Techrights logo

IRC: #techbytes @ FreeNode: September 28th, 2014-October 4th, 2014

Join us now at the IRC channel.

*schestowitz_log_ has quit (Remote host closed the connection)Sep 28 09:35
*schestowitz has quit (Read error: Connection reset by peer)Sep 28 09:35
*schestowitz (~schestowi@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesSep 28 09:35
*schestowitz has quit (Changing host)Sep 28 09:35
*schestowitz (~schestowi@unaffiliated/schestowitz) has joined #techbytesSep 28 09:35
*schestowitz_log_ (~schestowi@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesSep 28 09:35
*schestowitz_log_ has quit (Changing host)Sep 28 09:35
*schestowitz_log_ (~schestowi@unaffiliated/schestowitz) has joined #techbytesSep 28 09:35
*pidgin_log1 has quit (Quit: Leaving.)Sep 29 09:26
*schestowitz__ has quit (Quit: Konversation term)Sep 29 09:35
*schestowitz__ (~schestowi@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesSep 29 14:00
*schestowitz__ has quit (Changing host)Sep 29 14:00
*schestowitz__ (~schestowi@unaffiliated/schestowitz) has joined #techbytesSep 29 14:00
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesSep 29 14:00
schestowitz__https://joindiaspora.com/posts/4823532Sep 30 01:22
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: When the most secretive government (that seeks to jail journalists) talks about "open source" it's openwashing (PR) http://technical.ly/dc/2014/09/29/us-craft-open-source-policy-next-year/Sep 30 01:22
schestowitz__"The words are nice and there has been a little progress in those limited ways. It's just not fast enough or real enough."Sep 30 01:22
-TechBytesBot/#techbytes--> technical.ly | US to craft open source policy by next year - Technical.ly DC [ http://ur1.ca/i9k5x ]Sep 30 01:22
schestowitz__https://joindiaspora.com/posts/4822562Sep 30 01:22
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: Tesla Breaks The World! Released For Linux http://www.gamingonlinux.com/articles/tesla-breaks-the-world-released-for-linux.4378/ #games #gnu #linuxSep 30 01:22
-TechBytesBot/#techbytes--> www.gamingonlinux.com | Tesla Breaks The World! Released For Linux | GamingOnLinux [ http://ur1.ca/i9k69 ]Sep 30 01:22
schestowitz__"Cool stuff!"Sep 30 01:22
schestowitz__https://joindiaspora.com/posts/4823462Sep 30 01:23
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: Data Shows That #Chromebook , Mac Sales Are Eating Into Windows' Share http://ostatic.com/blog/data-shows-that-chromebook-mac-sales-are-eating-into-windows-share #gnu #linuxSep 30 01:23
-TechBytesBot/#techbytes--> ostatic.com | Data Shows That Chromebook, Mac Sales Are Eating Into Windows' Share [ http://ur1.ca/i9hvv ]Sep 30 01:23
schestowitz__http://173.20.223.0/photo_album/chron/2014/2014_01_17-bcbe_laptop_policies/Sep 30 01:23
-TechBytesBot/#techbytes-173.20.223.0 | BCBE Laptops [ http://ur1.ca/i9k6l ]Sep 30 01:23
schestowitz__"There are limits to what can be done, but gnu/linux can do it better and cheaper. My daughter is in one of the mac programs which are oppression sold through promises of equality and freedom. Apple is also a big headache for me, with really nasty formats etc. Chromebook programs are probably a little better because Google is not as awful as Apple is. US law requires non free software on the computers, so students can't trust them."Sep 30 01:23
schestowitz__"odd, I goofed the link to Penn Manor High School's GNU/Linux laptop program."Sep 30 01:23
schestowitz__and again! http://opensource.com/education/14/9/open-source-high-schoolSep 30 01:23
-TechBytesBot/#techbytes-opensource.com | Linux laptop learning initiative at Penn Manor High School | Opensource.com [ http://ur1.ca/i5t0w ]Sep 30 01:23
schestowitz__https://twitter.com/schestowitz/status/516743995784175616Sep 30 01:25
-TechBytesBot/#techbytes-@schestowitz: "Mainstream" today means imperialism. "Freedom" means Western values. "Voting" means selecting between tyrants.Sep 30 01:25
schestowitz__https://twitter.com/schestowitz/status/516743995784175616  https://twitter.com/schestowitz/status/516745966154956800Sep 30 01:27
-TechBytesBot/#techbytes-@schestowitz: "I don't like president X." "Then again, presidential candidate Y was even worse." Corporations love (and fund) both X and Y. So who voted?Sep 30 01:27
*libertybox_ has quit (Remote host closed the connection)Sep 30 02:37
*libertyboxes (~liberty@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesSep 30 02:38
*TechBytesBot has quit (Ping timeout: 245 seconds)Sep 30 03:13
*TechBytesBot (~b0t@mail.copilotco.com) has joined #techbytesSep 30 08:48
TechBytesBotHello World! I'm TechBytesBot running phIRCe v0.75Sep 30 08:48
**** BEGIN LOGGING AT Wed Oct 1 02:00:00 2014
*Now talking on #techbytesOct 01 02:00
*Topic for #techbytes is: Welcome to the official channel of the TechBytes AudiocastOct 01 02:00
*Topic for #techbytes set by ThistleWeb!~gordon@unaffiliated/thistleweb at Wed Jan 5 20:55:35 2011Oct 01 02:00
*libertyboxes (~liberty@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 01 02:00
*pidgin_log has quit (Ping timeout: 272 seconds)Oct 01 13:11
*schestowitz_log has quit (Ping timeout: 260 seconds)Oct 01 13:12
*schestowitz__ has quit (Ping timeout: 272 seconds)Oct 01 13:13
*schestowitz_log (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 01 13:13
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 01 13:13
*schestowitz__ (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 01 13:13
*pidgin_log has quit (Quit: Leaving.)Oct 01 13:22
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 01 13:24
*MinceR_ (~mincer@unaffiliated/mincer) has joined #techbytesOct 01 17:16
*MinceR has quit (Read error: Connection reset by peer)Oct 01 17:19
*MinceR_ is now known as MinceROct 01 17:20
*schestowitz_log has quit (Ping timeout: 272 seconds)Oct 02 03:08
*schestowitz_log (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 02 03:09
schestowitz__https://joindiaspora.com/posts/4834737Oct 02 06:01
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: #privacy aids pedophilia in the same way that kitchen knives aid domestic violence and privacy helped US become independent from the BritishOct 02 06:01
schestowitz__"And the telephone helps blackmail."Oct 02 06:01
schestowitz__https://joindiaspora.com/posts/4837470Oct 02 06:02
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: Stories about #drones are heartbreaking. The poor "pilots"... think of the pilots! http://www.startribune.com/lifestyle/health/277403011.htmlOct 02 06:02
-TechBytesBot/#techbytes--> www.startribune.com | Drone operators return to combat amid growing research they can suffer emotional strain, PTSD | Star Tribune [ http://ur1.ca/ia96h ]Oct 02 06:02
schestowitz__"The hypocrisy, the doublethink, the special pleading. You're right of course. And yet... it is damaging to the integrity of a human being to do this kind of thing; not just drone "piloting" but anything involving killing people. It's a simple message: yes, killing people is bad for you. It's wrong to ignore or downplay their victims, but it's not wrong to focus on the dehumanizing of the perpetrators as well as ending the crimes theyOct 02 06:02
schestowitz__commit, as a lower priority certainly but still an important consideration. It may also provide a way to be heard where power and wealth usually turn a deaf ear to arguments from morality and law, and where the complacent, complicit majority are usually happy simply to fall in line with whatever warmongering power and wealth want."Oct 02 06:02
schestowitz__"It's good to have stories where the perpetrators say, "I did a bad thing and regret it.""Oct 02 06:02
schestowitz__"Really? They did? When? Which "Western Media"? They all seemed to echo the Zionist line pretty faithfully, especially in the USA. There were petitions about the BBC's flagrant bias and selectivity, which were well-supported by objective research showing the frequency of the broadcaster's one-sided misinformation concerning Israel. "Lynched"? My arse. Western Media coverage always loyally mirrors the core belief of Zionism thatOct 02 06:05
schestowitz__gentile Arab life is worth less than Jewish Israeli life -- much, much less. Those few reporters who come close to telling the story straight get fired, as happened twice in the USA during the IDF assault on Gaza (reversed in one case because of the subsequent outcry). I'd like to ask the author for a few citations. Note that there is not one supporting article linked or cited until halfway down, and even that -- from the ciapost,Oct 02 06:05
schestowitz__always loyal to Israel -- dutifully peddles the lie that Hamas was to blame for the "most moral army in the world" with its "pinpoint accuracy" and "unique restraint" killing 16 children in a school being used as a UN shelter which (the article does not mention) the UN had directly identified to the IDF multiple times, including no more than one hour earlier. Somehow we are to agree that this gutless, temporizing, servile coverageOct 02 06:06
schestowitz__constitutes "slander" of the wonderful, spotless, guiltless Israeli war machine, which of course cannot be doing wrong in any sense. He also includes the lie used as cassus belli that supposedly -- somehow, who knows how -- justifies the pogrom on Gaza, that the assault was somehow a just response to the (certainly true) murder of three Israeli teens in the occupied West Bank (not Gaza). Never mind that Israel claims to be a WesternOct 02 06:06
schestowitz__democracy with the rule of law, where it would presumably be a matter for law enforcement and the courts to deal with such murders using due process; never mind the immediately preceding murders of Palestinian teens by settlers and IDF soldiers, or the constant, unceasing drip-drip of IDF- and settler-spilled Palestinian children's blood over the last twelve years, given zero coverage in the purportedly Israel-bashing Western Media;Oct 02 06:06
schestowitz__those don't count, of course; never mind the now-revealed certain knowledge that Netanyahu had as to the boys' fate days before the bogus "search" and concomitant whipping-up of Israeli fury were going on. This is vile stuff, Roy."Oct 02 06:06
schestowitz__https://joindiaspora.com/posts/4837407Oct 02 06:06
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: Western Media blasted Israel over casualties; mostly quiet now http://www.digitaljournal.com/news/politics/op-ed-western-media-blasted-israel-over-casualties-mostly-quiet-now/article/406260 #nato does the same thingOct 02 06:06
-TechBytesBot/#techbytes--> www.digitaljournal.com | Op-Ed: Western Media blasted Israel over casualties; mostly quiet now [ http://ur1.ca/ia97c ]Oct 02 06:06
schestowitz__>     By the way, I am officially putting some parts of London's official WebOct 02 06:09
schestowitz__>     site (london.gov.uk) on OpenStreetView instead of Google Maps, havingOct 02 06:10
schestowitz__>     helped now for a year to put them on Drupal (GPL).Oct 02 06:10
schestowitz__>Oct 02 06:10
schestowitz__> That is good.Oct 02 06:10
schestowitz__>Oct 02 06:10
schestowitz__> Is OpenStreetView different from OpenStreetMap?Oct 02 06:10
schestowitz__>Oct 02 06:10
schestowitz__> I wish the OpenStreetMap web site worked without running nonfreeOct 02 06:10
schestowitz__> Javascript.  At present, I can't actually use it, those web sites areOct 02 06:10
schestowitz__> therefore sending nonfree JS code to the users!  I asked OpenStreetMapOct 02 06:10
schestowitz__> to fix this and they refused.Oct 02 06:10
schestowitz__If they can implement a fallback for interactive maps, they probably should. JS-less interaction is not hard to make. I guess their priorities are different at the moment.Oct 02 06:10
schestowitz__^RMSOct 02 06:10
MinceRcould run a dedicated OSM viewer insteadOct 02 07:08
MinceRlike OsmAnd :>Oct 02 07:08
schestowitz__http://mediamatters.org/blog/2014/10/01/nro-forgets-its-defense-of-scalia-speeches-as-i/200979Oct 02 09:59
-TechBytesBot/#techbytes-mediamatters.org | NRO Forgets Its Defense Of Scalia Speeches As It Continues To Attack Ginsburg | Blog | Media Matters for America [ http://ur1.ca/iab4i ]Oct 02 09:59
schestowitz__https://twitter.com/zoobab/status/517603106176401408Oct 02 11:11
-TechBytesBot/#techbytes-@zoobab: @schestowitz I am not sure Stallman would not agree more with me. DRM and MP4 are in Firefox.Oct 02 11:11
schestowitz__FSF makes a derivative that RMS recommends when asked about Firefox (as he did recently); by no means does he boycott FirefoxOct 02 11:11
schestowitz__and the same for Google; months ago he said that Google contributes to Free software with funding (GSOC) but has non-free JSOct 02 11:12
*MinceR_ (~mincer@unaffiliated/mincer) has joined #techbytesOct 03 03:37
*MinceR has quit (Ping timeout: 260 seconds)Oct 03 03:39
*pidgin_log has quit (Quit: Leaving.)Oct 03 04:56
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 03 04:57
schestowitz__> I looked at PFSense ages ago but then decided plain OpenBSD was easierOct 03 06:19
schestowitz__> and defintely more flexible.  Nowadays, PF is far more advanced onOct 03 06:19
schestowitz__> OpenBSD.  FreeBSD (pfsense) and NetBSD have fallen behind.  The featureOct 03 06:19
schestowitz__> relevant here in either version of PF would be tables, because tableOct 03 06:19
schestowitz__> entries can be expired based on how long they've been inactive.  varnishOct 03 06:19
schestowitz__> can, of course, also run on OpenBSD.Oct 03 06:19
schestowitz__>Oct 03 06:19
schestowitz__> Attached is a sketch in perl of an idea for iptables.  It usesOct 03 06:19
schestowitz__> varnishncsa to get a formatted log entry.  It then echos iptables rulesOct 03 06:19
schestowitz__> to stdout.  Lines 9 and 10 would need to be modified to make it actuallyOct 03 06:19
schestowitz__> run iptables.Oct 03 06:19
schestowitz__>Oct 03 06:19
schestowitz__> The rules it would add can be removed from the input chain with grep:Oct 03 06:19
schestowitz__>Oct 03 06:19
schestowitz__> iptables-save | grep -v DDOS | iptables-restoreOct 03 06:19
schestowitz__>Oct 03 06:19
schestowitz__> but that is without regard to age.  Only port 80 is blocked to preventOct 03 06:19
schestowitz__> locking ssh accidentally and because general, non-http attacks can onlyOct 03 06:19
schestowitz__> be dealt with at the router if I understand correctly.Oct 03 06:19
schestowitz__>Oct 03 06:19
schestowitz__> The -A appends also count on the fact that at the start of the chainOct 03 06:20
schestowitz__> there is a rule to let in established connections, to prevent excessiveOct 03 06:20
schestowitz__> processing.Oct 03 06:20
schestowitz__>Oct 03 06:20
schestowitz__> iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED \Oct 03 06:20
schestowitz__> -j ACCEPTOct 03 06:20
schestowitz__>Oct 03 06:20
schestowitz__> Unfortunately for new TCP connections to port 80, legitimate hosts willOct 03 06:20
schestowitz__> have to go through the whole chain the first time.Oct 03 06:20
schestowitz__Overnight the attacks started hammering on the forums too.Oct 03 06:20
schestowitz__BUT... recently most attacks hit the front page, and they use junk referrer... and it's always Windows NT of various versions.Oct 03 06:20
schestowitz__Is there a simple way to make apache .htaccess block something like the following (without blocking legit users)?Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:45 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=8&quicktabs_socialmedia=0&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 YaBrowser/14.7.1916.15705 Safari/537.36"Oct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=8&quicktabs_socialmedia=0&quicktabs_bottomtabs=1 )Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:44 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/158-jim-zemlin/543081-zuckerberg-is-spot-on-with-hacker-way-but-the-linux-community-already-knew-th?page=4&order=type&sort=asc&quicktabs_authors=0&quicktabs_bottomtabs=2&quicktabs_socialmedia=1" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36Oct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/158-jim-zemlin/543081-zuckerberg-is-spot-on-with-hacker-way-but-the-linux-community-already-knew-th?page=4&order=type&sort=asc&quicktabs_authors=0&quicktabs_bottomtabs=2&quicktabs_socialmedia=1 )Oct 03 06:20
schestowitz__0.1985.143 Safari/537.36"Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:42 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/167-amanda-mcpherson/news/special-feature/linux-developers?page=7&order=title&sort=asc&quicktabs_socialmedia=1&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"Oct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/167-amanda-mcpherson/news/special-feature/linux-developers?page=7&order=title&sort=asc&quicktabs_socialmedia=1&quicktabs_bottomtabs=1 )Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:46 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=7&order=type&sort=asc&quicktabs_bottomtabs=1&quicktabs_socialmedia=0" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36"Oct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=7&order=type&sort=asc&quicktabs_bottomtabs=1&quicktabs_socialmedia=0 )Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:45 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/www.netways.org/projects/learn/tutorials/kde-style-qtcurve?page=8&order=title&sort=asc&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36"Oct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/www.netways.org/projects/learn/tutorials/kde-style-qtcurve?page=8&order=title&sort=asc&quicktabs_bottomtabs=1 )Oct 03 06:20
schestowitz__127.0.0.1 - - [02/Oct/2014:21:33:01 -0700] "GET /modules/forum/forum.css?a HTTP/1.0" 403 310 "-" "-"Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:44 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/167-amanda-mcpherson/gstreamer0.10-plugins-ugly,gstreamer0.10-plugins-ffmpeg?page=5&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36 OPR/23.0.1522.77"Oct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/167-amanda-mcpherson/gstreamer0.10-plugins-ugly,gstreamer0.10-plugins-ffmpeg?page=5&quicktabs_bottomtabs=1 )Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:33:04 -0700] "GET /forum/11 HTTP/1.1" 403 292 "-" "magpie-crawler/1.1 (U; Linux amd64; en-GB; +http://www.brandwatch.net)"Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:48 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&order=name&sort=desc&quicktabs_authors=1&quicktabs_socialmedia=1&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0"Oct 03 06:20
-TechBytesBot/#techbytes-www.brandwatch.com | Social Media Monitoring and Analytics Tools - BrandwatchOct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&order=name&sort=desc&quicktabs_authors=1&quicktabs_socialmedia=1&quicktabs_bottomtabs=1 )Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:53 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/community/contests-and-polls/contests/tshirt-design-contest-2012?page=6&quicktabs_bottomtabs=1&quicktabs_socialmedia=1" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36 OPR/23.0.1522.77"Oct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/community/contests-and-polls/contests/tshirt-design-contest-2012?page=6&quicktabs_bottomtabs=1&quicktabs_socialmedia=1 )Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:51 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=7&order=comment_count&sort=desc&quicktabs_bottomtabs=1&quicktabs_authors=2" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36 OPR/23.0.1522.77"Oct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=7&order=comment_count&sort=desc&quicktabs_bottomtabs=1&quicktabs_authors=2 )Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:51 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&quicktabs_authors=1&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 YaBrowser/14.7.1916.15705 Safari/537.36"Oct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&quicktabs_authors=1&quicktabs_bottomtabs=1 )Oct 03 06:20
schestowitz__10.0.2.11 - - [02/Oct/2014:21:30:05 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&quicktabs_socialmedia=0&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.102 Safari/537.36"Oct 03 06:20
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&quicktabs_socialmedia=0&quicktabs_bottomtabs=1 )Oct 03 06:20
*schestowitz__ has quit (Quit: Konversation term)Oct 03 06:48
*schestowitz__ (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 03 06:49
*MinceR_ is now known as MinceROct 03 07:09
schestowitz__>> Overnight the attacks started hammering on the forums too.Oct 03 08:31
schestowitz__> :(Oct 03 08:31
schestowitz__>Oct 03 08:31
schestowitz__>> > BUT... recently most attacks hit the front page, and they use junkOct 03 08:31
schestowitz__>> > referrer... and it's always Windows NT of various versions.Oct 03 08:31
schestowitz__>> >Oct 03 08:31
schestowitz__>> > Is there a simple way to make apache .htaccess block something like theOct 03 08:31
schestowitz__>> > following (without blocking legit users)?Oct 03 08:31
schestowitz__>> >Oct 03 08:31
schestowitz__>> >Oct 03 08:31
schestowitz__>> > 10.0.2.11 - - [02/Oct/2014:21:29:45 -0700] "GET / HTTP/1.0" 200 128473Oct 03 08:31
schestowitz__>> > "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=8&quicktabs_socialmedia=0&quicktabs_bottomtabs=1"Oct 03 08:31
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=8&quicktabs_socialmedia=0&quicktabs_bottomtabs=1 )Oct 03 08:31
schestowitz__>> > "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, likeOct 03 08:31
schestowitz__>> > Gecko) Chrome/35.0.1916.153 YaBrowser/14.7.1916.15705 Safari/537.36"Oct 03 08:31
schestowitz__> You could use SetEnvIf [1]Oct 03 08:31
schestowitz__>Oct 03 08:31
schestowitz__>         SetEnvIf RefererOct 03 08:31
schestowitz__> "^http://www.tuxmachines.org/.*ubuntuforums.org" bogusOct 03 08:31
-TechBytesBot/#techbytes- ( status 404 @ http://www.tuxmachines.org/.*ubuntuforums.org )Oct 03 08:31
schestowitz__>         <Location />Oct 03 08:31
schestowitz__>                 Order Allow,DenyOct 03 08:31
schestowitz__>                 Allow from allOct 03 08:31
schestowitz__>                 Deny from env=bogusOct 03 08:31
schestowitz__>         </Location>Oct 03 08:31
schestowitz__>Oct 03 08:31
schestowitz__>Oct 03 08:31
schestowitz__> Repeat the setenvif directive as many times as needed.  I'm not sure howOct 03 08:31
schestowitz__> much this slows things down but it will be less than running PHP, IOct 03 08:31
schestowitz__> think.  It works for <Directory> and <Location>Oct 03 08:31
schestowitz__>Oct 03 08:31
schestowitz__> I'm not sure if that works in .htaccess, but it does work in the regularOct 03 08:31
schestowitz__> vhost's configuration file.Oct 03 08:31
schestowitz__>Oct 03 08:31
schestowitz__> Regards,Oct 03 08:31
schestowitz__>Oct 03 08:31
schestowitz__> [1]https://httpd.apache.org/docs/2.4/mod/mod_setenvif.html#setenvifOct 03 08:31
schestowitz__>         SetEnvIf RefererOct 03 08:31
-TechBytesBot/#techbytes-httpd.apache.org | mod_setenvif - Apache HTTP Server Version 2.4 [ http://ur1.ca/iagb5 ]Oct 03 08:31
schestowitz__> "^http://www.tuxmachines.org/.*ubuntuforums.org" bogusOct 03 08:31
schestowitz__>         <Location />Oct 03 08:31
schestowitz__>                 Order Allow,DenyOct 03 08:31
schestowitz__>                 Allow from allOct 03 08:32
schestowitz__>                 Deny from env=bogusOct 03 08:32
schestowitz__>         </Location>Oct 03 08:32
schestowitz__This causes "Internal Server Error". Was the syntac incorrect or does not require an apache extension?Oct 03 08:32
schestowitz__We enjoyed it very much too.Oct 03 10:06
schestowitz__After the meal I asked Rianne, "how do you feel?"Oct 03 10:06
schestowitz__"Ten," she replied. :-)Oct 03 10:06
schestowitz__We've put the flowers in water.Oct 03 10:06
schestowitz__> Good morning Rhianne and Roy,Oct 03 10:06
schestowitz__>Oct 03 10:06
schestowitz__> Many thanks for a very enjoyable evening. Much appreciated.Oct 03 10:06
schestowitz__>Oct 03 10:06
schestowitz__> Have a good week-end,Oct 03 10:06
schestowitz__>Oct 03 10:06
schestowitz__> Chris BOct 03 10:06
*trinite (~trinite@41.66.28.73) has joined #techbytesOct 03 12:10
*trinite has quit (Ping timeout: 260 seconds)Oct 03 12:52
*trinite (~trinite@41.66.28.72) has joined #techbytesOct 03 13:05
*trinite has quit (Ping timeout: 260 seconds)Oct 03 13:15
*trinite (~trinite@41.66.28.80) has joined #techbytesOct 03 13:28
*trinite has quit (Client Quit)Oct 03 13:30
*libertyboxes has quit (Quit: Konversation terminated!)Oct 03 14:17
**** BEGIN LOGGING AT Sat Oct 11 09:36:24 2014
BACKUP
*schestowitz_log_ has quit (Remote host closed the connection)Sep 28 08:38
*schestowitz has quit (Read error: Connection reset by peer)Sep 28 08:38
*schestowitz (~schestowi@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesSep 28 08:38
*schestowitz has quit (Changing host)Sep 28 08:38
*schestowitz (~schestowi@unaffiliated/schestowitz) has joined #techbytesSep 28 08:38
*schestowitz_log_ (~schestowi@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesSep 28 08:38
*schestowitz_log_ has quit (Changing host)Sep 28 08:38
*schestowitz_log_ (~schestowi@unaffiliated/schestowitz) has joined #techbytesSep 28 08:38
*pidgin_log1 has quit (Quit: Leaving.)Sep 29 08:29
*schestowitz__ has quit (Quit: Konversation term)Sep 29 08:38
*schestowitz__ (~schestowi@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesSep 29 13:03
*schestowitz__ has quit (Changing host)Sep 29 13:03
*schestowitz__ (~schestowi@unaffiliated/schestowitz) has joined #techbytesSep 29 13:03
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesSep 29 13:03
schestowitz__https://joindiaspora.com/posts/4823532Sep 30 00:25
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: When the most secretive government (that seeks to jail journalists) talks about "open source" it's openwashing (PR) http://technical.ly/dc/2014/09/29/us-craft-open-source-policy-next-year/Sep 30 00:25
schestowitz__"The words are nice and there has been a little progress in those limited ways. It's just not fast enough or real enough."Sep 30 00:25
-TechBytesBot/#techbytes--> technical.ly | US to craft open source policy by next year - Technical.ly DC [ http://ur1.ca/i9k5x ]Sep 30 00:25
schestowitz__https://joindiaspora.com/posts/4822562Sep 30 00:25
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: Tesla Breaks The World! Released For Linux http://www.gamingonlinux.com/articles/tesla-breaks-the-world-released-for-linux.4378/ #games #gnu #linuxSep 30 00:25
-TechBytesBot/#techbytes--> www.gamingonlinux.com | Tesla Breaks The World! Released For Linux | GamingOnLinux [ http://ur1.ca/i9k69 ]Sep 30 00:25
schestowitz__"Cool stuff!"Sep 30 00:25
schestowitz__https://joindiaspora.com/posts/4823462Sep 30 00:26
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: Data Shows That #Chromebook , Mac Sales Are Eating Into Windows' Share http://ostatic.com/blog/data-shows-that-chromebook-mac-sales-are-eating-into-windows-share #gnu #linuxSep 30 00:26
-TechBytesBot/#techbytes--> ostatic.com | Data Shows That Chromebook, Mac Sales Are Eating Into Windows' Share [ http://ur1.ca/i9hvv ]Sep 30 00:26
schestowitz__http://173.20.223.0/photo_album/chron/2014/2014_01_17-bcbe_laptop_policies/Sep 30 00:26
-TechBytesBot/#techbytes-173.20.223.0 | BCBE Laptops [ http://ur1.ca/i9k6l ]Sep 30 00:26
schestowitz__"There are limits to what can be done, but gnu/linux can do it better and cheaper. My daughter is in one of the mac programs which are oppression sold through promises of equality and freedom. Apple is also a big headache for me, with really nasty formats etc. Chromebook programs are probably a little better because Google is not as awful as Apple is. US law requires non free software on the computers, so students can't trust them."Sep 30 00:26
schestowitz__"odd, I goofed the link to Penn Manor High School's GNU/Linux laptop program."Sep 30 00:26
schestowitz__and again! http://opensource.com/education/14/9/open-source-high-schoolSep 30 00:26
-TechBytesBot/#techbytes-opensource.com | Linux laptop learning initiative at Penn Manor High School | Opensource.com [ http://ur1.ca/i5t0w ]Sep 30 00:27
schestowitz__https://twitter.com/schestowitz/status/516743995784175616Sep 30 00:28
-TechBytesBot/#techbytes-@schestowitz: "Mainstream" today means imperialism. "Freedom" means Western values. "Voting" means selecting between tyrants.Sep 30 00:28
schestowitz__https://twitter.com/schestowitz/status/516743995784175616  https://twitter.com/schestowitz/status/516745966154956800Sep 30 00:30
-TechBytesBot/#techbytes-@schestowitz: "I don't like president X." "Then again, presidential candidate Y was even worse." Corporations love (and fund) both X and Y. So who voted?Sep 30 00:30
*libertybox_ has quit (Remote host closed the connection)Sep 30 01:40
*libertyboxes (~liberty@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesSep 30 01:41
*TechBytesBot has quit (Ping timeout: 245 seconds)Sep 30 02:16
*TechBytesBot (~b0t@mail.copilotco.com) has joined #techbytesSep 30 07:51
TechBytesBotHello World! I'm TechBytesBot running phIRCe v0.75Sep 30 07:51
*liberty_back has quit (Ping timeout: 258 seconds)Oct 01 00:44
*libertyboxes has quit (Ping timeout: 240 seconds)Oct 01 00:45
*liberty_back (~Liberium@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 01 01:03
*libertyboxes (~liberty@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 01 01:03
*Disconnected ().Oct 01 12:13
**** ENDING LOGGING AT Wed Oct 1 12:13:04 2014
**** BEGIN LOGGING AT Wed Oct 1 12:17:28 2014
*Now talking on #techbytesOct 01 12:17
*Topic for #techbytes is: Welcome to the official channel of the TechBytes AudiocastOct 01 12:17
*Topic for #techbytes set by ThistleWeb!~gordon@unaffiliated/thistleweb at Wed Jan 5 20:55:35 2011Oct 01 12:17
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 01 12:17
*schestowitz__ (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 01 12:17
*pidgin_log has quit (Quit: Leaving.)Oct 01 12:25
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 01 12:27
*MinceR_ (~mincer@unaffiliated/mincer) has joined #techbytesOct 01 16:20
*MinceR has quit (Read error: Connection reset by peer)Oct 01 16:22
*MinceR_ is now known as MinceROct 01 16:23
*Disconnected (Connection reset by peer).Oct 02 02:11
**** ENDING LOGGING AT Thu Oct 2 02:11:55 2014
**** BEGIN LOGGING AT Thu Oct 2 02:12:19 2014
*Now talking on #techbytesOct 02 02:12
*Topic for #techbytes is: Welcome to the official channel of the TechBytes AudiocastOct 02 02:12
*Topic for #techbytes set by ThistleWeb!~gordon@unaffiliated/thistleweb at Wed Jan 5 20:55:35 2011Oct 02 02:12
schestowitz__https://joindiaspora.com/posts/4834737Oct 02 05:04
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: #privacy aids pedophilia in the same way that kitchen knives aid domestic violence and privacy helped US become independent from the BritishOct 02 05:04
schestowitz__"And the telephone helps blackmail."Oct 02 05:04
schestowitz__https://joindiaspora.com/posts/4837470Oct 02 05:06
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: Stories about #drones are heartbreaking. The poor "pilots"... think of the pilots! http://www.startribune.com/lifestyle/health/277403011.htmlOct 02 05:06
schestowitz__"The hypocrisy, the doublethink, the special pleading. You're right of course. And yet... it is damaging to the integrity of a human being to do this kind of thing; not just drone "piloting" but anything involving killing people. It's a simple message: yes, killing people is bad for you. It's wrong to ignore or downplay their victims, but it's not wrong to focus on the dehumanizing of the perpetrators as well as ending the crimes theyOct 02 05:06
-TechBytesBot/#techbytes--> www.startribune.com | Drone operators return to combat amid growing research they can suffer emotional strain, PTSD | Star Tribune [ http://ur1.ca/ia96h ]Oct 02 05:06
schestowitz__commit, as a lower priority certainly but still an important consideration. It may also provide a way to be heard where power and wealth usually turn a deaf ear to arguments from morality and law, and where the complacent, complicit majority are usually happy simply to fall in line with whatever warmongering power and wealth want."Oct 02 05:06
schestowitz__"It's good to have stories where the perpetrators say, "I did a bad thing and regret it.""Oct 02 05:06
schestowitz__"Really? They did? When? Which "Western Media"? They all seemed to echo the Zionist line pretty faithfully, especially in the USA. There were petitions about the BBC's flagrant bias and selectivity, which were well-supported by objective research showing the frequency of the broadcaster's one-sided misinformation concerning Israel. "Lynched"? My arse. Western Media coverage always loyally mirrors the core belief of Zionism thatOct 02 05:09
schestowitz__gentile Arab life is worth less than Jewish Israeli life -- much, much less. Those few reporters who come close to telling the story straight get fired, as happened twice in the USA during the IDF assault on Gaza (reversed in one case because of the subsequent outcry). I'd like to ask the author for a few citations. Note that there is not one supporting article linked or cited until halfway down, and even that -- from the ciapost,Oct 02 05:09
schestowitz__always loyal to Israel -- dutifully peddles the lie that Hamas was to blame for the "most moral army in the world" with its "pinpoint accuracy" and "unique restraint" killing 16 children in a school being used as a UN shelter which (the article does not mention) the UN had directly identified to the IDF multiple times, including no more than one hour earlier. Somehow we are to agree that this gutless, temporizing, servile coverageOct 02 05:09
schestowitz__constitutes "slander" of the wonderful, spotless, guiltless Israeli war machine, which of course cannot be doing wrong in any sense. He also includes the lie used as cassus belli that supposedly -- somehow, who knows how -- justifies the pogrom on Gaza, that the assault was somehow a just response to the (certainly true) murder of three Israeli teens in the occupied West Bank (not Gaza). Never mind that Israel claims to be a WesternOct 02 05:09
schestowitz__democracy with the rule of law, where it would presumably be a matter for law enforcement and the courts to deal with such murders using due process; never mind the immediately preceding murders of Palestinian teens by settlers and IDF soldiers, or the constant, unceasing drip-drip of IDF- and settler-spilled Palestinian children's blood over the last twelve years, given zero coverage in the purportedly Israel-bashing Western Media;Oct 02 05:09
schestowitz__those don't count, of course; never mind the now-revealed certain knowledge that Netanyahu had as to the boys' fate days before the bogus "search" and concomitant whipping-up of Israeli fury were going on. This is vile stuff, Roy."Oct 02 05:09
schestowitz__https://joindiaspora.com/posts/4837407Oct 02 05:09
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: Western Media blasted Israel over casualties; mostly quiet now http://www.digitaljournal.com/news/politics/op-ed-western-media-blasted-israel-over-casualties-mostly-quiet-now/article/406260 #nato does the same thingOct 02 05:09
-TechBytesBot/#techbytes--> www.digitaljournal.com | Op-Ed: Western Media blasted Israel over casualties; mostly quiet now [ http://ur1.ca/ia97c ]Oct 02 05:09
schestowitz__>     By the way, I am officially putting some parts of London's official WebOct 02 05:13
schestowitz__>     site (london.gov.uk) on OpenStreetView instead of Google Maps, havingOct 02 05:13
schestowitz__>     helped now for a year to put them on Drupal (GPL).Oct 02 05:13
schestowitz__>Oct 02 05:13
schestowitz__> That is good.Oct 02 05:13
schestowitz__>Oct 02 05:13
schestowitz__> Is OpenStreetView different from OpenStreetMap?Oct 02 05:13
schestowitz__>Oct 02 05:13
schestowitz__> I wish the OpenStreetMap web site worked without running nonfreeOct 02 05:13
schestowitz__> Javascript.  At present, I can't actually use it, those web sites areOct 02 05:13
schestowitz__> therefore sending nonfree JS code to the users!  I asked OpenStreetMapOct 02 05:13
schestowitz__> to fix this and they refused.Oct 02 05:13
schestowitz__If they can implement a fallback for interactive maps, they probably should. JS-less interaction is not hard to make. I guess their priorities are different at the moment.Oct 02 05:13
schestowitz__^RMSOct 02 05:13
MinceRcould run a dedicated OSM viewer insteadOct 02 06:12
MinceRlike OsmAnd :>Oct 02 06:12
schestowitz__http://mediamatters.org/blog/2014/10/01/nro-forgets-its-defense-of-scalia-speeches-as-i/200979Oct 02 09:03
-TechBytesBot/#techbytes-mediamatters.org | NRO Forgets Its Defense Of Scalia Speeches As It Continues To Attack Ginsburg | Blog | Media Matters for America [ http://ur1.ca/iab4i ]Oct 02 09:03
schestowitz__https://twitter.com/zoobab/status/517603106176401408Oct 02 10:14
-TechBytesBot/#techbytes-@zoobab: @schestowitz I am not sure Stallman would not agree more with me. DRM and MP4 are in Firefox.Oct 02 10:14
schestowitz__FSF makes a derivative that RMS recommends when asked about Firefox (as he did recently); by no means does he boycott FirefoxOct 02 10:15
schestowitz__and the same for Google; months ago he said that Google contributes to Free software with funding (GSOC) but has non-free JSOct 02 10:15
*MinceR_ (~mincer@unaffiliated/mincer) has joined #techbytesOct 03 02:40
*MinceR has quit (Ping timeout: 260 seconds)Oct 03 02:42
*pidgin_log has quit (Quit: Leaving.)Oct 03 04:00
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 03 04:00
schestowitz__> I looked at PFSense ages ago but then decided plain OpenBSD was easierOct 03 05:22
schestowitz__> and defintely more flexible.  Nowadays, PF is far more advanced onOct 03 05:22
schestowitz__> OpenBSD.  FreeBSD (pfsense) and NetBSD have fallen behind.  The featureOct 03 05:22
schestowitz__> relevant here in either version of PF would be tables, because tableOct 03 05:22
schestowitz__> entries can be expired based on how long they've been inactive.  varnishOct 03 05:22
schestowitz__> can, of course, also run on OpenBSD.Oct 03 05:23
schestowitz__>Oct 03 05:23
schestowitz__> Attached is a sketch in perl of an idea for iptables.  It usesOct 03 05:23
schestowitz__> varnishncsa to get a formatted log entry.  It then echos iptables rulesOct 03 05:23
schestowitz__> to stdout.  Lines 9 and 10 would need to be modified to make it actuallyOct 03 05:23
schestowitz__> run iptables.Oct 03 05:23
schestowitz__>Oct 03 05:23
schestowitz__> The rules it would add can be removed from the input chain with grep:Oct 03 05:23
schestowitz__>Oct 03 05:23
schestowitz__> iptables-save | grep -v DDOS | iptables-restoreOct 03 05:23
schestowitz__>Oct 03 05:23
schestowitz__> but that is without regard to age.  Only port 80 is blocked to preventOct 03 05:23
schestowitz__> locking ssh accidentally and because general, non-http attacks can onlyOct 03 05:23
schestowitz__> be dealt with at the router if I understand correctly.Oct 03 05:23
schestowitz__>Oct 03 05:23
schestowitz__> The -A appends also count on the fact that at the start of the chainOct 03 05:23
schestowitz__> there is a rule to let in established connections, to prevent excessiveOct 03 05:23
schestowitz__> processing.Oct 03 05:23
schestowitz__>Oct 03 05:23
schestowitz__> iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED \Oct 03 05:23
schestowitz__> -j ACCEPTOct 03 05:23
schestowitz__>Oct 03 05:23
schestowitz__> Unfortunately for new TCP connections to port 80, legitimate hosts willOct 03 05:23
schestowitz__> have to go through the whole chain the first time.Oct 03 05:23
schestowitz__Overnight the attacks started hammering on the forums too.Oct 03 05:23
schestowitz__BUT... recently most attacks hit the front page, and they use junk referrer... and it's always Windows NT of various versions.Oct 03 05:23
schestowitz__Is there a simple way to make apache .htaccess block something like the following (without blocking legit users)?Oct 03 05:23
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:45 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=8&quicktabs_socialmedia=0&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 YaBrowser/14.7.1916.15705 Safari/537.36"Oct 03 05:23
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=8&quicktabs_socialmedia=0&quicktabs_bottomtabs=1 )Oct 03 05:23
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:44 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/158-jim-zemlin/543081-zuckerberg-is-spot-on-with-hacker-way-but-the-linux-community-already-knew-th?page=4&order=type&sort=asc&quicktabs_authors=0&quicktabs_bottomtabs=2&quicktabs_socialmedia=1" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36Oct 03 05:23
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/158-jim-zemlin/543081-zuckerberg-is-spot-on-with-hacker-way-but-the-linux-community-already-knew-th?page=4&order=type&sort=asc&quicktabs_authors=0&quicktabs_bottomtabs=2&quicktabs_socialmedia=1 )Oct 03 05:23
schestowitz__0.1985.143 Safari/537.36"Oct 03 05:23
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:42 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/167-amanda-mcpherson/news/special-feature/linux-developers?page=7&order=title&sort=asc&quicktabs_socialmedia=1&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"Oct 03 05:23
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/167-amanda-mcpherson/news/special-feature/linux-developers?page=7&order=title&sort=asc&quicktabs_socialmedia=1&quicktabs_bottomtabs=1 )Oct 03 05:23
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:46 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=7&order=type&sort=asc&quicktabs_bottomtabs=1&quicktabs_socialmedia=0" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36"Oct 03 05:23
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=7&order=type&sort=asc&quicktabs_bottomtabs=1&quicktabs_socialmedia=0 )Oct 03 05:23
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:45 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/www.netways.org/projects/learn/tutorials/kde-style-qtcurve?page=8&order=title&sort=asc&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36"Oct 03 05:23
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/www.netways.org/projects/learn/tutorials/kde-style-qtcurve?page=8&order=title&sort=asc&quicktabs_bottomtabs=1 )Oct 03 05:23
schestowitz__127.0.0.1 - - [02/Oct/2014:21:33:01 -0700] "GET /modules/forum/forum.css?a HTTP/1.0" 403 310 "-" "-"Oct 03 05:23
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:44 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/167-amanda-mcpherson/gstreamer0.10-plugins-ugly,gstreamer0.10-plugins-ffmpeg?page=5&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36 OPR/23.0.1522.77"Oct 03 05:23
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/news/featured-blogs/167-amanda-mcpherson/gstreamer0.10-plugins-ugly,gstreamer0.10-plugins-ffmpeg?page=5&quicktabs_bottomtabs=1 )Oct 03 05:23
schestowitz__10.0.2.11 - - [02/Oct/2014:21:33:04 -0700] "GET /forum/11 HTTP/1.1" 403 292 "-" "magpie-crawler/1.1 (U; Linux amd64; en-GB; +http://www.brandwatch.net)"Oct 03 05:23
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:48 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&order=name&sort=desc&quicktabs_authors=1&quicktabs_socialmedia=1&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0"Oct 03 05:23
-TechBytesBot/#techbytes-www.brandwatch.com | Social Media Monitoring and Analytics Tools - BrandwatchOct 03 05:23
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&order=name&sort=desc&quicktabs_authors=1&quicktabs_socialmedia=1&quicktabs_bottomtabs=1 )Oct 03 05:23
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:53 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/community/contests-and-polls/contests/tshirt-design-contest-2012?page=6&quicktabs_bottomtabs=1&quicktabs_socialmedia=1" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36 OPR/23.0.1522.77"Oct 03 05:23
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/community/contests-and-polls/contests/tshirt-design-contest-2012?page=6&quicktabs_bottomtabs=1&quicktabs_socialmedia=1 )Oct 03 05:23
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:51 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=7&order=comment_count&sort=desc&quicktabs_bottomtabs=1&quicktabs_authors=2" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.143 Safari/537.36 OPR/23.0.1522.77"Oct 03 05:24
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=7&order=comment_count&sort=desc&quicktabs_bottomtabs=1&quicktabs_authors=2 )Oct 03 05:24
schestowitz__10.0.2.11 - - [02/Oct/2014:21:29:51 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&quicktabs_authors=1&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 YaBrowser/14.7.1916.15705 Safari/537.36"Oct 03 05:24
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&quicktabs_authors=1&quicktabs_bottomtabs=1 )Oct 03 05:24
schestowitz__10.0.2.11 - - [02/Oct/2014:21:30:05 -0700] "GET / HTTP/1.0" 200 128473 "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&quicktabs_socialmedia=0&quicktabs_bottomtabs=1" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.102 Safari/537.36"Oct 03 05:24
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=5&quicktabs_socialmedia=0&quicktabs_bottomtabs=1 )Oct 03 05:24
*schestowitz__ has quit (Quit: Konversation term)Oct 03 05:51
*schestowitz__ (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 03 05:52
*MinceR_ is now known as MinceROct 03 06:12
schestowitz__>> Overnight the attacks started hammering on the forums too.Oct 03 07:34
schestowitz__> :(Oct 03 07:34
schestowitz__>Oct 03 07:34
schestowitz__>> > BUT... recently most attacks hit the front page, and they use junkOct 03 07:34
schestowitz__>> > referrer... and it's always Windows NT of various versions.Oct 03 07:34
schestowitz__>> >Oct 03 07:34
schestowitz__>> > Is there a simple way to make apache .htaccess block something like theOct 03 07:34
schestowitz__>> > following (without blocking legit users)?Oct 03 07:34
schestowitz__>> >Oct 03 07:34
schestowitz__>> >Oct 03 07:34
schestowitz__>> > 10.0.2.11 - - [02/Oct/2014:21:29:45 -0700] "GET / HTTP/1.0" 200 128473Oct 03 07:34
schestowitz__>> > "http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=8&quicktabs_socialmedia=0&quicktabs_bottomtabs=1"Oct 03 07:34
-TechBytesBot/#techbytes- ( status 403 @ http://www.tuxmachines.org/aggregator/ubuntu.com/ubuntuforums.org/bugs.launchpad.net/news/special-feature/linux-developers/wine?page=8&quicktabs_socialmedia=0&quicktabs_bottomtabs=1 )Oct 03 07:34
schestowitz__>> > "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, likeOct 03 07:34
schestowitz__>> > Gecko) Chrome/35.0.1916.153 YaBrowser/14.7.1916.15705 Safari/537.36"Oct 03 07:34
schestowitz__> You could use SetEnvIf [1]Oct 03 07:34
schestowitz__>Oct 03 07:34
schestowitz__>         SetEnvIf RefererOct 03 07:34
schestowitz__> "^http://www.tuxmachines.org/.*ubuntuforums.org" bogusOct 03 07:34
-TechBytesBot/#techbytes- ( status 404 @ http://www.tuxmachines.org/.*ubuntuforums.org )Oct 03 07:34
schestowitz__>         <Location />Oct 03 07:34
schestowitz__>                 Order Allow,DenyOct 03 07:34
schestowitz__>                 Allow from allOct 03 07:34
schestowitz__>                 Deny from env=bogusOct 03 07:34
schestowitz__>         </Location>Oct 03 07:35
schestowitz__>Oct 03 07:35
schestowitz__>Oct 03 07:35
schestowitz__> Repeat the setenvif directive as many times as needed.  I'm not sure howOct 03 07:35
schestowitz__> much this slows things down but it will be less than running PHP, IOct 03 07:35
schestowitz__> think.  It works for <Directory> and <Location>Oct 03 07:35
schestowitz__>Oct 03 07:35
schestowitz__> I'm not sure if that works in .htaccess, but it does work in the regularOct 03 07:35
schestowitz__> vhost's configuration file.Oct 03 07:35
schestowitz__>Oct 03 07:35
schestowitz__> Regards,Oct 03 07:35
schestowitz__>Oct 03 07:35
schestowitz__> [1]https://httpd.apache.org/docs/2.4/mod/mod_setenvif.html#setenvifOct 03 07:35
schestowitz__>         SetEnvIf RefererOct 03 07:35
-TechBytesBot/#techbytes-httpd.apache.org | mod_setenvif - Apache HTTP Server Version 2.4 [ http://ur1.ca/iagb5 ]Oct 03 07:35
schestowitz__> "^http://www.tuxmachines.org/.*ubuntuforums.org" bogusOct 03 07:35
schestowitz__>         <Location />Oct 03 07:35
schestowitz__>                 Order Allow,DenyOct 03 07:35
schestowitz__>                 Allow from allOct 03 07:35
schestowitz__>                 Deny from env=bogusOct 03 07:35
schestowitz__>         </Location>Oct 03 07:35
schestowitz__This causes "Internal Server Error". Was the syntac incorrect or does not require an apache extension?Oct 03 07:35
schestowitz__We enjoyed it very much too.Oct 03 09:09
schestowitz__After the meal I asked Rianne, "how do you feel?"Oct 03 09:09
schestowitz__"Ten," she replied. :-)Oct 03 09:09
schestowitz__We've put the flowers in water.Oct 03 09:09
schestowitz__> Good morning Rhianne and Roy,Oct 03 09:09
schestowitz__>Oct 03 09:09
schestowitz__> Many thanks for a very enjoyable evening. Much appreciated.Oct 03 09:09
schestowitz__>Oct 03 09:09
schestowitz__> Have a good week-end,Oct 03 09:09
schestowitz__>Oct 03 09:09
schestowitz__> Chris BOct 03 09:09
*trinite (~trinite@41.66.28.73) has joined #techbytesOct 03 11:13
*trinite has quit (Ping timeout: 260 seconds)Oct 03 11:56
*trinite (~trinite@41.66.28.72) has joined #techbytesOct 03 12:08
*trinite has quit (Ping timeout: 260 seconds)Oct 03 12:19
*trinite (~trinite@41.66.28.80) has joined #techbytesOct 03 12:32
*trinite has quit (Client Quit)Oct 03 12:33
*libertyboxes has quit (Quit: Konversation terminated!)Oct 03 13:21
*liberty_back has quit (Remote host closed the connection)Oct 03 13:21
*roy (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 04 02:47
*schestowitz has quit (*.net *.split)Oct 04 03:00
*roy has quit (Read error: No route to host)Oct 04 09:52
*schestowitz_log_ has quit (Read error: Connection reset by peer)Oct 04 09:52
*schestowitz_log_ (~schestowi@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 04 09:52
*schestowitz_log_ has quit (Changing host)Oct 04 09:52
*schestowitz_log_ (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 04 09:52
*schestowitz (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 04 09:52
*Disconnected (Connection timed out).Oct 04 10:49
**** ENDING LOGGING AT Sat Oct 4 10:49:18 2014
**** BEGIN LOGGING AT Sat Oct 4 10:49:42 2014
*Now talking on #techbytesOct 04 10:49
*Topic for #techbytes is: Welcome to the official channel of the TechBytes AudiocastOct 04 10:49
*Topic for #techbytes set by ThistleWeb!~gordon@unaffiliated/thistleweb at Wed Jan 5 20:55:35 2011Oct 04 10:49
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 04 10:50
*Disconnected ().Oct 04 14:43
**** ENDING LOGGING AT Sat Oct 4 14:43:58 2014
**** BEGIN LOGGING AT Sat Oct 4 14:44:14 2014
*Now talking on #techbytesOct 04 14:44
*Topic for #techbytes is: Welcome to the official channel of the TechBytes AudiocastOct 04 14:44
*Topic for #techbytes set by ThistleWeb!~gordon@unaffiliated/thistleweb at Wed Jan 5 20:55:35 2011Oct 04 14:44
*schestowitz_log_ (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 04 14:54
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 04 14:57
*pidgin_log has quit (Ping timeout: 260 seconds)Oct 04 15:19
*schestowitz_log_ has quit (Ping timeout: 272 seconds)Oct 04 15:20
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 04 15:33
*schestowitz_log_ (~schestowi@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 04 15:33
*schestowitz_log_ has quit (Changing host)Oct 04 15:33
*schestowitz_log_ (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 04 15:33
*Disconnected (Connection timed out).Oct 04 16:17
**** ENDING LOGGING AT Sat Oct 4 16:17:34 2014
**** BEGIN LOGGING AT Sat Oct 4 16:18:00 2014
*Now talking on #techbytesOct 04 16:18
*Topic for #techbytes is: Welcome to the official channel of the TechBytes AudiocastOct 04 16:18
*Topic for #techbytes set by ThistleWeb!~gordon@unaffiliated/thistleweb at Wed Jan 5 20:55:35 2011Oct 04 16:18
*schestowitz_log_ (~schestowi@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 04 16:19
*schestowitz_log_ has quit (Changing host)Oct 04 16:19
*schestowitz_log_ (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 04 16:19
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 04 16:20
*Disconnected (Connection timed out).Oct 04 16:39
**** ENDING LOGGING AT Sat Oct 4 16:39:34 2014
**** BEGIN LOGGING AT Sat Oct 4 16:39:58 2014
*Now talking on #techbytesOct 04 16:39
*Topic for #techbytes is: Welcome to the official channel of the TechBytes AudiocastOct 04 16:39
*Topic for #techbytes set by ThistleWeb!~gordon@unaffiliated/thistleweb at Wed Jan 5 20:55:35 2011Oct 04 16:39
*schestowitz__ has quit (Ping timeout: 244 seconds)Oct 04 16:40
*schestowitz__ (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 04 16:40
*pidgin_log (~roy@host109-155-95-145.range109-155.btcentralplus.com) has joined #techbytesOct 04 16:41
*Disconnected ().Oct 04 17:08
**** ENDING LOGGING AT Sat Oct 4 17:08:18 2014
**** BEGIN LOGGING AT Sat Oct 4 17:08:55 2014
*Now talking on #techbytesOct 04 17:08
*Topic for #techbytes is: Welcome to the official channel of the TechBytes AudiocastOct 04 17:08
*Topic for #techbytes set by ThistleWeb!~gordon@unaffiliated/thistleweb at Wed Jan 5 20:55:35 2011Oct 04 17:08
*schestowitz_log_ has quit (Ping timeout: 272 seconds)Oct 04 17:08
*pidgin_log has quit (Ping timeout: 240 seconds)Oct 04 17:09
*pidgin_log (~roy@host109-155-92-45.range109-155.btcentralplus.com) has joined #techbytesOct 04 17:09
*pidgin_log has quit (Client Quit)Oct 04 17:10
*schestowitz_log_ (~schestowi@host109-155-92-45.range109-155.btcentralplus.com) has joined #techbytesOct 04 17:23
*schestowitz_log_ has quit (Changing host)Oct 04 17:23
*schestowitz_log_ (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 04 17:23
schestowitz_bed2https://joindiaspora.com/posts/4855216Oct 04 18:48
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: #nsa wants #privacy - for itself only http://www.nationallawjournal.com/legaltimes/home/id=1202671897895/NSA-Hearing-in-the-DC-Circuit-Will-Not-Be-Televised?mcode=1202615432600&curindex=0&back=NLJ&slreturn=20140904101646 http://www.courthousenews.com/2014/09/30/71961.htmOct 04 18:48
schestowitz_bed2"If they have nothing to fear have nothing to hide."Oct 04 18:48
-TechBytesBot/#techbytes--> www.nationallawjournal.com | NSA Hearing in the D.C. Circuit Will Not Be Televised | Legal Times [ http://ur1.ca/ian83 ]Oct 04 18:48
-TechBytesBot/#techbytes--> www.courthousenews.com | Courthouse News Service [ http://ur1.ca/ian84 ]Oct 04 18:48
schestowitz_bed2https://joindiaspora.com/posts/4848145Oct 04 18:49
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: Number of civilians killed by #us -launched rockets in #syria and #iraq probably about 10x times the number of beheaded journalists (so far)Oct 04 18:49
schestowitz_bed2"The difference is that the folks beheaded were free to not go there in the first place."Oct 04 18:49
schestowitz_bed2https://joindiaspora.com/posts/4855424Oct 04 18:50
-TechBytesBot/#techbytes-@schestowitz@joindiaspora.com: Non-US citizens are without rights http://www.newsmax.com/Newsfront/Internet-NSA-FBI-CIA/2014/09/29/id/597510/Oct 04 18:50
schestowitz_bed2"We have the right to encrypt everything and avoid US services."Oct 04 18:50
-TechBytesBot/#techbytes--> www.newsmax.com | Feds Could Access Foreign Online Data Under New Court Ruling [ http://ur1.ca/ian8m ]Oct 04 18:50
schestowitz_bed2> Yes, it will apply to all the sites being serviced by the varnishOct 04 19:00
schestowitz_bed2> server.  If we are lucky there will be settings that will not be noticedOct 04 19:00
schestowitz_bed2> by legitimate users of all the sites there yet still zap the heavy typeOct 04 19:00
schestowitz_bed2> of attack.Oct 04 19:00
schestowitz_bed2>Oct 04 19:00
schestowitz_bed2> tcpdump seems to be built into CentOS 6, so you could use that to take aOct 04 19:00
schestowitz_bed2> guess at how many tcp packets your server receives when serving a webOct 04 19:00
schestowitz_bed2> page, to come up with an educated guess for initial settings.Oct 04 19:00
schestowitz_bed2The attacks on both sites (I watch tail -f log | grep NT in real time) are still slow. I hope this is the beginning of the end. This morning I told Tracy about the DDOS attacks, in case I need to alter something at Varnish level.Oct 04 19:00
schestowitz_bed2> I've been thinking about rpaf + mod_evasive some more.  I think youOct 04 19:02
schestowitz_bed2> could try it on the VM you set up to experiment with.  If the load onOct 04 19:02
schestowitz_bed2> the web server is from PHP+db then that should take care of it, mostly,Oct 04 19:02
schestowitz_bed2> without need of contacting the varnish server at all.  The downsides areOct 04 19:02
schestowitz_bed2> that mod_evasive is in the EPEL repository and that rpaf is more or lessOct 04 19:02
schestowitz_bed2> abandoned.Oct 04 19:02
schestowitz_bed2>Oct 04 19:02
schestowitz_bed2> About the perl script, if you do consider trying it, the varnishncsaOct 04 19:02
schestowitz_bed2> pipe needs a -m option to limit it to queries to TM and TR.Oct 04 19:02
schestowitz_bed2I reckon we'll use it soon. Maybe the attacker is asleep or away. Maybe the zombies PCs were partly switched off for the weekend.Oct 04 19:02
*schestowitz_bed2 has quit (Quit: Konversation term)Oct 04 19:07
*schestowitz (~schestowi@unaffiliated/schestowitz) has joined #techbytesOct 04 19:08

Generated by irclog2html.py 2.6 by Marius Gedminas - find it at mg.pov.lt!