Timestamps are in GMT/BST.
[0:15] * sleon|tuX (test@p54A171C3.dip.t-dialin.net) has joined #freenet
[0:57] * aum_ (~aum@60-234-138-239.bitstream.orcon.net.nz) has joined #freenet
[1:11] * aum_ is now known as aum
[1:12] * aum (~aum@60-234-138-239.bitstream.orcon.net.nz) Quit ()
[1:26] * aum (~aum@60-234-138-239.bitstream.orcon.net.nz) has joined #freenet
[1:26] <aum> hi guys
[1:27] <aum> what's the goss with FCP changes?
[1:59] * gvdm (~gvdm@210-246-8-154.paradise.net.nz) has joined #freenet
[2:45] * kokje (~kokje@c-24-127-127-236.hsd1.ca.comcast.net) Quit ("using sirc version 2.211+KSIRC/1.3.11")
[3:13] * gvdm (~gvdm@210-246-8-154.paradise.net.nz) Quit (Read error: 104 (Connection reset by peer))
[3:22] * gvdm (~gvdm@210-246-8-40.paradise.net.nz) has joined #freenet
[3:29] * sleon|tuX (test@p54A171C3.dip.t-dialin.net) Quit (Remote closed the connection)
[5:09] * pittaman (~mistery_b@d54C32DBA.access.telenet.be) has joined #freenet
[5:58] * Overand_ (common@64.252.99.156) has joined #freenet
[6:09] * Overand (common@64.252.111.155) Quit (Read error: 110 (Connection timed out))
[6:16] * Overand_ is now known as Overand
[6:20] <nextgens> hi
[6:21] * Hory (~Miranda@82.76.81.56) has joined #FreeNet
[6:38] * gvdm (~gvdm@210-246-8-40.paradise.net.nz) Quit (Read error: 113 (No route to host))
[6:50] * aum (~aum@60-234-138-239.bitstream.orcon.net.nz) Quit ()
[6:55] * toad_ (toad@82-32-17-1.cable.ubr03.azte.blueyonder.co.uk) has joined #freenet
[6:55] * ChanServ sets mode +o toad_
[6:55] <nextgens> toad_: hi
[7:18] <Elly> why on earth would you write an IRC client in C
[8:31] * leenookx_ (~leenookx@host81-157-27-89.range81-157.btcentralplus.com) Quit (Read error: 104 (Connection reset by peer))
[8:31] * greycat (rfc1413@wooledge.org) has joined #freenet
[8:40] * robilad (~topic@mpiat2305.ag2.mpi-sb.mpg.de) has joined #freenet
[8:42] * robilad (~topic@mpiat2305.ag2.mpi-sb.mpg.de) Quit (Client Quit)
[8:44] * FallingBuzzard (~srademach@207.152.112.129) has joined #freenet
[8:46] <toad_> anyone have a nice script to block any host that repeatedly tries bogus users via ssh?
[8:48] <toad_> or ideally a debian package :)
[8:48] <nextgens> toad_: you can't :'(
[8:48] <nextgens> just add an iptables rule or
[8:48] <toad_> i could write my own easily enough but it must be out there somewhere
[8:48] <toad_> nextgens: I know HOW to do it..
[8:48] <toad_> i want to avoid duplication of effort - and having to deal with logfile rotation
[8:49] <nextgens> add "PermitRootLogin without-password"
[8:49] <nextgens> ;-)
[8:49] * oierw (mathew@cpe-66-91-92-246.hawaii.res.rr.com) Quit (Read error: 54 (Connection reset by peer))
[8:49] <greycat> "tail --follow=name" would help with the rotation thing
[8:49] * oierw (mathew@cpe-66-91-92-246.hawaii.res.rr.com) has joined #freenet
[8:49] <toad_> i can for example do it in a procmail rule in response to logcheck mails, but they seem to try one per second
[8:49] <toad_> greycat: oooh, good point
[8:50] <nextgens> toad_: greycat: do it with PAM ;-)
[8:50] <nextgens> setting limits on login failure and increasing the time needed between each try ;-)
[8:50] <toad_> I only have one user which is possible to log in externally on... in theory
[8:51] <toad_> nextgens: per IP, or per user, or what?
[8:51] <nextgens> per "login"
[8:51] * nextgens is RTFMing
[8:53] * leenookx_ (~leenookx@host81-157-27-89.range81-157.btcentralplus.com) has joined #freenet
[8:54] * robilad (~topic@mpiat2305.ag2.mpi-sb.mpg.de) has joined #freenet
[8:55] <nextgens> toad_: http://www.dslreports.com/forum/remark,12601792
[8:56] <toad_> i wonder if there's an off the shelf package that can do what i do for backups too...
[8:57] <toad_> i have basically an automatic version control system - every day it dumps the checksums of all files in key directories, and stores each file (compressed) under its checksum in a store/<first byte of hash in hex> directory
[8:59] <toad_> <strong>Requirements:</strong> <br>- You MUST have <a href="http://www.webhostgear.com/61.html">APF Firewall Installed </a>before installig BFD - it works with APF and requires some APF files to operate.<br>- Root SSH?access to your server
[8:59] <toad_> yikes
[8:59] <Eol> anybody got the FEC decoder by onionnetworks to run w/ freenet on FBSD?
[8:59] <nextgens> toad_: I don't know : I use duplicity which permits the same kind of thing ;-)
[9:02] <nextgens> toad_: www.gnu.org/non-gnu/duplicity/
[9:03] <toad_> iptables -A INPUT -i eth0 -p tcp --dport 22 -m limit --limit 2/m --limit-burst 2 -m state --state NEW -j ACCEPT
[9:03] <nextgens> toad_: what about using subversion or a CVS tree ?
[9:03] <toad_> hmmm
[9:03] <toad_> nextgens: I'd have to check the files in in that case
[9:03] <toad_> nextgens: and most of them are word DOCs
[9:04] <toad_> okay, that command might help, but why is it per-IP?
[9:04] <nextgens> it isn't ;-)
[9:04] <toad_> http://www.dslreports.com/forum/remark,12601792
[9:04] <toad_> he says it is per IP
[9:05] <toad_> if it is not per IP, that is _very_ bad!
[9:05] <nextgens> limit
[9:05] <nextgens> This module matches at a limited rate using a token bucket filter. A
[9:05] <nextgens> rule using this extension will match until this limit is reached
[9:05] <nextgens> (unless the `!' flag is used). It can be used in combination with the
[9:05] <nextgens> LOG target to give limited logging, for example.
[9:05] <toad_> i don't want to be blocked out myself just because some idiot flooded me with conns...
[9:05] <nextgens> :-D
[9:06] <toad_> Duplicity is not stable yet. It is thought to have a few bugs, but
[9:06] <toad_> will work for normal usage, and should continue to work fine until you
[9:06] <toad_> depend on it for your business or to protect important personal data.
[9:07] <toad_> okay, i'll stick with my homegrown scripts
[9:07] <nextgens> lol
[9:07] <toad_> anyone who wants them can have them of course
[9:07] <nextgens> I had no problem with it thought ;-)
[9:07] <toad_> nextgens: well, is there any way to make it per-IP?
[9:08] <nextgens> yes, using tracking, and QoS
[9:08] <nextgens> but IMHO to complicated
[9:08] <toad_> so basically i have to write my own, or use BFD?
[9:09] <nextgens> I don't think that BFD is a good thing...
[9:10] <nextgens> toad_: what about changing the port number SSHd is listening on ?
[9:10] <toad_> hmm?
[9:10] <nextgens> *nn
[9:10] <toad_> nextgens: why would that help? you can still probe for it..
[9:11] <nextgens> using portscanning ...
[9:11] <toad_> aha
[9:11] <toad_> bld
[9:11] <nextgens> but that's easier to block ;-)
[9:11] <toad_> or is that just for email?
[9:11] <toad_> nextgens: i consider it rather antisocial to disable all ICMP
[9:11] * nextgens too
[9:12] <nextgens> and ?
[9:14] <toad_> and that's the obvious way to prevent portscanning
[9:45] * Eol (~Eol@12.35.160.189) has left #freenet
[10:27] * pittaman (~mistery_b@d54C32DBA.access.telenet.be) Quit (Client Quit)
[10:45] * pittaman (~mistery_b@d54C32DBA.access.telenet.be) has joined #freenet
[10:48] * pittaman (~mistery_b@d54C32DBA.access.telenet.be) Quit (Client Quit)
[10:49] * pittaman (~mistery_b@d54C32DBA.access.telenet.be) has joined #freenet
[11:15] * hobx_ (~ag@ankh.math.chalmers.se) has joined #freenet
[11:53] * Hory (~Miranda@82.76.81.56) Quit (Connection timed out)
[11:53] * Hory (~Miranda@82.76.81.56) has joined #FreeNet
[12:14] * Hory (~Miranda@82.76.81.56) Quit (Connection timed out)
[12:14] * Hory (~Miranda@82.76.81.56) has joined #FreeNet
[12:25] * sleon|tuX (test@p54A171C3.dip.t-dialin.net) has joined #freenet
[13:05] * cbreak (~cbreak@84-72-98-199.dclient.hispeed.ch) has joined #freenet
[13:23] * oierw` (mathew@cpe-66-91-92-246.hawaii.res.rr.com) has joined #freenet
[13:23] * oierw (mathew@cpe-66-91-92-246.hawaii.res.rr.com) Quit (Read error: 54 (Connection reset by peer))
[14:10] * sleon|tuX (test@p54A171C3.dip.t-dialin.net) Quit (Read error: 110 (Connection timed out))
[14:10] * sleon|tuX (test@p54A14AF9.dip.t-dialin.net) has joined #freenet
[14:11] * FallingBuzzard (~srademach@207.152.112.129) Quit (Read error: 104 (Connection reset by peer))
[14:25] * greycat (rfc1413@wooledge.org) Quit (Remote closed the connection)
[14:54] * greycat (rfc1413@wooledge.org) has joined #freenet
[15:20] * cbreak (~cbreak@84-72-98-199.dclient.hispeed.ch) Quit ("leaving")
[15:51] * oierw` (mathew@cpe-66-91-92-246.hawaii.res.rr.com) Quit (Read error: 60 (Operation timed out))
[15:53] * oierw` (mathew@cpe-66-91-92-246.hawaii.res.rr.com) has joined #freenet
[16:49] * greycat (rfc1413@wooledge.org) Quit ("This time the bullet cold rocked ya / A yellow ribbon instead of a swastika")
[17:16] * Ash-Fox (UNKNOWN@aco234.neoplus.adsl.tpnet.pl) has joined #FreeNET
[17:19] * pittaman (~mistery_b@d54C32DBA.access.telenet.be) Quit (Client Quit)
[18:16] * NullAcht15 (~NullAcht1@dsl-213-023-245-173.arcor-ip.net) has joined #freenet
[18:29] * Naked (naked@naked.iki.fi) has joined #freenet
[18:35] * foo_ (~foo@p54883013.dip.t-dialin.net) has joined #freenet
[18:35] * Hadaka (naked@naked.iki.fi) Quit (Connection refused)
[18:35] * Naked is now known as Hadaka
[18:38] * foo_ (~foo@p54883013.dip.t-dialin.net) Quit (Client Quit)
[18:45] * sleon|tuX (test@p54A14AF9.dip.t-dialin.net) Quit ("Leaving")
[18:46] * wizard_2 (~wizard@cpe-24-193-223-149.nyc.res.rr.com) has joined #freenet
[19:13] * wizard_2 (~wizard@cpe-24-193-223-149.nyc.res.rr.com) has left #freenet
[19:50] * NullAcht15 (~NullAcht1@dsl-213-023-245-173.arcor-ip.net) Quit (Remote closed the connection)
[19:51] * PrintStar (~jeff@adsl-68-76-97-250.dsl.bcvloh.ameritech.net) has joined #freenet
[19:51] * Hory (~Miranda@82.76.81.56) Quit ("CyberLore.net - Recommendations on the best games, freeware and websites.")
[20:00] * goatee (~goatee@ip216-239-81-6.vif.net) Quit (Read error: 104 (Connection reset by peer))
[20:25] * goatee (~goatee@ip216-239-81-49.vif.net) has joined #freenet
[20:58] * PrintStar (~jeff@adsl-68-76-97-250.dsl.bcvloh.ameritech.net) Quit ("Leaving")
[21:30] * Ash-Fox (UNKNOWN@aco234.neoplus.adsl.tpnet.pl) Quit (Nick collision from services.)
[21:31] * Ash-Fox (UNKNOWN@adg87.neoplus.adsl.tpnet.pl) has joined #FreeNET
[21:54] * robilad (~topic@mpiat2305.ag2.mpi-sb.mpg.de) Quit (Remote closed the connection)
These logs were automatically created by Jay Oliveri with his gimp hapi on irc.freenode.net.