News:

No, we're not mercenaries. We just carry weapons and kill things for the joy of the experience.

Main Menu

Open Bar: Fake News, Fake Bar

Started by Faust, December 26, 2016, 10:27:24 AM

Previous topic - Next topic

Cainad (dec.)

Quote from: LMNO on May 12, 2017, 10:48:10 PM
I'm going to need an update to my use of the word "implied".

Implicit --> Explicit,

So Implied --> Explied, I suppose?

Trivial

#1156
Quote from: PoFP on May 16, 2017, 05:46:28 PM
Quote from: Trivial on May 16, 2017, 02:20:58 AM
Co-worker is dealing with a station IT team that is demanding to know why our cloud doesn't have a load balancer.

:?

I assume your cloud is made up on 1 server?  :lulz:

So I guess they wanted a list of IPs to unblock, and we gave the domain name and port, and apparently they chewed out the guy for not having the cloud load balanced.

Which is still ???

Note:  This is also using Amazon's so...
Sexy Octopus of the Next Noosphere Horde

There are more nipples in the world than people.

Faust

Can you tell if a system is set up for load balancing from a domain name? Surely the domain name could resolve to a machine/load balancing system/shitty home router
Sleepless nights at the chateau

Trivial

Quote from: Faust on May 16, 2017, 11:27:50 PM
Can you tell if a system is set up for load balancing from a domain name? Surely the domain name could resolve to a machine/load balancing system/shitty home router

Yes, I would think so, just as you have described.  They were angry he was giving a name and not an IP list, and wasn't willing to grab the infrastructure guy at an odd hour of the night.  They dropped the call suddenly saying they were good, which makes me think someone tried the firewall exemption by name, or just rebooted the box that ingests the data.

Sexy Octopus of the Next Noosphere Horde

There are more nipples in the world than people.

Pæs

#1159
Quote from: Faust on May 16, 2017, 11:27:50 PM
Can you tell if a system is set up for load balancing from a domain name? Surely the domain name could resolve to a machine/load balancing system/shitty home router
You can often gather enough information to make a reasonable guess here. DNS load balancing is easily detected.

In the more common case of a load balancing appliance:

Does the number of domains which resolve to the same IP exceed what is likely for virtual hosts on a single box? Not conclusive, good indication. Does it set common load balancing, sticky session cookies like BigIP, AWSELB, etc? It's either load balanced or someone is trolling you. When requests are repeated, do headers switch between a few static values, or if sequential values are included, can they be separated into more than one sequence? Good indication. At a certain point you have to start getting tricky with traffic analysis deeper into the packet, where success depends on how intrusive the appliance is.

EDIT: This isn't just telling 'from a domain', but given a domain you can take further steps to fingerprint things.

From the sounds of it, I doubt these guys did any of that, given that they wanted to balance the load between one server. Or were they mad because they presumed load would exceed one endpoint? What was their objective in unblocking IPs?

The Wizard Joseph

I'm starting to feel less horrible this last week or so. It would be wrong to say that the depression is lifting, but I'm beginning to feel like one day it will enough to get myself minimally functional again. Right now just glad to have a day notably less bad than I've grown used to these last couple years. For now I just keep taking the pills, going to councilor and doctor appointments, and waiting for the paperwork to get processed. If there wasn't such a bad bedbug infestation in my shitty rooming-house I could even be content.
You can't get out backward.  You have to go forward to go back.. better press on! - Willie Wonka, PBUH

Life can be seen as a game with no reset button, no extra lives, and if the power goes out there is no restarting.  If that's all you see life as you are not long for this world, and never will get it.

"Ayn Rand never swung a hammer in her life and had serious dominance issues" - The Fountainhead

"World domination is such an ugly phrase. I prefer to call it world optimisation."
- Harry Potter and the Methods of Rationality :lulz:

"You program the controller to do the thing, only it doesn't do the thing.  It does something else entirely, or nothing at all.  It's like voting."
- Billy, Aug 21st, 2019

"It's not even chaos anymore. It's BANAL."
- Doktor Hamish Howl

Mesozoic Mister Nigel

Quote from: Cain on May 12, 2017, 03:33:21 AM
Working on another PhD proposal.  God I hate these things.  It's like applying for a job and writing a high level paper, all rolled into one.  Oh, you only want 2500 words on my proposal, in addition to my entire life and work history.

Easily the worst thing about academia is all the fucking proposals and reports and grant applications. Seriously, why the fuck does a progress report need multiple revisions?
"I'm guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk," Charles Wick said. "It was very complicated."


Mesozoic Mister Nigel

Quote from: Freeky on May 14, 2017, 12:51:17 AM
I learned about the cone snail today and I am never going to the beach again.


QuoteFIFTY NANOGRAMS PER KILOGRAM HAS A 50% CHANCE OF KILLING YOU. A 220-POUND HUMAN HAS A 50% CHANCE OF SURVIVAL AGAINST JUST 5 MICROGRAMS OF CONOTOXIN. 

I DID SOME MATH. 

IT WOULD TAKE 7-9 MILLIGRAMS OF CONOTOXIN TO KILL A BLUE WHALE, THE HEAVIEST ANIMAL TO EVER LIVE.

My people.
"I'm guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk," Charles Wick said. "It was very complicated."


Mesozoic Mister Nigel

Quote from: Don Coyote on May 14, 2017, 10:54:43 PM
I am officially allowed to say my wife is pregnant.

Congratulations!
"I'm guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk," Charles Wick said. "It was very complicated."


Trivial

Quote from: Pæs on May 17, 2017, 07:59:22 AM
Quote from: Faust on May 16, 2017, 11:27:50 PM
Can you tell if a system is set up for load balancing from a domain name? Surely the domain name could resolve to a machine/load balancing system/shitty home router
You can often gather enough information to make a reasonable guess here. DNS load balancing is easily detected.

In the more common case of a load balancing appliance:

Does the number of domains which resolve to the same IP exceed what is likely for virtual hosts on a single box? Not conclusive, good indication. Does it set common load balancing, sticky session cookies like BigIP, AWSELB, etc? It's either load balanced or someone is trolling you. When requests are repeated, do headers switch between a few static values, or if sequential values are included, can they be separated into more than one sequence? Good indication. At a certain point you have to start getting tricky with traffic analysis deeper into the packet, where success depends on how intrusive the appliance is.

EDIT: This isn't just telling 'from a domain', but given a domain you can take further steps to fingerprint things.

From the sounds of it, I doubt these guys did any of that, given that they wanted to balance the load between one server. Or were they mad because they presumed load would exceed one endpoint? What was their objective in unblocking IPs?

They weren't getting weather data from the cloud service which isn't hosted on our systems, and from our side it looked like they weren't allowing it to come in.  We weren't seeing any traffic issues.  They didn't want to unblock by name - no idea why - I wasn't on that call.  It spiraled into a rant about infrastructure which seemed to not make sense, then made sense, and then upon further analysis, made even less sense. 

And again the whole thing was ended abruptly with someone saying "it works now."   


Sexy Octopus of the Next Noosphere Horde

There are more nipples in the world than people.

Trivial

Also, having to say the phrase "weather data from cloud" makes me angry.
Sexy Octopus of the Next Noosphere Horde

There are more nipples in the world than people.

Trivial

Needed to get epipens for my daughter for like the first time ever.  I was way too entertained by the fact that they have one that talks now.
Sexy Octopus of the Next Noosphere Horde

There are more nipples in the world than people.

Pæs

Quote from: Trivial on May 17, 2017, 08:26:41 PM
It spiraled into a rant about infrastructure which seemed to not make sense, then made sense, and then upon further analysis, made even less sense. 

And again the whole thing was ended abruptly with someone saying "it works now."
:lol:

Faust

We have the ask three times rule here at work as we believe all IT admins are under religious obligation to lie the first two times:

"Have you opened port 443 for our system?"
"Yes"
[COMMS FAIL TO ESTABLISH]
"Really?"
"Yes"
"Really?"
"OK fine I'll open it now"
Sleepless nights at the chateau

Junkenstein

How often do you get the "I'm sure I did, but why don't you just talk me through how I would have done that" guy? I've got a client like this at the moment and it's maddening. It's OK to not know. It's OK to know fuck all. Just fucking say that rather than this endless dance of pretending you've got a clue. It's increasing the workload by a third.
Nine naked Men just walking down the road will cause a heap of trouble for all concerned.