Forum logs for 12 Jun 2012

Saturday, 23 November, Year 11 d.Tr. | Author: Mircea Popescu
* copumpkin has quit (Quit: Computer has gone to sleep.) [00:05]
* aparigraha has quit (Quit: Leaving) [00:29]
rawrmage Someguy123: " Or is AJxRD an expression of the majorly-male fandom's repressed homosexual thoughts?" [00:45]
* nmat (55f15404@gateway/web/freenode/ip.85.241.84.4) has joined #bitcoin-otc-eu [00:45]
* dolanduk has quit (Ping timeout: 260 seconds) [01:14]
* pigeons has quit (Ping timeout: 248 seconds) [01:20]
* vragnaroda has quit (Ping timeout: 248 seconds) [01:23]
* mircea_popescu has quit (Ping timeout: 248 seconds) [01:23]
* Disconnected (Remote host closed socket). [01:23]
* Now talking on #bitcoin-otc-eu [01:30]
* Topic for #bitcoin-otc-eu is: Eurozone #bitcoin-otc || http://bitcoin-otc.com || Include hash tag #eu in order notes to group -eu orders. || View all tagged -eu orders here: http://bitcoin-otc.com/vieworderbook.php?notes=%23eu || Exchange rates: !bc,convert CURRENCYCODE || GET BTC WITH ukash/paysafecard ... /msg neliskybot help || options-> http://polimedia.us/btc || bitcoin hosting -> http://bitvps.com/ [01:30]
* Topic for #bitcoin-otc-eu set by kakobrekla!~T42@89-212-41-49.static.t-2.net at Fri Apr 20 21:40:27 2012 [01:30]
* You are now known as Guest19027 [01:30]
* vragnaroda has quit (Ping timeout: 244 seconds) [01:31]
* malaimo has quit (Ping timeout: 244 seconds) [01:31]
* Azelphur_ (~Azelphur@azelphur.com) has joined #bitcoin-otc-eu [01:31]
* UukGoblin has quit (Ping timeout: 244 seconds) [01:32]
* miernik has quit (Ping timeout: 244 seconds) [01:32]
* UukGoblin (~jaa@yatima.uukgoblin.net) has joined #bitcoin-otc-eu [01:33]
* malaimo (~malaimo@85.17.27.71) has joined #bitcoin-otc-eu [01:33]
* mps (mp@178.79.142.101) has joined #bitcoin-otc-eu [01:35]
* vragnaroda (~vragnarod@unaffiliated/vragnaroda) has joined #bitcoin-otc-eu [01:36]
* BrightCloud is now known as QCloud [01:36]
* miernik (~miernik@85.183.50.38) has joined #bitcoin-otc-eu [01:38]
* nmat (55f15404@gateway/web/freenode/ip.85.241.84.4) has joined #bitcoin-otc-eu [01:45]
* QCloud is now known as BrightCloud [01:47]
* Azelphur_ is now known as Azelphur [01:50]
* nelisky has quit (Ping timeout: 252 seconds) [01:58]
* pigeons_ is now known as pigeons [02:02]
* brendio (~brendio@1.158.138.214) has joined #bitcoin-otc-eu [02:06]
* nmat has quit (Quit: Page closed) [02:15]
* darkee has quit (Ping timeout: 276 seconds) [02:37]
* Fiddle_AFK has quit (Quit: ~) [03:20]
* You are now known as mircea_popescu [03:29]
* Gaglia (~gaglia@93.95.226.135) has joined #bitcoin-otc-eu [03:47]
* kakobrekla removes channel operator status from kakobrekla [03:49]
* copumpkin (~copumpkin@unaffiliated/copumpkin) has joined #bitcoin-otc-eu [03:56]
* sgornick (~steve@unaffiliated/sgornick) has joined #bitcoin-otc-eu [04:20]
mircea_popescu hey rawrmage you around ? [04:21]
rawrmage yea, what's up? [04:21]
mircea_popescu just 1 sec [04:22]
mircea_popescu http://polimedia.us/dtng/c/src/133946419596.jpg [04:23]
mircea_popescu rawrmage pony ? [04:33]
rawrmage lol, the MLP level in diablo 3? [04:34]
* Gaglia has quit (Quit: Gaglia) [04:34]
rawrmage mircea_popescu: what about it? [04:35]
mircea_popescu aww, you been there ? [04:35]
mircea_popescu i thoguht im the harbringer of fascinating news. [04:36]
rawrmage heard about it, at least [04:36]
mircea_popescu okay :p [04:38]
Someguy123 rawrmage, derp [04:41]
Someguy123 also rawrmage http://www.youtube.com/watch?v=7HaWnknkl-U&feature=BFa&list=ULvP_wm5qAPNE [04:41]
Someguy123 >read top comment [04:41]
Someguy123 OH SHIT. [04:41]
Someguy123 BBBFF actually does sound a lot like perfect stallion [04:41]
Someguy123 o_O [04:41]
rawrmage lol [04:41]
Someguy123 never even noticed til now [04:42]
Someguy123 STOP REUSING SONGS DANIEL INGARD [04:42]
Someguy123 *derp* [04:42]
Someguy123 also wow, rawrmage http://www.youtube.com/watch?v=tKuaPv4N0BQ&feature=g-user-u [04:43]
Someguy123 tsyolin remix'd a deadmau5 song [04:43]
rawrmage listening to http://www.youtube.com/watch?v=FCqmYnDYUeo right now… sec [04:43]
rawrmage lol, uploader comments [04:47]
rawrmage Someguy123: that song's background is creepy [04:56]
Someguy123 rawrmage, damn I love that song [04:58]
rawrmage my favourite brony song right now is probably tied between Fruits of Her Labour, Awoken, and Cerulean Blue [04:59]
* copumpkin has quit (Ping timeout: 240 seconds) [05:29]
* copumpkin (~copumpkin@unaffiliated/copumpkin) has joined #bitcoin-otc-eu [05:30]
* copumpkin has quit (Ping timeout: 265 seconds) [05:52]
* copumpkin (~copumpkin@unaffiliated/copumpkin) has joined #bitcoin-otc-eu [05:52]
* imsaguy (~nick@unaffiliated/imsaguy) has joined #bitcoin-otc-eu [06:15]
imsaguy here I am [06:15]
rawrmage hai [06:15]
imsaguy it must be low traffic [06:16]
imsaguy the access list ends at 3 [06:16]
rawrmage haha [06:16]
mircea_popescu it is low traffic. [06:17]
* imsaguy (~nick@unaffiliated/imsaguy) has left #bitcoin-otc-eu ("trolls") [06:18]
* Now talking on #bitcoin-otc-eu [14:29]
* Topic for #bitcoin-otc-eu is: Eurozone #bitcoin-otc || http://bitcoin-otc.com || Include hash tag #eu in order notes to group -eu orders. || View all tagged -eu orders here: http://bitcoin-otc.com/vieworderbook.php?notes=%23eu || Exchange rates: !bc,convert CURRENCYCODE || GET BTC WITH ukash/paysafecard ... /msg neliskybot help || options-> http://polimedia.us/btc || bitcoin hosting -> http://bitvps.com/ [14:29]
* Topic for #bitcoin-otc-eu set by kakobrekla!~T42@89-212-41-49.static.t-2.net at Fri Apr 20 21:40:27 2012 [14:29]
* vodka (~vodka@unaffiliated/mcorlett) has joined #bitcoin-otc-eu [14:33]
* jcpham has quit (Quit: Part!) [14:36]
* jcpham (~jcpham@jcph.am) has joined #bitcoin-otc-eu [14:40]
jurovz [12:36:18] if a process succeeds in elevating its privs, the box will panic [14:44]
* jurovz is now known as jurov [14:44]
jurov rg, u mean that seriously? [14:45]
* jcpham has quit (Quit: Part!) [14:45]
rg yes [14:46]
rg its a last resort [14:46]
rg what would you rather it do [14:46]
rg give the user root? [14:46]
* jcpham (~jcpham@jcph.am) has joined #bitcoin-otc-eu [14:46]
jurov i plan not to have any sensitive data on disk [14:47]
rg doesnt matter [14:47]
rg that's not the only reason you would stop a root compromise [14:47]
rg a system compromise gives an attacker the privileges needed to sniff [14:48]
rg scan internally [14:48]
rg etc [14:48]
jurov yes, but analyzing memory takes enough time, so admin can react manually [14:49]
jurov not make DoS immediately [14:49]
rg lol what? [14:49]
rg dude if someone runs an exploit that your kernel fails to stop [14:49]
rg what if this super admin isnt awake? [14:49]
rg and im not sure what you're talking about analyzing memory [14:50]
jurov only reason to have uid0 is memory/filesystem access [14:50]
jurov for sniffing you don't need it [14:50]
rg umm... [14:51]
rg are you insane? [14:51]
* jcpham has quit (Quit: Part!) [14:52]
jurov tough question... just imho, most breakins are on the app level , and salient info like keys/wallet.dat is there too [14:54]
jurov i would concentrate there, not trying to think too hard "what if they get root and can't be killed -9" [14:55]
rg dude you are assuming every break in happens when you're monitoring your system [14:55]
rg its a last ditch effort [14:56]
jurov and you assume everyone wants to have root first [14:56]
rg no.. im assuming that in a last ditch effort it should shutoff the box before giving root [14:56]
rg if your box is setup properly it wont matter what account they get [14:56]
rg they will eventually go for root [14:56]
rg it is to protect against 0day [14:56]
rg and exploits that are unkown [14:56]
jurov well, how you want to do it? scan process table every 10ms? [14:57]
rg i dont do shit [14:57]
rg the kernel does it [14:57]
jurov grsecurity? [14:59]
rg SELinux+Grsec [14:59]
rg grsec alone isnt enough [14:59]
rg SELinux's best features are RBAC and TPE [15:00]
rg with RBAC ive essentially made the root account useless [15:00]
rg same privs as a user account [15:00]
jurov nice...and do you actually offer it in the preinstalled VPSs or you only use it for hypervisor? [15:03]
rg i cant give users that type of stuff [15:03]
rg they will either complain or fuck it up [15:03]
rg i have a grsec image i give to customers [15:03]
rg its the default [15:03]
rg but its not get all the options enabled [15:04]
* bitsmith (~kvirc@82-168-76-25.ip.telfort.nl) has joined #bitcoin-otc-eu [15:04]
mircea_popescu i cant give users that type of stuff [15:06]
mircea_popescu they will either complain or fuck it up [15:06]
mircea_popescu somebody has customer support experience. [15:06]
* kakobreklaa has quit (Ping timeout: 252 seconds) [15:07]
* nelisky has quit (Ping timeout: 246 seconds) [15:07]
* brendio (~brendio@101.170.198.20) has joined #bitcoin-otc-eu [15:09]
* kakobreklaa (~T42@89-212-41-49.static.t-2.net) has joined #bitcoin-otc-eu [15:10]
* jcpham (~jcpham@jcph.am) has joined #bitcoin-otc-eu [15:17]
jurov seems i'm in trollish mood today.. but, rg, if i ran vps, i'd be more proud about things like periodic backups than this [15:19]
* Fiddle_AFK (~Fiddle@dslb-178-001-101-100.pools.arcor-ip.net) has joined #bitcoin-otc-eu [15:23]
* ege (~erik@213.188.250.223) has joined #bitcoin-otc-eu [15:28]
Newar getrating newa [15:31]
Newar getrating newar [15:31]
mircea_popescu ;;getrating newar [15:32]
gribble User Newar, rated since Mon Jun 4 16:36:39 2012. Cumulative rating 6, from 5 total ratings. Received ratings: 5 positive, 0 negative. Sent ratings: 4 positive, 0 negative. Details: http://bitcoin-otc.com/viewratingdetail.php?nick=Newar Currently authenticated from hostmask Newar!~newar417@151.202-63-155.unknown.qala.com.sg [15:32]
Newar Thanks, I think it's not showing since i'm in PM with gribble [15:32]
* Ukto has quit (Ping timeout: 249 seconds) [15:34]
mircea_popescu no you omitted the ;; [15:35]
Newar ;;getrating Newar [15:37]
gribble User Newar, rated since Mon Jun 4 16:36:39 2012. Cumulative rating 6, from 5 total ratings. Received ratings: 5 positive, 0 negative. Sent ratings: 5 positive, 0 negative. Details: http://bitcoin-otc.com/viewratingdetail.php?nick=Newar Currently authenticated from hostmask Newar!~newar417@151.202-63-155.unknown.qala.com.sg [15:37]
Newar MAGIC! [15:37]
mircea_popescu :p [15:38]
* ege has quit (Ping timeout: 256 seconds) [15:45]
* teslacoil404 has quit (Quit: Konversation terminated!) [15:46]
rg jurov i still dont know what you're talking about [15:46]
* ege (~erik@213.188.250.223) has joined #bitcoin-otc-eu [15:58]
* ege has quit (Read error: Operation timed out) [16:01]
guruvan but you do rg. I like that /get root, box panics/ bit - that's super nice [16:04]
* jcpham has quit (Quit: Part!) [16:04]
* jcpham (~jcpham@jcph.am) has joined #bitcoin-otc-eu [16:10]
Jamalaka ;;bc, convert eur [16:10]
* ege (~erik@213.188.250.223) has joined #bitcoin-otc-eu [16:10]
gribble Error: "bc," is not a valid command. [16:10]
Jamalaka ;;bc,convert eur [16:10]
gribble 1 BTC = 5.55271 U.S. dollars = 4.43826233 Euros [16:10]
* jcpham0 (~im@ji.gy) has joined #bitcoin-otc-eu [16:10]
* jcpham0 is now known as johnny_mnemonic [16:22]
* johnny_mnemonic is now known as johnny_mnemonic2 [16:23]
rg well [16:23]
rg it does everything in its power to detour exploits [16:24]
rg but if something DOES manage to get through [16:24]
rg its absolute last resort [16:24]
rg is to panic [16:24]
rg which will obviously alert me [16:24]
rg instantly [16:24]
jcpham how [16:24]
guruvan which image of yours is that on? [16:25]
* johnny_mnemonic2 is now known as willsmith [16:25]
rg its the bitvps-secur image [16:25]
rg im still testing it [16:25]
* willsmith is now known as will_smith [16:25]
rg its going to become the default image [16:26]
will_smith nickserv is the gayest [16:26]
guruvan ok - cool I'm super interested in that [16:26]
rg seems like a perfect idea to me [16:26]
rg i mean what else would you have it do [16:26]
rg give them root? [16:26]
rg fuck no [16:26]
rg i dont care what's on the box [16:27]
rg i would prefer it roll over [16:27]
rg and die [16:27]
* will_smith is now known as [fresh]prince [16:27]
rg aw hell ya [16:27]
rg this DC is letting me cancel boxes [16:27]
rg up til 1 day before due [16:27]
rg cause we rent them out [16:27]
rg that is fuck yeah [16:27]
rg if this dude doesnt pay [16:28]
guruvan yeah - that's the part I like - just roll over and die before giving up the goods man [16:28]
rg it writes a log first [16:28]
rg then dies [16:28]
rg so when you see your box panic'd [16:28]
rg youd be able to see the difference between a normal crash [16:28]
rg and a security crash [16:28]
guruvan yea- I hope the logs - I hate crashed servers for unknown reasons [16:28]
* bitsmith has quit (Ping timeout: 248 seconds) [16:29]
rg also [16:29]
rg we're using a third party for backups now [16:29]
rg wondering how cusomers are going to react to that [16:29]
mircea_popescu well are they secure ?! [16:30]
guruvan backups encrypted? [16:30]
rg they're encrypted on the fly before they touch the remote place [16:30]
[fresh]prince i would say hoorah for offloading backups on someone dedicated to managing it [16:30]
* nelisky (~nelisky@a85-138-55-84.cpe.netcabo.pt) has joined #bitcoin-otc-eu [16:30]
* nelisky has quit (Changing host) [16:30]
* nelisky (~nelisky@unaffiliated/nelisky-/x-0749711) has joined #bitcoin-otc-eu [16:30]
[fresh]prince that's what i would say [16:30]
rg [fresh]prince: yeah the guy who runs it [16:30]
rg he said basically [16:30]
rg i make sure the SAN runs [16:30]
rg you maintain your own data [16:30]
mircea_popescu a ok. [16:31]
rg and hes offering fair pricing [16:31]
[fresh]prince the thing about backups is that they have to be managed, reviewed tested, blah blah [16:31]
[fresh]prince it's fucking boring [16:31]
rg well [16:31]
rg im not gonan backup os data [16:31]
rg waste of spae [16:31]
rg space [16:31]
rg ill be ok with users doing a full /etc backup [16:31]
rg /home [16:32]
rg /root [16:32]
rg and i guess if their apache is misconfigured, /var/www/ [16:32]
rg guruvan: im also trying to force some otehr security related stuff on users [16:32]
rg but im afraid they wont get it [16:32]
guruvan like what? [16:32]
rg its a different MPM for Apache [16:33]
* copumpkin has quit (Quit: Computer has gone to sleep.) [16:33]
rg so instead of running as 'nobody', 'apache' whatever [16:33]
rg each PHP script runs as its own user [16:33]
rg so it doesnt require world readable shit [16:33]
guruvan awesome [16:33]
rg like the default config of apache [16:33]
guruvan and you can easily discover the vulnerable script :D [16:33]
rg well the whole point of it is that if there is a vuln script [16:33]
rg they dont get your whole web root [16:33]
rg and you can configure SELinux to not allow it to run a shell [16:34]
rg it will literally get a permission denied [16:34]
rg even if you upload your own shell [16:34]
rg im just not sure how that's going to react with PHP [16:34]
* bitsmith (~kvirc@82-168-76-25.ip.telfort.nl) has joined #bitcoin-otc-eu [16:39]
* copumpkin (~copumpkin@unaffiliated/copumpkin) has joined #bitcoin-otc-eu [16:56]
* [fresh]prince is now known as pl0x [17:04]
* pl0x is now known as fp [17:06]
* fp has quit (Remote host closed the connection) [17:09]
* pl0x (~im@ji.gy) has joined #bitcoin-otc-eu [17:10]
* pl0x (~im@ji.gy) has left #bitcoin-otc-eu ("Leaving") [17:23]
* bitsmith has quit (Quit: KVIrc 4.0.4 Insomnia http://www.kvirc.net/) [17:27]
* Richmond (b0fa6608@gateway/web/freenode/ip.176.250.102.8) has joined #bitcoin-otc-eu [17:54]
* PsychoticBoy (5ed180ca@gateway/web/freenode/ip.94.209.128.202) has joined #bitcoin-otc-eu [17:59]
jurov rg, i was just thinking you are going to expend too much effort to too improbable scenario, that's all [18:03]
jurov nice to know you are thinking about many more things, actually [18:03]
* riX2000_ (~riX2000@anon-189-62.vpn.ipredator.se) has joined #bitcoin-otc-eu [18:04]
* riX2000_ is now known as Guest63375 [18:04]
* Guest21210 has quit (Ping timeout: 252 seconds) [18:07]
* ege has quit (Ping timeout: 248 seconds) [18:07]
* Richmond has quit (Quit: Page closed) [18:09]
* brendio has quit (Ping timeout: 245 seconds) [18:36]
* Richmond (b0fa6608@gateway/web/freenode/ip.176.250.102.8) has joined #bitcoin-otc-eu [18:56]
* PsychoticBoy has quit (Ping timeout: 245 seconds) [19:06]
* ege (~erik@2001:1620:f64:0:4e0:1e86:74c0:87b0) has joined #bitcoin-otc-eu [19:18]
* PsychoticBoy (5ed180ca@gateway/web/freenode/ip.94.209.128.202) has joined #bitcoin-otc-eu [19:22]
Richmond Anyone looking for bitcoins? I take Neteller direct transfer(eu) and Ukash(eu) [20:13]
* Richmond has quit (Quit: Page closed) [20:16]
* kakobreklaa is now known as kakobrekla [20:19]
* ChanServ gives channel operator status to kakobrekla [20:19]
* Richmond (b0fa6608@gateway/web/freenode/ip.176.250.102.8) has joined #bitcoin-otc-eu [20:34]
* Richmond has quit (Quit: Page closed) [20:43]
* PsychoticBoy has quit (Ping timeout: 245 seconds) [22:04]
jurov ;;bc,convert eur [22:07]
gribble 1 BTC = 5.69999 U.S. dollars = 4.55598274 Euros [22:07]
* Fiddle_AFK has quit (Ping timeout: 265 seconds) [22:11]
jurov ;;bc,convert eur [22:12]
gribble 1 BTC = 5.72576 U.S. dollars = 4.57877649 Euros [22:12]
* Fiddle_AFK (~Fiddle@dslb-178-001-101-100.pools.arcor-ip.net) has joined #bitcoin-otc-eu [22:13]
* cbdev has quit (Quit: ZNC - http://znc.sourceforge.net) [22:26]
* cbdev (~cbdev@hieristdas.internetzuen.de) has joined #bitcoin-otc-eu [22:26]
* faraday__ (u3912@gateway/web/irccloud.com/x-vcnbzwihlkukkdct) has joined #bitcoin-otc-eu [22:28]
* cbdev has quit (Client Quit) [22:29]
* cbdev (~fnord@46.115.16.82) has joined #bitcoin-otc-eu [22:29]
* Fiddle_AFK has quit (Quit: ~) [22:48]
* Guest63375 is now known as riX2000 [22:56]
* riX2000 has quit (Changing host) [22:57]
* riX2000 (~riX2000@unaffiliated/rix2000) has joined #bitcoin-otc-eu [22:57]
* cbdev has quit (Ping timeout: 252 seconds) [22:58]
* cbdev (~fnord@46.115.22.250) has joined #bitcoin-otc-eu [23:00]
* ege has quit (Ping timeout: 272 seconds) [23:04]
* Gaglia (~gaglia@93.95.226.135) has joined #bitcoin-otc-eu [23:05]
* Newar has quit (Ping timeout: 246 seconds) [23:11]
rawrmage Someguy123: http://its-alex-s.tumblr.com/post/24972228706/life-fuckin-made [23:33]
vodka [ Alex S.'s Secret Little Getaway, Life. Fuckin’. Made.    ] - http://its-alex-s.tumblr.com [23:33]
Category: Logs
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.
Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.