--- Log opened Sun Apr 12 00:00:58 2020
06:43 -!- Synx_hm [~Synx_hm@unaffiliated/synx-hm/x-1623004] has quit [Ping timeout: 260 seconds]
06:54 -!- Synx_hm [~Synx_hm@unaffiliated/synx-hm/x-1623004] has joined #se2600
07:46 -!- rpifan [~rpifan@p200300D2672B68802BDD8BD88781BD54.dip0.t-ipconnect.de] has joined #se2600
08:33 -!- K`Tetch_ [~no@unaffiliated/ktetch] has quit [Ping timeout: 264 seconds]
09:06 -!- rpifan [~rpifan@p200300D2672B68802BDD8BD88781BD54.dip0.t-ipconnect.de] has quit [Ping timeout: 260 seconds]
11:18 -!- rpifan [~rpifan@p200300D2672B68802BDD8BD88781BD54.dip0.t-ipconnect.de] has joined #se2600
12:42 -!- oddball [~oddball@h69-130-155-240.mtjltn.dsl.dynamic.tds.net] has joined #se2600
12:42 -!- mode/#se2600 [+o oddball] by ChanServ
12:52 -!- mode/#se2600 [+ooo aestetix cordless dasunt] by dc0de
12:52 -!- mode/#se2600 [+ooo PigBot rpifan Synx_hm] by dc0de
12:52 -!- mode/#se2600 [+oo xray TheDukh] by dc0de
12:52 <@dc0de> who is K'Tetch???
12:53 <@dc0de> 19:57:18) K`Tetch: 13:58:42 ?@dc0de? anyone here into robotics? <-- my main degree is in it, and a few other bts...
12:59 -!- jb7od [~yea@12.150.245.202] has joined #se2600
13:07 < jb7od> So I'm minding my business and then I get an alert that I've got a server at 140% percent processor usage, get in there- there's gangs and gangs of connections... from an IP whoising to.. Microsoft?
13:08 < jb7od> so I restart apache, they drop off and don't come right back (whew) but.. yall ever have that?
13:09 <@Evilpig> odd.  sounds like something was spidering maybe?
13:09 <@Evilpig> or could it have been something coming from azure?
13:12 < jb7od> I thought maybe something spidery, but it sure was aggressive.
13:13 < jb7od> 40.121.164.183 I dunno, it was this guy.
13:14 < jb7od> You guys doimg okay? lul at social distancing champs- I'm a big shut-in myself, unphased. Some of these other outside dogs are losing it in confinement.
13:16 < jb7od> that particular server hosts 6 wordpress sites for some non-profit initiatives.
13:19 < jb7od> finally had enough afk that freenode threw away my ident. Fair guess, but no- still alive.
13:26 <@Evilpig> the ptr or lack of looks like something from azure that isn't there now
13:27 < jb7od> It was amazing usage, whatever the case was.
13:41 < jb7od> took a screencap of this bananas usage graph and gonna wade around in the logs.
13:41 < jb7od> northrup! Happy AEster lol
13:55 < jb7od> (turns off ssh a bit to antagonize what looks to be a whole lot of ssh attempts)
13:55 <@Evilpig> I decided to try to get certbot set up for a wildcard again and i'm failing to get the keys working right. :-/
13:55 <@Evilpig> ;; ->>HEADER<<- opcode: UPDATE, status: NOTAUTH, id:  62936
13:56 <@Evilpig> keeps coming up saying notauth, like i've got a key typed wrong or something
13:57 < jb7od> I guess with everybody trapped in the house, I ought to expect this sort of.
14:00 < jb7od> oh cool- I'd wondered how that was done. Sorry it's being ass, I don't know enough to say, but does it login to lets encrypt to fetch out keys?
14:02 <@Evilpig> certbot just retrieves the magic txt value from the auth server, then does an nsupdate via the secret key to bind, then it tells the auth server to query the domain for the new txt record to verify that we updated it correctly
14:02 <@Evilpig> just like dhcpd can do dynamic dns updates, this is the same model
14:04 < jb7od> what would it look like if it failed to update?
14:04 < jb7od> that?
14:04 <@Evilpig> for me right now it's returning not authorized
14:04 <@Evilpig> but the usual dns query returns apply
14:11 < jb7od> I'd have to go though it all, being a big noob to it.
14:35 < jb7od> despite having denyhosts on 10 tries, after stopping sshd, the meter REALLY hit the floor. Appears that was the only traffic that thing gets... smh..
15:11 -!- rpifan_ [~rpifan@p200300D2672B68844536129AB0AE0FCE.dip0.t-ipconnect.de] has joined #se2600
15:14 -!- rpifan [~rpifan@p200300D2672B68802BDD8BD88781BD54.dip0.t-ipconnect.de] has quit [Ping timeout: 260 seconds]
15:29 <@Evilpig> getting closer. part of my issue was my split dns views.  took out my internal view and put the responses that needed to be different into an rpz file and now it's getting the right request, but something else is failing.  making progress though
15:35 -!- rpifan_ is now known as rpifan
16:28 <@dasunt>  /me has 4 more hours of work.
16:28 <@dasunt> *yawn*
17:13 < jb7od> The concept of being on or off of work has blurred beyond recognition
17:14 <@Evilpig> agreed
17:18 < jb7od> I can't help but think for a number of us, ppl are working harder and longer because of it-
17:19 < jb7od> (I know some of my userbase new to telework is anyway- they're camping out)
17:23 <@Evilpig> I think I have a python problem on my server
17:23 <@Evilpig> got into the python module that's supposed to be doing the verify and when it tried to pull the soa for wilpig.com I got a list of root server hints
17:23 <@Evilpig> ;QUESTION
17:23 <@Evilpig> com. IN SOA
17:23 <@Evilpig> ;ANSWER
17:23 <@Evilpig> ;AUTHORITY
17:23 <@Evilpig> com. 168226 IN NS b.gtld-servers.net.
17:23 <@Evilpig> com. 168226 IN NS i.gtld-servers.net.
17:23 <@Evilpig> com. 168226 IN NS h.gtld-servers.net.
17:23 <@Evilpig> com. 168226 IN NS g.gtld-servers.net.
17:24 <@Evilpig> and the previous attempt it got my servers, which were authoritative but it still didn't get an answer
17:25 <@Evilpig> response.get_rrset(response.answer, domain, dns.rdataclass.IN, dns.rdatatype.SOA)
17:25 <@Evilpig> this python call is getting no data
17:34 <@Evilpig> maybe it's time to start that other project to migrate my centos7 server to 8
17:37 < jb7od> Python? is it on a platform or handrolled?
17:37 <@dasunt> jb7od: Work gets very mad (supposedly) if I work for too long.
17:38 <@Evilpig> it's the default shit from centos7 but i've used pip to install a few things in the past and supposedly it could have caused some issues with the rpm updates
17:38 <@Evilpig> it's time to migrate the server to the new platform though
17:39 <@dasunt> I'm going to advocate that my group gets a few test servers.
17:40 < jb7od> might clear up suspected rpm weirdness-
17:41 < jb7od> haven't ever messed with a centos.
17:43 <@Evilpig> i'm staring with loading updates
17:43 < jb7od> I need to set up a laptop for evil- like pentests, scans, and that sort of trash. Is kali still the move?
17:45 < jb7od> (not that I want to, epic procrastination on my part, but I've got to get a pen and at least two scans as SOP starting right now. lol)
17:46 <@Evilpig> why get a laptop when you can pop up a stealth vm ;)
17:48 <@Evilpig> ups doesn't deliver on sunday, do they?
17:49 < jb7od> That's probably better, most of our servers are vm anyway- used to do vm's for it (from desktop, not server), and the answer is just b/c it seemed like fun lol.
17:50 -!- PigBot [~PigBot@wilpig.org] has quit [Ping timeout: 256 seconds]
17:52 < jb7od> the last vm was kali, and this was around when metasploit stopped being free, seems like they came out with tiers- a free and then some others modules that were pay.
17:54 < jb7od> (for reference, it's been a couple few years)
17:56 -!- PigBot [~PigBot@wilpig.org] has joined #se2600
17:56 <@Evilpig> I guess python isn't completely destroyed.  pigbot started at least.  haha
18:07  * dasunt pokes PigBot 
18:08 <@dasunt> https://www.2600.org
18:08 < PigBot> 2600 News | 2600 (at www.2600.org)
18:08 <@dasunt> Well, it does URLs still.
18:20 <@Evilpig> python is fine.  turns out I was using the python call wrong.  I was just as string and it needed to be an object.  it's looking like the dynamic update isn't working right
18:51 -!- rpifan [~rpifan@p200300D2672B68844536129AB0AE0FCE.dip0.t-ipconnect.de] has quit [Quit: Leaving]
19:05 <@dasunt> Weird thing about NYC - there's 3,350 corona deaths (as of April 4th), but compared to the baseline, there's 5,330 more deaths than expected.
19:06 <@dasunt> So is only about 60% of corona deaths actually being counted?
19:06 <@opticron> NYC announced recently that they hadn't been counting those who weren't tested for covid-19
19:07 <@opticron> even though it was highly likely they had died from it
19:42 <@Evilpig> damnit!  i'm close now.  so I was getting unauthorized because I was getting into the internal view instead of the external so I solved that by telling it to force the external view when it saw that key.  so the main wilpig.com zone is updating fine.  however when i try to push a record onto _acme-challenge.wilpig.com it is failing again with noauth
21:06 < jb7od> Oh- so, if you died of it, but you didn't get tested while you were alive, you're not in the numbers?
21:10 < jb7od> Get this- my dad died Feb 20. What got him in the hospital was an aortic tear, but during the two week decline, including another heart attack, a stroke, renal failure.. in the last 3 days VU said there was somehting going on with his lungs that they didn't know what was-- and dunno if you've seen the wsmv heat map, but he is/was a 37212 resident. But then so is VUMC so no surprise the count would be high
21:13 < jb7od> we'll never know for sure now, oh and his wife had just come back from China (airline bigwig). If she was a carrier it was either asymptomatic or a completely unimpressive presentation
21:32 -!- jb7od [~yea@12.150.245.202] has left #se2600 ["Google qatar virology jobs"]
--- Log closed Mon Apr 13 00:00:59 2020