Author Topic: Open Bar: Fake News, Fake Bar  (Read 192489 times)

Cainad (dec.)

  • Houseplant Supreme
  • Deserved It
  • ****
  • Posts: 10759
  • The Emperor's Hairy Right Hand
    • View Profile
    • Internet Forum Safari
Re: Open Bar: Fake News, Fake Bar
« Reply #1155 on: May 16, 2017, 08:55:15 pm »
I'm going to need an update to my use of the word "implied".

Implicit --> Explicit,

So Implied --> Explied, I suppose?

Trivial

  • Corporate Drone #5235
  • Deserved It
  • ****
  • Posts: 1392
  • No
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1156 on: May 16, 2017, 10:33:43 pm »
Co-worker is dealing with a station IT team that is demanding to know why our cloud doesn't have a load balancer.

 :?

I assume your cloud is made up on 1 server?  :lulz:

So I guess they wanted a list of IPs to unblock, and we gave the domain name and port, and apparently they chewed out the guy for not having the cloud load balanced.

Which is still ???

Note:  This is also using Amazon's so...
« Last Edit: May 16, 2017, 10:51:12 pm by Trivial »
Sexy Octopus of the Next Noosphere Horde

There are more nipples in the world than people.

Faust

  • Tyrannical Overlord
  • Deserved It
  • *
  • Posts: 10365
  • The Greasy Strangler
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1157 on: May 16, 2017, 11:27:50 pm »
Can you tell if a system is set up for load balancing from a domain name? Surely the domain name could resolve to a machine/load balancing system/shitty home router
Sleepless nights at the chateau

Trivial

  • Corporate Drone #5235
  • Deserved It
  • ****
  • Posts: 1392
  • No
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1158 on: May 17, 2017, 01:24:33 am »
Can you tell if a system is set up for load balancing from a domain name? Surely the domain name could resolve to a machine/load balancing system/shitty home router

Yes, I would think so, just as you have described.  They were angry he was giving a name and not an IP list, and wasn't willing to grab the infrastructure guy at an odd hour of the night.  They dropped the call suddenly saying they were good, which makes me think someone tried the firewall exemption by name, or just rebooted the box that ingests the data.

Sexy Octopus of the Next Noosphere Horde

There are more nipples in the world than people.

Pæs

  • James Bond-defying Shit-Volcano Trigger Device of the Next Armageddon.
  • Deserved It
  • ****
  • Posts: 2925
  • I ain't even mad.
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1159 on: May 17, 2017, 07:59:22 am »
Can you tell if a system is set up for load balancing from a domain name? Surely the domain name could resolve to a machine/load balancing system/shitty home router
You can often gather enough information to make a reasonable guess here. DNS load balancing is easily detected.

In the more common case of a load balancing appliance:

Does the number of domains which resolve to the same IP exceed what is likely for virtual hosts on a single box? Not conclusive, good indication. Does it set common load balancing, sticky session cookies like BigIP, AWSELB, etc? It's either load balanced or someone is trolling you. When requests are repeated, do headers switch between a few static values, or if sequential values are included, can they be separated into more than one sequence? Good indication. At a certain point you have to start getting tricky with traffic analysis deeper into the packet, where success depends on how intrusive the appliance is.

EDIT: This isn't just telling 'from a domain', but given a domain you can take further steps to fingerprint things.

From the sounds of it, I doubt these guys did any of that, given that they wanted to balance the load between one server. Or were they mad because they presumed load would exceed one endpoint? What was their objective in unblocking IPs?
« Last Edit: May 17, 2017, 08:46:00 am by Pæs »

The Wizard Joseph

  • Still chasing after the Eternal question, "What IS a Juggalo?"
  • Deserved It
  • ****
  • Posts: 4847
  • Product of Wisconsin
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1160 on: May 17, 2017, 04:17:02 pm »
I'm starting to feel less horrible this last week or so. It would be wrong to say that the depression is lifting, but I'm beginning to feel like one day it will enough to get myself minimally functional again. Right now just glad to have a day notably less bad than I've grown used to these last couple years. For now I just keep taking the pills, going to councilor and doctor appointments, and waiting for the paperwork to get processed. If there wasn't such a bad bedbug infestation in my shitty rooming-house I could even be content.
You can't get out backward.  You have to go forward to go back.. better press on! - Willie Wonka, PBUH

Life can be seen as a game with no reset button, no extra lives, and if the power goes out there is no restarting.  If that's all you see life as you are not long for this world, and never will get it.

"Ayn Rand never swung a hammer in her life and had serious dominance issues" - The Fountainhead

"World domination is such an ugly phrase. I prefer to call it world optimisation."
 - Harry Potter and the Methods of Rationality :lulz:

"You program the controller to do the thing, only it doesn't do the thing.  It does something else entirely, or nothing at all.  It's like voting."
- Billy, Aug 21st, 2019

"It's not even chaos anymore. It's BANAL."
- Doktor Hamish Howl

Mesozoic Mister Nigel

  • v=1/3πr2h
  • Deserved It
  • ****
  • Posts: 77698
  • The sky tastes like red exuberance.
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1161 on: May 17, 2017, 04:26:10 pm »
Working on another PhD proposal.  God I hate these things.  It's like applying for a job and writing a high level paper, all rolled into one.  Oh, you only want 2500 words on my proposal, in addition to my entire life and work history.

Easily the worst thing about academia is all the fucking proposals and reports and grant applications. Seriously, why the fuck does a progress report need multiple revisions?
“I’m guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk,” Charles Wick said. “It was very complicated.”


Mesozoic Mister Nigel

  • v=1/3πr2h
  • Deserved It
  • ****
  • Posts: 77698
  • The sky tastes like red exuberance.
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1162 on: May 17, 2017, 04:27:32 pm »
I learned about the cone snail today and I am never going to the beach again.


Quote
FIFTY NANOGRAMS PER KILOGRAM HAS A 50% CHANCE OF KILLING YOU. A 220-POUND HUMAN HAS A 50% CHANCE OF SURVIVAL AGAINST JUST 5 MICROGRAMS OF CONOTOXIN. 

I DID SOME MATH. 

IT WOULD TAKE 7-9 MILLIGRAMS OF CONOTOXIN TO KILL A BLUE WHALE, THE HEAVIEST ANIMAL TO EVER LIVE.

My people.
“I’m guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk,” Charles Wick said. “It was very complicated.”


Mesozoic Mister Nigel

  • v=1/3πr2h
  • Deserved It
  • ****
  • Posts: 77698
  • The sky tastes like red exuberance.
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1163 on: May 17, 2017, 04:27:55 pm »
I am officially allowed to say my wife is pregnant.

Congratulations!
“I’m guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk,” Charles Wick said. “It was very complicated.”


Trivial

  • Corporate Drone #5235
  • Deserved It
  • ****
  • Posts: 1392
  • No
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1164 on: May 17, 2017, 08:26:41 pm »
Can you tell if a system is set up for load balancing from a domain name? Surely the domain name could resolve to a machine/load balancing system/shitty home router
You can often gather enough information to make a reasonable guess here. DNS load balancing is easily detected.

In the more common case of a load balancing appliance:

Does the number of domains which resolve to the same IP exceed what is likely for virtual hosts on a single box? Not conclusive, good indication. Does it set common load balancing, sticky session cookies like BigIP, AWSELB, etc? It's either load balanced or someone is trolling you. When requests are repeated, do headers switch between a few static values, or if sequential values are included, can they be separated into more than one sequence? Good indication. At a certain point you have to start getting tricky with traffic analysis deeper into the packet, where success depends on how intrusive the appliance is.

EDIT: This isn't just telling 'from a domain', but given a domain you can take further steps to fingerprint things.

From the sounds of it, I doubt these guys did any of that, given that they wanted to balance the load between one server. Or were they mad because they presumed load would exceed one endpoint? What was their objective in unblocking IPs?

They weren't getting weather data from the cloud service which isn't hosted on our systems, and from our side it looked like they weren't allowing it to come in.  We weren't seeing any traffic issues.  They didn't want to unblock by name - no idea why - I wasn't on that call.  It spiraled into a rant about infrastructure which seemed to not make sense, then made sense, and then upon further analysis, made even less sense. 

And again the whole thing was ended abruptly with someone saying "it works now."   


Sexy Octopus of the Next Noosphere Horde

There are more nipples in the world than people.

Trivial

  • Corporate Drone #5235
  • Deserved It
  • ****
  • Posts: 1392
  • No
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1165 on: May 17, 2017, 10:46:59 pm »
Also, having to say the phrase "weather data from cloud" makes me angry.
Sexy Octopus of the Next Noosphere Horde

There are more nipples in the world than people.

Trivial

  • Corporate Drone #5235
  • Deserved It
  • ****
  • Posts: 1392
  • No
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1166 on: May 18, 2017, 04:38:11 am »
Needed to get epipens for my daughter for like the first time ever.  I was way too entertained by the fact that they have one that talks now.
Sexy Octopus of the Next Noosphere Horde

There are more nipples in the world than people.

Pæs

  • James Bond-defying Shit-Volcano Trigger Device of the Next Armageddon.
  • Deserved It
  • ****
  • Posts: 2925
  • I ain't even mad.
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1167 on: May 18, 2017, 10:08:37 am »
It spiraled into a rant about infrastructure which seemed to not make sense, then made sense, and then upon further analysis, made even less sense. 

And again the whole thing was ended abruptly with someone saying "it works now."
:lol:

Faust

  • Tyrannical Overlord
  • Deserved It
  • *
  • Posts: 10365
  • The Greasy Strangler
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1168 on: May 18, 2017, 10:40:51 am »
We have the ask three times rule here at work as we believe all IT admins are under religious obligation to lie the first two times:

"Have you opened port 443 for our system?"
"Yes"
[COMMS FAIL TO ESTABLISH]
"Really?"
"Yes"
"Really?"
"OK fine I'll open it now"
Sleepless nights at the chateau

Junkenstein

  • Technically-Oriented & Horribly Mobile Crecy of Crab Lice.
  • Deserved It
  • ****
  • Posts: 8085
    • View Profile
Re: Open Bar: Fake News, Fake Bar
« Reply #1169 on: May 18, 2017, 11:39:19 am »
How often do you get the "I'm sure I did, but why don't you just talk me through how I would have done that" guy? I've got a client like this at the moment and it's maddening. It's OK to not know. It's OK to know fuck all. Just fucking say that rather than this endless dance of pretending you've got a clue. It's increasing the workload by a third.
Nine naked Men just walking down the road will cause a heap of trouble for all concerned.