cochon
cochon
Comments
-
It's usually environmental factors that kill HDDs, extreme temperatures, constant temperature fluctuation or vibration being the most obvious. In my limited experience, drives that are powered on, well cooled, and in constant use, fail more gracefully and last longer than occasionally used drives in a poorly cooled…
-
Just grabbed one of the 'S' nodes to kick the tyres on and it's showing 0GB of 1TB now, not even 2. Probably not a problem here, but thought I'd mention it...
-
I guess a good reason to avoid an upgrade. As a bit of an aside, does anyone know what extra features non legacy systems have over migrated ones (apart from smaller partitions :) ), and does booting from ISO in any way trigger the upgrade/shrink, though I'd suspect not as you might just be doing a recovery intervention.
-
I don't see any specific addresses configured now in the new control under either of my subnets. I can assign a random address (under either /64) interactively on the interface and it just works, seems to be a fully routed /64. (Edit:) including previously configured ones. Mine is still a legacy install, I haven't…
-
I had a bit of a fumble getting IPv6 working after the London migration. It didn't work straight off the bat, and going into the new CP saw IPv6 was disabled, so clicked enable hoping to get it working. That resulted in a different /64 than previously, changed the config accordingly but still no IPv6, finally tried the old…
-
Well I can see the general idea behind this, but as you suggest it's yet another example of the trade-off between freedom and security, a debate that goes way beyond web technology. WebAuthn hardens the traditional concept of 2FA, something you know (password) and something physical you have (phone?), and yes maybe forces…
-
Posting data relies only on curl, why does the script also install wget? Maybe test for and use whichever is currently installed as the posting tool.
-
Glad it's not just me. Nearly every drive I've had fail catastrophically has been one that was retired in full working order for an upgrade, then brought back into service for some other project after many months without power. Has made me very wary of using HDDs for any kind of [literally] cold storage.
-
More like 5 4 years. But for those with an account it's been working well as very cheap cold storage, yes it's still slow, but fine for ad-hoc access. I've been using both rclone and hubicfuse to access it as a file system on Linux. Not had any e-mail myself, and given they're subject to EU consumer laws, this all seems a…
-
For you guys that use Fail2Ban. I'm intrigued to know if you still see a lot of blocked brute force activity, and by 'a lot' I mean enough to warrant bothering with Fail2Ban. I used to use it years ago when 'bashing down the door' style probes would actually slow the system noticeably and fill up auth logs, but these days…
-
Yeah I have quite a few, not 226 but a lot, add whatever's going when I remember. Wish they had a local rating system so I could upvote those I actually want to play, or have even paid for, and filter out the filler. I've even purchased some discounted Steam games by mistake in the past, forgetting I had it free on Epic.…
-
Thanks, ironically now available on Epic for free for the next 1 day =) Mind you I prefer Steam still...
-
Very kind of you, would take Vampyr if still available. Merry Christmas to you and everyone on LES !! edit by @Mason: key sent
-
Makes you wonder about the services the connections are really intended for :o though most of the endpoint ports look a bit random. Edit: My guess would be they're de-configured IP's on the host node that you're now getting by default/fallback. Ticket required.
-
It only takes a minor slip of the keyboard, in someone else's DNS config, to send people to your IP in error. This seems by far the best first step, especially if you have no active services to confuse the data. On linux tcpdump is a trivial install, use 'tcpdump not host 123.123.123.123 and not arp' to filter out your own…
-
Then Squid will use IPv6 to contact that website, not IPv4, problem solved. Removing IPv4 still seems a sledgehammer to crack a nut, but as @Advin suggests remove the IPv4 bit from the network config. If you're fearful the site might take steps to find your IPv4 don't forget there are many other ways for them to do that,…
-
I think you might underestimate how much of the web does NOT support IPv6 for web traffic. Preferring IPv6 is the default option for Squid see: http://www.squid-cache.org/Doc/config/dns_v4_first/ so usually it's the opposite question. If Squid uses IPv4 it's because it needs to, if you remove/disable IPv4 fallback, much…
-
Actually, any nationality resident in EU, OR, EU citizen resident anywhere in the world, so Irish in US is covered. At the end of the day they don't check. EURid may be a non-profit but they need to make money ;)
-
Ah, I stand corrected, I also have one of the Crucial P2's which seemed to be the model most criticised, and yet it works fine for me, even doing large transfers, hence my scepticism about reported issues. BUT a bit of research turns up that the early models actually used TLC memory, they later switched to QLC, and others…
-
Sure, Grand Theft Auto 5 is about that size, and it's from 2013. Not really my thing, but Epic Games gave it away free earlier in the year, hence how I know. I'd assume modern games are bigger still.
-
Don't forget the DRAM vs DRAM-less debate is way less important on NVMe. Nearly all modern DRAM-less NVMe implement HMB, they can call back over the PCI bus and use the hosts memory for the jobs that local DRAM would assist. Something not possible for SATA SSDs which do suffer badly. And as for the slowness of QLC devices…
-
Sounds more like a problem with the OVPN client, does it pop up the dialog box to ask for username/pass? Mine does on Windows but is an older client version than yours. Easiest solution might be to drop your credentials into a file in the config folder (2 lines for user then pass) and change all the config file lines…
-
Any specific node? Don't use it extensively myself, but grabbed one as a useful gadget to keep in the toolbox. A few randomly picked end nodes seems to connect OK from vanilla Windows OVPN client.
-
With that in mind is there any update on reinstating the upstream IPv6 connectivity with Hurricane Electric / Google at the new datacentre?
-
Yeah they were pretty robust boxes. Hope yours doesn't connect to the Internet these days though, they had quite a few exploits to keep on top of and patch IIRC.
-
A 'modified' fork of RedHat on a Cobalt RaQ 4 early 2000's. A steep learning curve coming from a Windows NT background as nearly everything off the beaten track then needed to be compiled from source without upsetting the core system and admin panel, and it was a live platform, albeit an experimental one for the company.…
-
Don't knock it too hard, they need revenue to cover the cost of the recovery, that and the hole in the finances from offering a year's free service for those affected.
-
Hi, not asking for a roadmap, but do you have a wishful time-plan for the remaining OVZ6 nodes. Was minded to switch a couple of Ubuntu 16 instances to something supported, simply because 16.04 went EOL last month, but will hang fire if things are going to change sometime over the summer/autumn, as I'm not running anything…
-
Maybe, but in this case, until the expired signing cert trick was discovered, we were looking at disenfranchising handsets from just 2015/2016, and in less wealthy countries, mopping up older stock, probably those purchased later than that.
-
A timely post, which seems to have morphed from a thumbs up for FZ to one for WinSCP. I tried both years ago and plumbed for FZ for features [at the time] and cross platform availability. A recent upgrade to FZ precipitated a weird login delay on just one server, by bad luck the one I upload to most frequently. Just tried…
-
I even skipped the last, supposedly final, 50% offer as my service went completely down the pan, thinking I would abandon ship. Turned out to be a rogue server, switched to a new node and things have been superb since, for the cost, leaving me regretting missing the opportunity. Glad to see it return (one more time?)
-
Do you mean 'not encrypted' as in no additional encryption, or 'not encrypted' as in not even a password on the key? A strong password is still reasonably secure for most threat models, other than keyloggers, but no password at all would be a gift to the prosecution if you were worried about the legal consequences of a…
-
Matter? it reduces the risk, helps for a good nights sleep. It's so simple to configure it should be a reflex action. ChallengeResponseAuthentication noPasswordAuthentication noPermitRootLogin noAllowGroups mygroup Restart ssh and test BEFORE logging off. SSH keys plural? for most scenarios one key should be enough, use…
-
I use a variant on this, enabling catchall on the domain, but throwing away anything without a period in the username. So [email protected] delivers but jill@ john@ info@ accounts@ sales@ don't. I can then give a unique e-mail to every signup without any effort, and blacklist the rare abusers. For time based…
-
I run a couple of HostHatch VPS's and renamed the offending account on first install (I needed another username on UID 1000). I move SSH to another port (PasswordAuthentication no) but happen to run SFTP on port 22 (ProFTPD with virtual users not SSH/sftpd) so appear externally to have SSH with password authentication…
-
Anyone know if there's a telltale or pattern to the commonly experienced crypto breach, or even the general nature. I have a couple of Hosthatch VPS's but the very first thing I did after gaining access was rename the debianuser account and harden ssh (PasswordAuthentication no).
-
... at a special BF rate I hope :)