01:59.46 | *** join/#utah josephscott (~josephsco@2601:602:9b00:1c15:1d7f:55bf:dc96:fcfa) |
02:30.50 | *** join/#utah tiwula (~lane@174-23-5-207.slkc.qwest.net) |
03:05.33 | *** join/#utah copec (~copec@schrodbox.unaen.org) |
03:53.38 | spangborn | ~brave-- |
07:03.38 | klys | ~slashdot |
12:08.19 | *** join/#utah EM16 (~EM16@2601:681:5380:2335:5c80:fac5:26da:3225) |
13:58.13 | *** join/#utah EM16 (~EM16@2601:681:5380:2335:5c80:fac5:26da:3225) |
15:04.53 | *** join/#utah tiwula (~lane@70.89.246.241-Busname-UT.hfc.comcastbusiness.net) |
15:25.38 | *** join/#utah josephscott (~josephsco@2601:602:9b00:1c15:d19b:4e39:2e61:97a) |
16:13.01 | *** join/#utah braxtron (~princessf@216.160.248.178) |
16:25.23 | *** join/#utah RuShan (~RuShan@38.sub-174-208-15.myvzw.com) |
16:44.20 | *** join/#utah aeryndunham (~quassel@170.250.131.39) |
17:13.36 | frostyfrog | Huh, I just noticed... |
17:15.03 | frostyfrog | Openwest's website says: Ticket sales for the conference start March 15, 2018. Please stay tuned for more information on when and where! |
17:15.47 | frostyfrog | I think it's just a little bit past March 15th. No new info, as far as I can tell. |
17:18.39 | *** join/#utah acuteXian (~sudo@ec2-34-212-251-55.us-west-2.compute.amazonaws.com) |
17:19.01 | acuteXian | o/ |
17:19.53 | jfindlay | does anyone here know what a "query plan" in SQL is? |
17:20.33 | BigBen212 | yup, it shows how your query is executed, which tables are touched, what the "cost" is. |
17:20.33 | acuteXian | now what i expected in #utah hahahz |
17:20.42 | acuteXian | not* |
17:20.43 | jfindlay | hm |
17:23.00 | BigBen212 | or just read about it here: https://en.wikipedia.org/wiki/Query_plan |
17:39.20 | jsmith | jfindlay: Which database? |
17:57.10 | jfindlay | jsmith: job screen question |
17:58.13 | jfindlay | frostyfrog: #openwest |
17:58.31 | frostyfrog | Aah... |
17:58.35 | frostyfrog | joins the channel |
18:22.54 | spangborn | lol brave hasn't even hit 1.0 and it's already getting a rewrite? |
18:23.43 | youtah | there's a joke about a little toaster in there somewhere |
18:24.10 | youtah | okay, so if you HAD to use WordPress, what defenses would you use? |
18:24.38 | spangborn | 2FA, fail2ban, disable xml-rpc |
18:24.44 | BigBen212 | "deny from all" :) |
18:24.46 | spangborn | or that |
18:24.47 | spangborn | lol |
18:25.00 | acuteXian | whats the overall purpose of this IRC? general utah discussion? |
18:25.26 | BigBen212 | I don't use wordpress, but if I go through the 404 in my logs, attempts to get into my non-existent Wordpress is all I see |
18:25.50 | BigBen212 | acuteXian: I'm still kinda new here, trying to figure that out too |
18:25.54 | spangborn | Strip any plugins/themes you're not using |
18:25.58 | spangborn | and keep that shiz up to date |
18:26.08 | BigBen212 | there's a lot about ham radio :) |
18:26.33 | youtah | acuteXian, it's been about 30 years, and we think we've figured it out. Most memes, puns and pictures of cats |
18:26.40 | acuteXian | haha dope |
18:26.49 | youtah | a lot of networking |
18:26.50 | BigBen212 | from all I know about wordpress: keep it up to date, and do not use any default passwords. |
18:26.54 | acuteXian | im happy to chill and meme with utah peeps |
18:26.56 | youtah | and a localized help forum |
18:27.02 | acuteXian | yeah and the tech talk doesn't surprise me |
18:27.12 | acuteXian | i was studying CS but im gonna drop out after this semester lol |
18:27.20 | youtah | I did that |
18:27.39 | youtah | got a degree instead in Cheerleaders |
18:27.45 | youtah | I mean... Communication |
18:27.47 | acuteXian | i work in a related field, but im just not set on a career of debugging or whatever lol |
18:27.49 | spangborn | I got a degree in beating youtah to the punch |
18:27.54 | BigBen212 | haha, youtah |
18:28.02 | spangborn | looks at his Mass Comm degree and CS minor |
18:28.04 | acuteXian | im leaaning more towards scrum/product management at this point |
18:28.09 | BigBen212 | I got my degree in Germany, it's cheaper :) |
18:28.11 | acuteXian | and i think being code savvy will still be super useful |
18:28.18 | youtah | looks at his barely Mass Comm degree with a minor in debt |
18:28.34 | spangborn | buys youtah a Toyota Tundra |
18:28.38 | BigBen212 | hah, exactly, youtah |
18:29.08 | BigBen212 | acuteXian: savvy in general is good |
18:29.11 | spangborn | Yeah but then you have to learn German |
18:29.18 | Migs | and that's a bad thing? |
18:29.22 | spangborn | Which is basically just shoving a bunch of words together |
18:29.33 | spangborn | into a single word |
18:29.34 | BigBen212 | hah, or you're German, finish your degree there and then move to Utah |
18:29.36 | Migs | and being angry all the time |
18:29.43 | youtah | I like to bring hotdogs to German cook outs |
18:29.49 | spangborn | Migs: And cheating on emissions tests |
18:30.13 | BigBen212 | spangborn: and if you're an exec with VW, get a massive bonus for cheating and not paying any penalties in Germany |
18:30.14 | youtah | yeah but we don't have to have emission tests anymore! Oh wait, nm, that's safety inspections. I think? |
18:30.20 | spangborn | lol exactly |
18:30.24 | spangborn | It's safety |
18:30.32 | spangborn | But VW got nailed in California and NY |
18:30.39 | spangborn | Who have the strictest emissions regulations in the country |
18:31.02 | youtah | Getting nailed in CA? I think there's a very popular industry that makes films doing that |
18:31.25 | BigBen212 | speaking of safety (and emissions), coming here for the first time, I got quite the shock about that rag somebody used for a gas cap on their car ... but they were from Montana |
18:31.26 | youtah | runs and hides |
18:32.40 | BigBen212 | youtah: Stormy Daniels ? Where was she nailed? |
18:32.55 | spangborn | Oh IHC is doing more shady shit eh |
18:32.58 | youtah | Tahoe |
18:33.04 | youtah | so I guess that's NV technically |
18:33.07 | spangborn | Outsourcing even more jobs to this company http://www.startribune.com/accretive-banned-from-minnesota-for-at-least-2-years-to-pay-2-5m/164313776/ |
18:33.33 | youtah | BigBen212, but REALLY close to CA. I think it was in the Incline Village side |
18:33.33 | spangborn | Who apparently got banned from operating in Minnesota for harassing patients for money in the ER, and lost 23.5K patient records on an unencrypted laptop |
18:33.55 | youtah | https://i.imgur.com/Mftqmli.gifv << how my day's going |
18:33.56 | BigBen212 | IHC is outsourcing all their IT stuff |
18:34.04 | BigBen212 | or almost |
18:34.31 | BigBen212 | hired on one of their developers here at my work just weeks ago |
18:34.40 | BigBen212 | are they doing more outsourcing than just IT ? |
18:34.43 | youtah | My dad and his entire department was let go |
18:34.59 | youtah | he was 3 months away from getting his Pension |
18:35.35 | acuteXian | most people in hehre utah natives? |
18:35.43 | spangborn | BigBen212: Yeah they just announced they're doing even more |
18:35.49 | acuteXian | whats the lds/non-lds ratio like |
18:36.05 | youtah | in the channel or in utah? |
18:36.13 | acuteXian | channel haha |
18:36.18 | spangborn | I'm not Mormon, I'm just a Moron |
18:36.38 | BigBen212 | acuteXian: not a native. Been here since 2005. |
18:36.39 | youtah | I dunno, if I were to guess 30/70? |
18:36.52 | youtah | maybe closer to 40/60? |
18:37.09 | youtah | It's a SWAG |
18:37.12 | acuteXian | sounds good |
18:37.26 | acuteXian | do we ever have heated discussions about church related topics? |
18:37.40 | BigBen212 | haven't seen one, but I've been here only a couple of weeks. |
18:37.48 | BigBen212 | (here, in this channel, I mean) |
18:38.13 | youtah | no, not really |
18:38.14 | BigBen212 | heated discussions about church related topics are only in the bars |
18:38.16 | BigBen212 | :) |
18:38.18 | spangborn | It's a topic that's generally avoided |
18:38.23 | spangborn | For the health of the channel |
18:38.34 | spangborn | Unless orrin hatch is involved, then it's game on |
18:38.39 | youtah | There is the ##lds channel but I think it's quite inactive |
18:38.41 | BigBen212 | hah |
18:38.41 | jfindlay | ~napoleon acuteXian |
18:38.41 | infobot | ACTION makes acuteXian his secret service captain |
18:39.00 | spangborn | youtah when he's told he has to go to work https://www.youtube.com/watch?v=i82528KGDdo |
18:39.26 | youtah | we're more concerned about how to salt our passwords and which random number generators we should be using |
18:39.35 | spangborn | I just use 4 |
18:39.39 | spangborn | It was randomly determined |
18:39.59 | youtah | spangborn, why were you recording me in my bathroom? |
18:41.17 | spangborn | pal you uploaded it to periscope |
18:41.35 | youtah | from your account |
18:42.23 | youtah | okay, so back to securing WP Sites |
18:42.31 | youtah | I have Fail2Ban installed |
18:43.09 | youtah | What WP Plugins have been "vetted" and recommended by the community |
18:43.11 | youtah | ? |
18:43.28 | jfindlay | youtah: are there f2b plugins designed specifically for WP? |
18:43.38 | youtah | yes |
18:43.48 | youtah | it appears rather new |
18:43.49 | youtah | https://wordpress.org/plugins/wp-fail2ban/ |
18:43.51 | spangborn | What webserver you using |
18:43.59 | youtah | hostmonster shared |
18:44.07 | spangborn | oh |
18:44.17 | spangborn | In that case, ignore everything I said because you'll get hacked anyway |
18:44.21 | jfindlay | lol |
18:44.23 | youtah | LOL |
18:44.59 | jfindlay | youtah: why shared hosting? |
18:45.08 | youtah | $ |
18:45.55 | youtah | https://wordpress.org/plugins/wordfence/ << interesting |
18:46.02 | spangborn | Wordfence is probably a good idea |
18:46.03 | jfindlay | I think it's funny with the serverless zeitgeist that we've gone from VMs all the way back to shared hosts |
18:46.06 | youtah | Found this one too |
18:46.07 | youtah | https://wordpress.org/plugins/limit-login-attempts/ |
18:46.12 | spangborn | Yes that one works too |
18:46.19 | spangborn | I use limit login attempts |
18:46.24 | spangborn | fail2ban isn't gonna work without access to iptables |
18:46.38 | jfindlay | ban2fail |
18:46.43 | youtah | I think I am going to dig into it and see how it works |
18:47.03 | spangborn | It's the same concept as fail2ban, but happens at the PHP level instead |
18:47.19 | spangborn | I also manually add IPs that are commonly in that list to an nginx-level deny |
18:49.47 | youtah | Last two... https://wordpress.org/plugins/loginizer/ and https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/ |
18:50.08 | youtah | is helping someone who has a site that is a non-profit |
18:50.47 | spangborn | google-authenticator is one I've used for 2FA |
18:50.55 | spangborn | It works for @bwjones well enough |
18:55.27 | youtah | https://thoughtcatalog.com/juliet-lanka/2018/03/70-roasting-jokes-to-burn-your-frenemies-when-the-middle-finger-wont-cut-it/ |
18:55.29 | youtah | OH MAN |
18:55.33 | youtah | some of these are BRUTAL |
18:55.46 | youtah | 67. Youâre not pretty enough to have such an ugly personality. |
18:56.09 | youtah | 5. Too bad you canât count jumping to conclusions and running your mouth as exercise. |
18:56.58 | spangborn | I'm on the husky youtube rabbit hole https://www.youtube.com/watch?v=wVMX9krRiHk |
18:57.32 | youtah | Did you see the Moon Moon one from Imgur yesterday? |
18:57.42 | BigBen212 | spangborn: do you have a husky or just like looking at them on Youtube ? |
18:57.52 | spangborn | I don't have a husky, I just like them |
18:57.58 | youtah | https://imgur.com/gallery/p6VtX |
18:58.02 | spangborn | I have an Aussie/Catahoula mix and a GSD/Border Collie mix |
18:58.05 | BigBen212 | yup, they're cool |
18:58.25 | spangborn | I've got a friend with two huskies and they're insnae |
18:58.27 | spangborn | *insane even |
18:58.53 | spangborn | Speaking of WP attacks |
18:58.59 | spangborn | I just clicked on a website that is hacked lol |
18:59.06 | youtah | bwjones just contact you? |
18:59.07 | youtah | oh |
18:59.12 | youtah | probably one of my websites |
18:59.12 | spangborn | It started shouting about porn |
18:59.26 | spangborn | and telling me my Microsoft Windows was broken |
18:59.29 | spangborn | even though I'm on a Mac |
18:59.36 | youtah | uhg |
18:59.46 | spangborn | Like actually shouting |
18:59.56 | youtah | This is partly why I leave Ad Block plus enabled |
18:59.57 | spangborn | Playing audio and scary looking popups |
19:00.01 | youtah | despite SLTribune |
19:00.02 | spangborn | Oh this was even with that enabled |
19:00.07 | BigBen212 | gotta run to a meeting now. See you all later. |
19:00.13 | spangborn | I think it's something in their theme/website |
19:01.43 | youtah | I think that's where most of the sites get hacked |
19:01.46 | youtah | is from loose themes |
19:01.52 | youtah | and plugins |
19:02.00 | spangborn | yep |
19:02.06 | spangborn | or non-updated themes/plugins |
19:02.06 | youtah | installs security plugins to protect plugins from being hacked |
19:02.22 | spangborn | The version of the theme they're running has a few XSS vulns |
19:02.23 | spangborn | lol |
19:02.44 | spangborn | oh and RCE |
19:02.47 | spangborn | lovely |
19:02.50 | youtah | at least they made it easy to reinstall core on WP now |
19:03.04 | spangborn | I remember having to fix Bryan's site when it got hacked |
19:03.08 | spangborn | what a nightmare |
19:03.59 | spangborn | Weird, I can't get the malicious JS to run again |
19:04.06 | spangborn | :( |
19:04.25 | youtah | that is what I was seeing |
19:04.29 | youtah | when his WP site got hacked |
19:04.32 | youtah | (who I am helping now) |
19:04.42 | youtah | except it was floormats they were selling, all in Japanese |
19:04.47 | spangborn | lol |
19:05.02 | spangborn | The Pharma hack was interesting |
19:05.02 | youtah | it had some randomizer |
19:05.09 | spangborn | Basically only showed the spam links to Googlebot |
19:05.13 | youtah | "There's no way a Pill can do THAT" |
19:05.57 | spangborn | The people who write these backdoors are pretty smart though |
19:06.20 | youtah | Dude |
19:06.33 | youtah | Like, way way way smart |
19:06.38 | youtah | super clever |
19:07.40 | spangborn | The one I cleaned had like 2-3 fallback backdoors |
19:07.47 | spangborn | I'd nuke one, and within a few minutes, it'd be back |
19:08.02 | spangborn | I ended up having to pull his box offline, clean everything, and then put it back up |
19:43.14 | jfindlay | they are smart or they found some good tools and techniques |
19:47.45 | youtah | why not both? |
20:35.40 | BigBen212 | speaking of WP: "[Wed Mar 28 22:35:05 2018] [error] [client 176.218.109.198] script '/home/bigben212/public_html/wp-login.php' not found or unable to stat |
20:43.14 | youtah | lol |
20:43.30 | BigBen212 | I get hundreds of those |
20:43.41 | BigBen212 | fully automated |
20:43.55 | BigBen212 | because the same IP within one second tries half a dozen |
20:45.59 | youtah | That is what we're seeing |
20:46.01 | youtah | and it's getting worse |
20:47.21 | BigBen212 | yup, good thing for me that they're running into problems with that attempt immediately because I don't even have WP, and all their standard URLs fail |
20:47.48 | BigBen212 | but it's one of those cases where the initial attack is so easy because it's so easy to script. |
20:48.30 | spangborn | You can also do clever things like rename the login file |
20:48.54 | youtah | I think one of the most important things we can do |
20:48.57 | BigBen212 | yup, that's one of the easier solutions and quick to do |
20:48.59 | youtah | is to uninstall WordPress |
20:49.02 | youtah | I mean, um.... |
20:49.09 | spangborn | rm -rf /var/www |
20:49.10 | youtah | jk, uninstall unused themes |
20:49.23 | BigBen212 | plus, if you always get to your WP admin page from the same URL, disallow all and allow only the one |
20:50.32 | BigBen212 | even if you allow a subnet, e.g. the pool for comcast here in the valley or whatever, you're going to cut back on a lot of attempts |
20:54.10 | BigBen212 | *"from the same IP", not URL |
21:14.38 | youtah | Okay |
21:14.44 | youtah | this WordFence plugin is SLICK |
21:14.53 | youtah | I am tempted to purchase the full version to support the devs |
21:15.46 | youtah | whoa |
21:15.50 | youtah | that's a steep price |
21:15.57 | youtah | I thought it would be something like $25 a year |
21:16.02 | youtah | but it's $100/yr starting |
21:39.26 | spangborn | yeah it's spendy |
21:59.46 | youtah | Oh man |
21:59.54 | youtah | one of the guys in support brought in his racing drone |
21:59.59 | youtah | he was just flying it |
22:00.03 | youtah | hitting ~80mph |
22:00.11 | youtah | that thing was SO FREAKING FAST |
22:41.14 | BigBen212 | drone envy ? |
22:41.22 | BigBen212 | it's a thing |