydon76> Or the packages, anyway
13:07 <@Mirage> Yeah.   I killed firewalld and selinux, but that didn't make any difference.
13:07 <@Mirage> tsclient has been forked to 'remmina' and the rpm's used to install are 3rd party as it's not in EPEL.
13:08 <@Mirage> The built-in RDP client for CentOS 7 Gnome is a pice of shit
13:08 -!- remoford [~remo_lapt@c-68-52-35-32.hsd1.tn.comcast.net] has quit [Quit: Leaving.]
13:10 <@Mirage> Mainly in the fact that you can't really save connections and all the "terminal windows" are in a tabbed interface instead of separate windows.   When we sometimes might need to connect to several different jump/vcenter/sql/etc that becomes problematic
13:12 <@Mirage> The "powers that be" are pushing to move our desktop client VMs from 6->7 and the images are used by windows/linux technical and non-technical people, so it needs to be pretty much idiotproof
13:13 < k3ymkr> Mirage, do you work at EMC/Dell?
13:14 <@dasunt> I just got a call that said, and I quote "this is a call from the your cable company".
13:15 <@dasunt> Is "the your cable company" any good?
13:15 <@Mirage> Well, they own us..
13:15 < k3ymkr> @dasunt: No.  No it's not.
13:17 <@Corydon76> xray: Thank you.  I needed a reason to be paranoid today.
13:29 < xray> It's not paranoia if they are actually out to get you
13:30 < xray> There is a tool in the Google Play store that will check your phone for the vuln
13:30 < xray> The problem is that most phone companies will probably not send out a patch and if they do it won't be any time soon
13:40 -!- brimstone [~brimstone@unaffiliated/brimstone] has joined #se2600
13:40 -!- mode/#se2600 [+o brimstone] by ChanServ
14:28 <@dasunt> Oh FFS:  https://krebsonsecurity.com/2017/09/ayuda-help-equifax-has-my-data/
14:28 < PigBot> dasunt: That URL appears to have no HTML title.
14:28 <@dasunt> admin/admin?
14:38 -!- northrup [~northrup@52.177.192.239] has quit [Ping timeout: 240 seconds]
14:59 < TheDukh> idk why every time I see something regarding Rapid7, I get ptsd
15:14 -!- northrup [~northrup@96-87-200-9-static.hfc.comcastbusiness.net] has joined #se2600
15:14 -!- mode/#se2600 [+o northrup] by ChanServ
15:21 -!- northrup [~northrup@96-87-200-9-static.hfc.comcastbusiness.net] has quit [Ping timeout: 248 seconds]
15:29 -!- northrup [~northrup@52.177.192.239] has joined #se2600
15:29 -!- mode/#se2600 [+o northrup] by ChanServ
15:33 -!- skiboy [~skiboy@gateway/vpn/privateinternetaccess/skiboy] has joined #se2600
15:38 -!- brimstone [~brimstone@unaffiliated/brimstone] has quit [Ping timeout: 240 seconds]
15:48 -!- brimstone [~brimstone@unaffiliated/brimstone] has joined #se2600
15:48 -!- mode/#se2600 [+o brimstone] by ChanServ
16:51 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:b98c:593b:4e31:cb0e] has quit []
17:56 -!- northrup [~northrup@52.177.192.239] has quit [Ping timeout: 260 seconds]
18:15 -!- northrup [~northrup@52.177.192.239] has joined #se2600
18:15 -!- mode/#se2600 [+o northrup] by ChanServ
18:32 -!- am1n0 [~devnull@unaffiliated/am1n0] has quit [Ping timeout: 255 seconds]
18:35 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:4042:d68a:b5c3:be4] has joined #se2600
19:50 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:4042:d68a:b5c3:be4] has quit []
20:11 -!- skiboy [~skiboy@gateway/vpn/privateinternetaccess/skiboy] has quit [Quit: Leaving]
21:11 -!- northrup [~northrup@52.177.192.239] has quit [Ping timeout: 240 seconds]
21:57 -!- remoford [~remo_lapt@c-68-52-35-32.hsd1.tn.comcast.net] has joined #se2600
--- Log closed Thu Sep 14 00:00:43 2017