|
Proteus Jones posted:If I could get reliable high speed internet, I'd become a remote-working, mountain-man hermit so fast your head would spin. Moatman posted:That's always the hard part. I'd love to move into one of those old missile silos or an Alaskan log cabin or something but decent internet is just so hard to come by out there I basically do this. It's fun for the first few months but after over 18 months it gets really, really lonely.
|
# ¿ Jan 2, 2018 04:49 |
|
|
# ¿ May 13, 2024 02:35 |
|
I have a 27 inch screen 1440p screen and I hate it. Its way too big. My 24 inch screen is also 1080p which is dreadfully low res compared to my laptop's 19 or whatever inch screen at 1440p. If I had two secondary screens that were 24 inch 1440p I'd be very happy.
|
# ¿ Jan 3, 2018 00:04 |
|
We spent more than twice the value of my house on bullshit machine learning blackbox ddos mitigation devices that I currently have in passive mode doing nothing because I don't trust them to not be invisibly loving up everything. Buying these things were almost certainly the worst mistakes we made when building out a datacenter. We could have purchased 50gbps of bandwidth for 5 years for what we spent on these loving things. Several times these things have caused horrible horrible impossible to troubleshoot cascading failures. For example, something goes wrong so logging spikes. The spike in logging triggers some ML horseshit to start invisibly dropping traffic to or from AWS (because thats where our logging services were hosted) because this spike of traffic is an anomaly. Same for DNS What happens when logging traffic or DNS gets dropped? Obviously you send more to log the failure to log or request DNS again. Never again. Methanar fucked around with this message at 04:00 on Jan 9, 2018 |
# ¿ Jan 9, 2018 03:57 |
|
Judge Schnoopy posted:Could you lower the sensitivity so it would take a disaster-level ddos to trigger action? No* tldr A huge amount of our traffic is UDP and my WAN traffic is very asymmetric. There is zero way that I can enforce that traffic exits through the same ddos appliance that it enters. This means it is impossible for these things to have any meaningful view of what UDP traffic is actually doing, and TCP traffic insight is reduced. Also unless I whitelist all of amazon's blocks which is pretty close to removing the device from service entirely like I have right now, I can never guarantee that IPs are going to be within a given whitelist. DNS whitelisting isn't a thing. The way the thresholds are generated, if an IP suddenly moves it will almost certainly immediately be flagged as anomalous and almost certainly blocked until a human intervenes because log transmission is continous and will look like an attack. Ultra simplified view wan1 -> ddos1 -> network | wan2 -> ddos2 -> network | The real answer to ddos mitigation is don't even remotely try to do it yourself. Properly harden your nginx or haproxy instances to flush their connection tables as necessary to avoid the low hanging fruit. If anything volumetric happens, pray that you chose a provider that supports bgp community strings to blackhole traffic then use that and the source is something that is reasonable to blackhole, not the entirety of comcast or something. Anything more serious of a problem or larger scale than that, you need to do bigger things like have a geographically distributed presence and do fancy things with BGP any casting and using sacrificial sites Methanar fucked around with this message at 06:20 on Jan 9, 2018 |
# ¿ Jan 9, 2018 04:48 |
|
Jaded Burnout posted:⌘/CTRL+L ctrl t
|
# ¿ Jan 10, 2018 23:25 |
|
Honestly drawing unemployment doesn't sound like that bad of an alternative. If you're in a backwater low cost of living area. Look at doing some kind of wfh call center/ support work
|
# ¿ Jan 21, 2018 19:32 |
|
Malek posted:In all seriousness, I would like to see this announcement https://kb.vmware.com/s/article/52345 Can't find the original Intel announcement, but here is VMware's found it? https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/
|
# ¿ Jan 22, 2018 21:46 |
|
Kurieg posted:While you're replacing equipment make an anarchy symbol out of old ram chips and hang it above your desk. Refuse to answer any questions about it.
|
# ¿ Jan 24, 2018 20:09 |
|
GreenNight posted:There is a new condo building across from the main office, and one of the new wifi networks broadcasting is called "sendnudes". Now HR is throwing a huge fuckoff fit telling us we need to block all equipment from seeing this SSID. Build a giant faraday cage.
|
# ¿ Jan 26, 2018 19:53 |
|
Tell the kids how to beat it: show you're not the real bad guy. SSH socks proxy (with appropriate SSH keys) on port 443 to a jump box in digital ocean and shove everything through that. If DPI is a thing for some reason and all SSH traffic is being dropped still , then wrap everything in stunnel first. Methanar fucked around with this message at 09:11 on Jan 29, 2018 |
# ¿ Jan 29, 2018 09:04 |
|
Wtf, don't try to manually manage blacklists by IP. Use your firewall's content categories. https://fortiguard.com/webfilter/categories You don't need SSL inspection to block by DNS. If the kids are using DNS over HTTPS, well then let them. That's definitely not in scope of CIPA
|
# ¿ Jan 29, 2018 09:15 |
|
I have a hard time believing a device bought in the last 5 years can't properly handle what you're asking of it. But fine, you somehow do. Buy a used Fortigate 100d and FortiGuard license for like, 2000 dollars altogether on ebay and use that. But fine you can't afford that. Then buy an off-lease piece of poo poo dell server on ebay for 350 dollars and put pfSense on it. Hell, buy two and put them in active-passive with VRRP. https://doc.pfsense.org/index.php/SquidGuard_package https://www.ebay.com/itm/Dell-Power...EsAAOSwH2VaMApE Methanar fucked around with this message at 09:55 on Jan 29, 2018 |
# ¿ Jan 29, 2018 09:53 |
|
Dick Trauma posted:Had a long discussion with yet another member of the CEO's family, this time about an urgent need to set up email on our Exchange server for a domain they were going to use on a mass email. We talked about it both from a technical and marketing perspective and eventually came to an agreement on how things would be done and the timing of the changes. Adding a domain to the server and dishing out some aliases is not a big deal. You were on an email blacklist
|
# ¿ Jan 31, 2018 09:07 |
|
(don't make a loop)
|
# ¿ Feb 5, 2018 17:26 |
|
My work laptop was 3300 canadian dollars lol.
|
# ¿ Feb 13, 2018 06:05 |
|
https://www.youtube.com/watch?v=rTyIUzsxt4U
|
# ¿ Mar 17, 2018 04:28 |
|
fishmech posted:A few years back I helped a certain video editing software/hardware company when they moved offices and discovered they had a shitload of high end parts and equipment around that was still very valuable but was not needed/useful for any of the hardware they currently built. In the process of helping them sell that stuff, we figured out they had easily several hundred thousand dollars across all this poo poo that simply hadn't been tracked and was laying around. That's interesting because old computer equipment normally decays at about the same rate as bananas.
|
# ¿ Mar 17, 2018 05:07 |
|
We have so much spare crap floating around in our DC we began measuring it not by counting the units, but by weighing boxes. At one point we like 40lb of SSD and 10lb of 8gb ram sticks. Also a hilarious amount of 10g sfp modules, and at least a few ridiculous copper 3 meter QSFP -> 4 SFP splitter things that you can't even use because it uses so much electricity it gets too hot for whatever its plugged into.
|
# ¿ Mar 20, 2018 00:45 |
|
Antioch posted:I have the opposite. Good pay, excellent benefits, and a complete poo poo sandwich of an environment. It's disappointing how barren Edmonton is. If I ever need to get a real job again I'm screwed. Methanar fucked around with this message at 21:52 on Mar 20, 2018 |
# ¿ Mar 20, 2018 21:34 |
|
I said real job
|
# ¿ Mar 20, 2018 21:48 |
|
Bob Morales posted:Oh poo poo. Stuff is about to get exciting. I appreciate the diagram. Please report back
|
# ¿ Mar 23, 2018 20:20 |
|
It must be pretty embarrassing to get tackled by the IT guy of all people.
|
# ¿ Mar 23, 2018 20:27 |
|
Inspector_666 posted:And I got Grafana setup and everything using LDAP auth and this is all making me feel dangerously competent. Somebody embarrass me about basic IT knowledge, quick! Tell me how you build docker containers through jenkins running on kubernetes without loving up absolutely everything because you're trying to run a docker commands inside of a docker container managed by a resource scheduler. do not say bind /var/run/docker.sock:/var/run/docker.sock
|
# ¿ Mar 28, 2018 02:33 |
|
What are you doing in production that isn't giving engineers a place to run their things.
|
# ¿ Apr 10, 2018 02:21 |
|
1523575690 or get the gently caress out
|
# ¿ Apr 13, 2018 00:28 |
|
Nerdrock posted:Our extremely poor district comps up to $200 a year for classroom supplies. Maybe it's $250, I forget. Our area for as poor as it is, is quite fortunate. Our administration, according to my boss, are wizards with making budgets work. My wife is a teacher here. Conversely, her good friend is a teacher about 2 hours north of us in a big city, and hasn't gotten a raise in 10 years. Even in the same state, education is varies tremendously in how stuff like that is handled. If you haven't gotten a raise in 10 years, you've been given a 15% pay cut. Given the average inflation over the last 10 years of about 1.6%
|
# ¿ Apr 25, 2018 23:13 |
|
vas0line posted:PDFChat reply To CC: legal Salesdrone #23 is trying to modify legal documents and doesn't have the password. Please do the needful.
|
# ¿ Apr 29, 2018 22:36 |
|
AlexDeGruven posted:New product being POC'd (not by me)in our environment. Tell them how vCPU co-scheduling works. Don't try to give a VM more than like 8 cores at a maximum ever. If it needs more than 8, it needs to be a dedicated piece of hardware. Also unless there is a licensing concern, give things 8 vCPUs each with 1 core and not 8 vCores on one vCPU.
|
# ¿ May 4, 2018 20:16 |
|
Jaded Burnout posted:Tell that to the 50 runs of structured cable I need to punch down and keystone How much is your time worth relative to buying 50 premade cables of standard length off monoprice
|
# ¿ May 26, 2018 20:59 |
|
Super Soaker Party! posted:? A bit rude. I missed the part about it being for a house and assumed it was making custom length cables for a DC. I'd still suggest using these types of keystone in your wall plates and premade cables rather than doing it yourself. It's likely the same price in the end after buying a good crimping tool. https://www.amazon.com/VICTEK-Femal...n%3A15562490011
|
# ¿ May 27, 2018 00:14 |
|
https://www.youtube.com/watch?v=gsNaR6FRuO0 I heard this sound in 2001 https://www.youtube.com/watch?v=xp47x1EabqI God help me this is interesting. Bringing me back to my electronics 101 class where the instructor was a straight up phreaker in his younger days and had a huge hard on for analogue modems and encoding schemes. Methanar fucked around with this message at 02:46 on May 31, 2018 |
# ¿ May 31, 2018 02:40 |
|
The internet is on fire right now btw. Just spent the last hour trying to fiddle with BGP to reroute out stuff but lol level 3 transit is loving everywhere.
|
# ¿ Jun 29, 2018 19:13 |
|
blackswordca posted:As someone who used transit for a decade and a half its also limiting. Ive had good opportunities I had to turn down because I didn't drive. Plus the amount of wasted time. 30 min drive vs 2 hour bus ride each way for one job. Winter is also a killer. Standing at a bus stop in -35 plus wind chill sucks. The added expense of a car does suck, but unless your city is built around public transit then it's always going to be the most inconvenient choice. lol what how do you live without a car in edmonton. The LRT exists only to make driving worse. See: Princess elizabeth infront of nait. I guess its okay if you're a student going to U of A Methanar fucked around with this message at 19:05 on Jul 10, 2018 |
# ¿ Jul 10, 2018 19:02 |
|
Thanks Ants posted:I’ve been online for too long, so my default state was to assume adult diaper fetish.
|
# ¿ Sep 6, 2018 23:28 |
|
How well does rotational media work in zero G?
|
# ¿ Sep 12, 2018 18:09 |
|
Garrand posted:Started a job as Tier 2 support for a place that supplies internet to those apartments on college campuses that have the internet bundled in with them (amongst other places). Boy I used to hate "Gamers" but now I just really loving hate gamers. Regular calls about the nebulous "lag", slow speeds and dropped packets that suddenly all go away when I actually have them run speed tests and poo poo. I literally went through every link from this one dude's apartment to where our network ends and found nothing but all I get is "it's obviously your network's fault". Don't do any normal web speed tests. Make them UDP iperf3 to hurricane electric's server, there won't be any throttling of icmp/preferential treatment of speedtest.net.
|
# ¿ Sep 20, 2018 05:38 |
|
What volume of ICMP traffic could possible by present that warrants qos
|
# ¿ Sep 28, 2018 01:52 |
|
Proteus Jones posted:As far as deprioritizing, they’re probably tired of a not insignificant amount of traffic generated by gamers and games themselves with “latency meters” that are running all the time. I was under the impression that any sort of embedded game latency count is going to be application level udp, not icmp. Like I guess ICMP is an amplification vector but I'm still curious what actual percentage icmp reponses, or unreachables could possible represent. Are we talking 0.1% per 100gbps? 3%?
|
# ¿ Sep 28, 2018 02:53 |
|
If you really want to make noise, don't waste your time calling your ISP's general support. Find contacts thats are listed as being administratively responsible for the ASN and send them an email. Although you should probably have something more substantiated than a traceroute copy/paste to show them.
|
# ¿ Sep 28, 2018 19:34 |
|
|
# ¿ May 13, 2024 02:35 |
|
I love Wikipedia's dry humor
|
# ¿ Sep 30, 2018 09:30 |