--- Log opened Thu Feb 04 00:00:21 2021
03:05 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has joined #se2600
03:08 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has quit [Remote host closed the connection]
03:10 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has joined #se2600
05:01 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has quit [Ping timeout: 260 seconds]
05:28 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has joined #se2600
06:15 <@Dolemite> mr0ning, be0tches and h0ez!
06:20  * aestetix hugs Dolemite 
06:31 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has quit [Ping timeout: 260 seconds]
07:26 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has joined #se2600
07:35 < Evilpig_> this resident alien is making me laugh a little
07:35 <@Dolemite> Yeah, watched Ep 2 this morning
07:35 <@Dolemite> I'll start up Ep 3 here in a bit
07:36 < Evilpig_> he was just putting stiches in the kid.  lol
07:36 <@Dolemite> Yeah, between that scene and the bartender/bowling alley slut chirping, it was quite funny
07:39 < Evilpig_> Got a ticket over night from one of our shit bird users
07:39 < Evilpig_> "The dhc1000lp server NEEDS MORE RAM. This VM hosts the online web host, DSA, which server whole slide images for over 400 users. Clearly this needs more than the bare minimum. Requesting 16GB to start."
07:40 < Evilpig_> I got into the load balancer and his highest concurrent user count... 38
07:40 < Evilpig_> this system already has 16GB of ram and he's currently using about 8GB
07:40 <@Dolemite> What a tard
07:40 < Evilpig_> earlier in the day he did exhaust all the memory and swap in the system though, so i'll have a little chat with him today about how he needs to look into his podman settings and add some constraints so he doesn't hose his system again
07:41 < Evilpig_> we might need to add a little memory, but ~40 concurrent users with nginx should be done easily on this
07:51 <@Dolemite> 8 GB of memory you should be able to handle 100 concurrent users
07:56 < Evilpig_> https://digitalslidearchive.github.io/digital_slide_archive/system-overview/
07:56 < PigBot> System Overview - Digital Slide Archive (at digitalslidearchive.github.io)
07:56 < Evilpig_> so.... this is overly complicated but explains how he destroyed the system
07:57 < Evilpig_> it spins up worker nodes to handle image manipulation tasks and he didn't put any type of limits on there.  just let it fly!
08:03 <@eryc> unbounded workers are tight
08:08 <@Dolemite> So it's not just serving content, it's having to do image manipulation of user uploads?
08:10 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has quit [Remote host closed the connection]
08:13 < Evilpig_> if I'm reading this documentation right
08:42 <@Mirage> lol.. "He has come to grasp that fact that the former president really didn't love him," his lawyer said.
08:42 <@Mirage> https://www.businessinsider.com/qanon-shaman-jacob-chansley-trump-played-him-lawyer-2021-2
08:42 < PigBot> 'QAnon Shaman' Jacob Chansley feels played by Trump: lawyer (at www.businessinsider.com) https://tinyurl.com/y2h9ythp
08:42 < Evilpig_> what do you expect from someone that refused to eat in prison until they caved and gave him organic food
08:44 <@Mirage> He's certainly not quite what i would expect for one of the QAnon nuts.
08:45 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has joined #se2600
09:26 <@Dolemite> Mirage: Well you are what you eat, and apparently he prefers nuts and berries
11:27 <@Dagmar> Fuck it.  Feed him inorganic food like rocks and aluminum staples
11:27 <@Dagmar> What a fuckin' pansy
11:28 <@Dagmar> _Jail_ means no longer having control over a lot of things, including what you're offered to eat
11:28 <@Dagmar> Chansley is just being a whiny little bitch for attention
11:30 <@Dolemite> Meanwhile, Kyle Rittenhouse has moved without informing the court of his new location
11:34 <@Mirage> Dagmar: but it's his 'religion'...though I don't recall ever hearing of Shamanism as a valid religion.
11:34 <@Mirage> If I ever get tossed in jail I should claim that I follow a religion that disallows locking people in small enclosed spaces
11:39 <@Dagmar> They shouldn't tolerate his bullshit, because it's definitely bullshit
11:40 <@Dagmar> They should just give him the same food as everyone else and tell him it's organic.
11:40 <@Dagmar> ...or just rifle through his credit card reciepts, note the lack of organic foods purchased prior to his arrest, and add perjury to his list of charges.
11:43 < xray> If I recall correctly some people here run Plex.
11:43 < xray> Plex Media servers actively abused to amplify DDoS attacks
11:43 < xray> https://www.bleepingcomputer.com/news/security/plex-media-servers-actively-abused-to-amplify-ddos-attacks/
11:43 < PigBot> Plex Media servers actively abused to amplify DDoS attacks (at www.bleepingcomputer.com) https://tinyurl.com/y69jyhhv
11:47 <@Dolemite> Well I keep my server software pretty up to date, so that's good.  It's for < 1.21
11:47 <@Dolemite> Second, it's not quite clear, but I don't expose port 32414, so I'm not sure if I would have been susceptible
11:48 <@Dolemite> Since it's called a reflection/amplification exploit, one would think that the port would need to be exposed
11:48 <@Dagmar> Kinda
11:49 <@Dagmar> You'd think a news source would want to mention that part, but perhaps not if they're trying to trade panic for mouseclicks
12:06 < Evilpig_> as long as they've fixed it in the recent version i'm good
12:06 < Evilpig_> 1.21.2.3943
12:07 < Evilpig_> I'm using that script that Mirage offered up to auto-update nightly
12:07 < Evilpig_> it has worked well
12:07 <@Mirage> Yeah, after you pointed out that they'd changed they're auth method and I corrected it.
12:30 < Evilpig_> https://www.pringles.com/us/products/scorchin/pringles-crisps-scorchin-bbq-super-stack.html
12:30 < Evilpig_> just told lastchild not to inhale while popping one of these in your food hole.
12:31 < Evilpig_> I'm coughing like I've come down with a case of the rona now
12:31 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has quit [Remote host closed the connection]
12:32 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has joined #se2600
12:33 -!- PigBot [~PigBot@wilpig.org] has quit [Ping timeout: 258 seconds]
12:40 <@eryc> is coughing a sympton of rona
12:48 <@Dagmar> Practically everything is a symptom of rona
12:48 <@Dagmar> Except the weird shit going on with this CentOS 7 instance
12:49 <@Dagmar> For whatever bloody reason, bash's printf has decided that the output of `printf "%0.3f" 0` should be 'nan'.
12:50 <@eryc> i though nan was only in javascript and maybe perl?
13:08 <@Dagmar> You can understand why I'm a little surprised to see bash's builtin start reporting that
13:08 <@Dagmar> Nevermind that it's blisteringly wrong
13:09 <@Dagmar> works fine for other numbers
13:09 <@Dagmar> heck it works fine for other _decimal_ numbers but 0.00, 0, and 0.0000 all return 'nan
13:20 <@eryc> it works on centos6 and rhel7 for me
13:21 <@eryc> what does this do: env -- printf "%0.3f" 0
13:21 <@Dagmar> literaelly just prints "nan"
13:23 <@Dagmar> Works fine on mulitple other machines, but these CentOS 7.9 machines... No idea what kind of weird patch they put in there
13:24 <@eryc> is there some weird locale setting?
13:24 <@Dagmar> Nope.  I don't even bother to set that
13:24 <@eryc> strange
13:24 <@eryc> could try strace
13:25 <@Dagmar> On _bash_?
13:25 <@Dagmar> No thanks
13:26 <@eryc> oh yea, well what does /usr/bin/printf do?
13:27 <@Dagmar> The right thing
13:27 <@Dagmar> I think they pushed a wonky patch out
13:28 <@Dagmar> I've got an 1810 box that's behaving properly, and the 2009 boxes are not
13:28 <@Dagmar> So, it's osmething they patched fairly recently
13:28 <@Dagmar> i.e., 7.6.1810 works and 7.9.2009 doesn't
13:44 <@eryc> is md5sum of bash the same?
13:44 <@eryc> or even the --version
13:57 <@Dagmar> Turns out it's a regression in glibc.  yay fun
14:11 <@Dagmar> https://bugzilla.redhat.com/show_bug.cgi?id=1925306
14:13 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has quit [Ping timeout: 260 seconds]
14:18 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has joined #se2600
15:24 < Evilpig_> haha
15:25 < Evilpig_> VUMC is absorbing facilities in <cities>, and along with that, the IT to go along with. There is some Linux/Unix in the mix that we’ll need to absorb. This will be the equivalent of getting a brand new 17-year-old couch from under a bridge. We’ll need to make the situation the best we can.
15:25 <@Dagmar> hahahahahahah
15:25 < Evilpig_> I just got that from my manager
15:26 <@Dagmar> If you're really, really lucky, you could inherit some Genuine SCO Unix servers!
15:26 < Evilpig_> no!  we're down to two HPUX boxes finally
15:26 < Evilpig_> I think we have one aix box left after much screaming
15:26 <@Dagmar> Hell id' have thought John would have killed htem off by now
15:27 < Evilpig_> John Donovan?
15:27 <@Dagmar> Yeah
15:27 < Evilpig_> he left us for cab like three years ago now
15:27 < Evilpig_> he's an ITSM drone
15:27 <@Dagmar> I vaguely recall him being hte only person there that actually liked them
15:28 <@Dagmar> Well, if he's no longer in the department, it would be a real same if something fatal happened to those
15:28 <@Dagmar> s/same/shame/
16:20 <@eryc> https://youtu.be/J-nIBA0V_No
16:35 -!- PigBot [~PigBot@wilpig.org] has joined #se2600
16:59 <@Dagmar> Evilpig_: You realize that, being AIX, unless it's heavily firewalled, it'll only take one pass of a vulnerability scanner with the safeties off to put it in its grave
17:13 < Evilpig_> I'm not going to publicly say it, but all of the AIX and HPUX boxes are likely on a list to keep them from being scanned after an incident may or may not have taken out some payroll batch jobs
17:13 <@Dagmar> lol
17:13 <@Dagmar> Cowards
17:14 < Evilpig_> There may also be a set of firewall rules that specifically block certain security scanners from hitting machines we manage except for a few ports like 80 and 443
17:15 <@Dagmar> You should spin up an OpenVAS server over there and point it at their Qualys box, so the next time they come at you with "some questions" you can respond with a set of questions of your own.  ;)
17:16 <@Dagmar> If they don't notice it scanning the Qualys box, you've already won
17:16 < Evilpig_> I'm just avoiding them entirely.  I 100% expect an email next week about the sudo CVE that we patched last week
17:17 <@Dagmar> I'm still unclear about whether or not it affects truly default configs, but I force-patched it anyway
17:17 <@Dagmar> Now I jsut have to wait for another glibc patch
17:17 <@Dagmar> It should be interesting to see what they do about that one
17:17 <@Dagmar> There's no freakin' telling what all weird shit will break when other people's code starts suddenly generating 'nan'
18:03 -!- rpifan [~rpifan@p200300d2671bda003836ac30b39637fa.dip0.t-ipconnect.de] has quit [Ping timeout: 260 seconds]
18:39 -!- xtort- [mark@dumbfucks.org] has quit [Remote host closed the connection]
18:45 -!- xtort- [mark@dumbfucks.org] has joined #se2600
22:32 <@Dagmar> It is _not_ easy to disassemble and retension mouse buttons.
22:32 <@Dagmar> Sheesh
22:36 <@Dagmar> So... Apparenlty the printf/glibc bug was caused by the "fix" for this https://nvd.nist.gov/vuln/detail/CVE-2020-29573
22:36 < PigBot> NVD - CVE-2020-29573 (at nvd.nist.gov)
22:38 <@Dagmar> Followup.. additional mayhem
22:38 <@Dagmar> https://bugzilla.redhat.com/show_bug.cgi?id=1925204
22:38 < PigBot> 1925204 – printf of long double with a value of 0 results in "nan" (at bugzilla.redhat.com)
--- Log closed Fri Feb 05 00:00:23 2021