| *** rossand has quit IRC | 04:15 | |
| *** Alex|off is now known as Alex| | 06:13 | |
| *** Alex| is now known as Alex|off | 06:41 | |
| *** Alex|off is now known as Alex| | 07:05 | |
| *** grantc_offline is now known as grantc | 08:20 | |
| *** Alex| is now known as Alex|off | 09:40 | |
| *** Alex|off is now known as Alex| | 09:52 | |
| *** Alex| is now known as Alex|off | 09:58 | |
| *** Alex|off is now known as Alex| | 10:07 | |
| *** Alex| is now known as Alex|off | 11:07 | |
| *** Alex|off is now known as Alex| | 11:08 | |
| *** troal01 has joined #ingres | 11:59 | |
| *** rossand has joined #ingres | 12:06 | |
| *** ChanServ sets mode: +o rossand | 12:06 | |
| *** Mart|n has joined #ingres | 12:12 | |
| Mart|n | hi | 12:12 |
|---|---|---|
| grantc | Hi Mart|n | 12:13 |
| Mart|n | hi | 12:13 |
| Mart|n | hows u | 12:13 |
| grantc | I am fine, and you? | 12:13 |
| Mart|n | im ok | 12:13 |
| Mart|n | such a ambiquos reply | 12:13 |
| grantc | english is a great language :) | 12:14 |
| grantc | what brings you to #ingres? | 12:15 |
| Mart|n | u | 12:17 |
| Mart|n | else i would leave | 12:17 |
| grantc | o i c | 12:17 |
| Mart|n | so how are u | 12:17 |
| grantc | so Mart|n what time is it where you are? | 12:20 |
| Mart|n | early | 12:21 |
| grantc | it's earlier here | 12:22 |
| *** elPiola has joined #ingres | 14:05 | |
| *** toumi01 has joined #ingres | 14:09 | |
| *** DarylM has joined #ingres | 14:12 | |
| *** test_dummy has joined #ingres | 15:13 | |
| *** grantc changes topic to "Ingres Chat | Wiki - http://community.ingres.com/wiki | Forums http://community.ingres.com/forum | Goto http://irc.planetingres.org for the channel archives" | 15:13 | |
| *** test_dummy has left #ingres | 15:13 | |
| *** Mart|n has quit IRC | 15:14 | |
| *** mull has joined #ingres | 15:22 | |
| *** Alex| is now known as Alex|off | 16:11 | |
| *** DerMeister has joined #ingres | 17:03 | |
| *** Alex|off is now known as Alex| | 17:09 | |
| *** NoeJeko has joined #ingres | 17:31 | |
| NoeJeko | hi Alex | 17:32 |
| Alex| | hi | 17:32 |
| NoeJeko | I can't open that .ics file - I'm on OWA from home | 17:32 |
| NoeJeko | sick =[ | 17:32 |
| Alex| | guess thunderbird doesn't forward invites as outlook expects them | 17:32 |
| Alex| | let's see if I can do it from owa | 17:33 |
| Alex| | next try | 17:33 |
| NoeJeko | ah that worked | 17:34 |
| NoeJeko | that's during our weekly IT staff meeting so 30 mins prior may not work, but i should be able to slip away for that | 17:34 |
| Alex| | we can also do it on Wed | 17:35 |
| NoeJeko | wednesday would be perfect | 17:35 |
| Alex| | ok. You already have switched to/off DST, right? | 17:36 |
| NoeJeko | yeah we switched last weeked or so | 17:37 |
| Alex| | then your 8am should be my 4pm... we can also do it 9am/5pm | 17:37 |
| NoeJeko | whatever works out best for you - im flexible =] | 17:38 |
| grantc | still too early for him :) | 17:38 |
| Alex| | ;) | 17:38 |
| Alex| | flexible is good... I'm in at 8am my time :p | 17:38 |
| NoeJeko | i tried that for the first few months... always floated in around 9am =[ | 17:39 |
| grantc | NoeJeko, i have the same problem - commuter traffic is a nightmare | 17:39 |
| Alex| | let's do 9am then... | 17:39 |
| NoeJeko | it also doesn't help that californians cannot drive - every day there's 1-6 crashes along the freeway | 17:40 |
| Alex| | shouldn't take too long... can you set up webex with desktop sharing? | 17:40 |
| NoeJeko | ah - i can; i'll get that set up and forward you the invite email | 17:41 |
| NoeJeko | 9 am until...? 10:30? | 17:41 |
| Alex| | great... maybe we can take a quick look at the code.... 10 should be enough | 17:41 |
| NoeJeko | i forwarded you the webex invite | 17:46 |
| Alex| | thanks | 17:46 |
| NoeJeko | sure thing | 17:57 |
| *** troal01 has left #ingres | 18:24 | |
| *** troal01 has joined #ingres | 18:29 | |
| *** troal01 has left #ingres | 19:55 | |
| *** troal01 has joined #ingres | 20:01 | |
| *** [1]Gerhard has joined #ingres | 20:24 | |
| Alex| | NoeJeko ? | 20:31 |
| NoeJeko | working on it | 20:32 |
| Alex| | a bot grabbing content or a kiddy? | 20:32 |
| Alex| | all from the same ip | 20:32 |
| *** NoeJeko has quit IRC | 20:32 | |
| *** NoeJeko has joined #ingres | 20:33 | |
| NoeJeko | wth | 20:33 |
| Alex| | how many connections do you allow? | 20:34 |
| NoeJeko | IP address was denied in server config | 20:35 |
| NoeJeko | im not sure, its whatever is default for mysql | 20:35 |
| NoeJeko | however my forum currently has 385 online with spikes up to 615 | 20:35 |
| NoeJeko | and we don't have this issue | 20:35 |
| Alex| | the server doesn't seem to be impressed, load is under 1 | 20:35 |
| Alex| | it's just the connection limit | 20:36 |
| NoeJeko | usually i see these in direct attacks on the mysql server | 20:36 |
| NoeJeko | does this IP seem familiar? | 20:37 |
| NoeJeko | 10.255.253.234 | 20:37 |
| Alex| | no | 20:38 |
| NoeJeko | that's not usda01's address | 20:38 |
| NoeJeko | but it's connecting to the mysql server | 20:38 |
| Alex| | from the subnet I would think it's rackspace | 20:39 |
| NoeJeko | yeah um.. | 20:39 |
| NoeJeko | if you're on vpn | 20:39 |
| NoeJeko | and you go http://10.255.253.234/ | 20:39 |
| NoeJeko | ... it gives you ingres.com | 20:39 |
| Alex| | ah | 20:39 |
| NoeJeko | but it doesn't show up on /sbin/ifconfig | 20:40 |
| NoeJeko | i sent a ote to phil trying to figure out where that host resides | 20:43 |
| NoeJeko | its impossible to tell whether that was malicious or not | 20:45 |
| NoeJeko | as our site users have this disgustingly annoying habit of spamming <F5> or <Ctrl+R> when a page doesn't load | 20:45 |
| Alex| | when it's just one IP I don't think it was a real attack but I know of some bots that grab huge amounts of data over many connections.. caching, etc.. | 20:47 |
| Alex| | a satelite ISP once grabed several GBs per hour from our forum... we had to blacklist them | 20:47 |
| NoeJeko | yeah i don't think it was a real attack either | 20:47 |
| NoeJeko | probably an annoyed user pressing <F5> | 20:48 |
| *** [1]Gerhard has left #ingres | 20:49 | |
| NoeJeko | it's an Indian IP | 20:49 |
| NoeJeko | according to APNIC | 20:49 |
| NoeJeko | ISP-reserved, so it isnt allocated to a company | 20:50 |
| NoeJeko | yup, probably annoyed user | 20:50 |
| bonro01 | Are you still referring to IP 10.255.253.234? | 20:51 |
| NoeJeko | nope | 20:51 |
| NoeJeko | 59.160.68.23 | 20:51 |
| bonro01 | oh | 20:51 |
| NoeJeko | the 10. was an unexpected connection to the mysql server | 20:51 |
| NoeJeko | not the IP that triggered the errors | 20:51 |
| bonro01 | ok, I just got concerned when I thought you were saying a 10.x.x.x number was coming from the internet. | 20:53 |
| NoeJeko | lol we'd have bigger problems if that were occurring | 20:53 |
| bonro01 | yea. | 20:53 |
| grantc | NoeJeko, someone trying to brute force /forum/ajax.php | 20:56 |
| NoeJeko | yeah, i've added a deny statement for that IP | 20:57 |
| grantc | cute | 20:58 |
| NoeJeko | good god | 20:58 |
| NoeJeko | i just grep'd the access log | 20:58 |
| grantc | :) | 20:58 |
| grantc | 9990 accesses from that IP | 20:58 |
| Alex| | I doubt that was someone pressing F5 :D | 20:59 |
| NoeJeko | yeah, i was going off the 98 reported errors across community admin on taht assumption =[ | 20:59 |
| grantc | not 15 times a second :) | 20:59 |
| grantc | NoeJeko, perhaps worth a firewall rule on that box? no more than x connections per second? | 21:00 |
| Alex| | still the server load didn't go up... limit were the dbms connections | 21:00 |
| NoeJeko | but what if a user requests /index.php | 21:00 |
| NoeJeko | that has 17 graphical elements, 2 stylesheets, and 3 javascript files? | 21:01 |
| NoeJeko | that's why its hard to set x per second limits | 21:01 |
| grantc | with http 1.1 that's 1 connection | 21:01 |
| grantc | unless they get smart and do pipelining | 21:01 |
| NoeJeko | yeah but there's a significant amount of http 1.0 requests | 21:02 |
| NoeJeko | i can bring it up but i don't really think one attack warrants changing an access rule that may impact a significant amount of users, imho | 21:03 |
| *** grantc_e71 has joined #ingres | 21:07 | |
| grantc_e71 | noejeko, perhaps its worth dropping chris rogers a mail. It could be a sx | 21:10 |
| grantc_e71 | Script from our qa provider? | 21:11 |
| *** grantc_e71 has quit IRC | 21:24 | |
| *** Alex| is now known as Alex|off | 21:48 | |
| *** DerMeister has quit IRC | 22:07 | |
| *** DarylM has quit IRC | 22:25 | |
| *** grantc is now known as grantc_offline | 22:41 | |
| *** mull has quit IRC | 23:27 | |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!