Perl 6 - the future is here, just unevenly distributed

IRC log for #crimsonfu, 2014-10-21

crimsonfu - sysadmins who code

| Channels | #crimsonfu index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
05:31 lguillaume joined #crimsonfu
05:34 lguillaume left #crimsonfu
06:48 Hien joined #crimsonfu
11:37 marcoceppi joined #crimsonfu
11:37 larsks joined #crimsonfu
11:37 larsks joined #crimsonfu
11:37 marcoceppi joined #crimsonfu
13:08 lguillaume joined #crimsonfu
13:20 lguillaume1 joined #crimsonfu
13:20 hydrajump anyone have experience with IDS/IPS on AWS? And/or WAF such as incapsula http://incapsula.com? /cc codex
13:25 lguillaume pdurbin: I stopped using kde years ago. I'm sure it's even more bloated now! Now (when I need X) I just use twm or xfce if I want a desktop.
13:27 lguillaume1 left #crimsonfu
13:27 pdurbin lguillaume: wow! you even had your wife on KDE for a while! (the poor thing)
13:28 lguillaume Yeah - she has a Mac now :)
13:29 pdurbin good for her. but you're still on netbsd?
13:30 lguillaume Servers are all netbsd. Rock solid. Easy to upgrade and pkgsrc works the same on my macs as it does on netbsd
13:30 pdurbin ah. for mac I use homebrew
13:30 lguillaume I've always had a mac for work.
13:31 lguillaume Never needed to jump on that bandwagon
13:32 pdurbin there's a guy from oftc/#ikiwiki who's really into pkgsrc
13:35 pdurbin this guy: https://github.com/schmonz/pkgsrc-ikiwiki
13:37 lguillaume I don't know why it's not more popular
13:39 pdurbin searchbot: lucky xkcd standards
13:39 searchbot pdurbin: http://xkcd.com/927/
13:42 pdurbin that could be why
13:42 lguillaume Indeed
13:46 pdurbin hydrajump: nope, but semiosis uses a lot of AWS. Oh, and (unrelated) check this out: https://t37.net/is-docker-ready-for-production-feedbacks-of-a-2-weeks-hands-on.html
13:55 codex hydrajump: we are just getting into that at work -- not yet though
13:55 codex going to start poking at incapsula soon
13:58 lguillaume left #crimsonfu
15:13 hydrajump codex: same here. I'm investigating what we can do from using 3rd party SaaS such as incapsula to what we can do within our AWS VPC which is running (will be) CoreOS and DOcker.
15:15 pdurbin wow. coreos. fancy
15:16 hydrajump Due to the way CoreOS is built, e/g. read-only, no package managers. Installing HIDS won't work. I think that our security efforts will be securing our node apps in terms of secure coding practices, making sure all communication is using SSL internally as well as externally.
15:17 lguillaume joined #crimsonfu
15:18 hydrajump Using something such as Incapsula will hopefully go quite a long way. I don't know what can be done in terms of the Docker containers. Each container should ideally run one process. We discussed iptables a few weeks ago. I haven't looked into how that works in Docker containers.
15:18 hydrajump I don't know whether running a Suricata container behind our ELBs is something to consider. Never used it myself.
15:20 hydrajump codex: if you can...can you share what types of things you are looking at besides incapsula? What are your thoughts on what I've described?
15:21 hydrajump pdurbin: hehe it's what I see most companies going towards at least startups and companies who understand the benefits.
15:22 pdurbin hydrajump: this is even fancier: Mirage OS - http://www.openmirage.org
15:22 codex hydrajump: i am not involved in this, but I think i will be soon -- i'll let you know what we research
15:22 codex we were looking at "cloud ids" and also a waf -- and incapsula looks to be putting the two together
15:23 codex hydrajump: that said, a whole bunch of my co-workers use vyatta (now brocade) for the IDS/cloud firewall
15:33 chasmo77 joined #crimsonfu
15:44 semiosis hydrajump: nidps or hidps?  i have used ModSecurity in AWS, but that's no different from using it anywhere else
16:12 semiosis pdurbin: http://www.infoworld.com/article/2835160/java/robovm-enables-java-to-ios.html
16:13 pdurbin meh. ios
16:14 * pdurbin remembers Cisco IOS
16:18 hydrajump codex: ay yeah Vyatta I'm familiar with. Incapsula looks like it is doing a lot of layer 7 web application specific filtering which is probably what a web focused company needs in terms of protection
16:19 codex hydrajump, semiosis: https://awsmedia.s3.amazonaws.com/SEC402.pdf
16:20 codex not sure if helpful - haven't had time to read yet, but only "stuff" on IDS in Aws
16:20 hydrajump codex: yeah I watched that presentation and downloaded the secaudit.json Role Policy and the SecConfig.py script
16:20 hydrajump Very good presentation covering the AWS parts.
16:21 hydrajump codex: (http://www.youtube.com/watch?v=aGfKCmnmh5g)
16:21 hydrajump Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013 ^^
16:22 hydrajump codex: what do you use today to centralise logs? ELK?
16:22 semiosis great stuff!
16:22 semiosis thx for these links
16:22 codex thanks
16:22 codex hydrajump: splunk
16:22 hydrajump codex: ok
16:23 hydrajump semiosis: yeah really good presentation!
17:04 rruma1 left #crimsonfu
19:57 semiosis pdurbin: icymi, ubuntu utopic unicorn final release is this thursday!
19:57 semiosis https://wiki.ubuntu.com/UtopicUnicorn/ReleaseSchedule
20:05 lguillaume Just curious - why Ubuntu and not just Debian?
20:29 pdurbin yeah, I should try Debian, I guess. I dunno. strength in numbers or something
20:30 pdurbin semiosis: yeah, saw that. has java 8, which is nice
20:38 semiosis lguillaume: or slackware for that matter?!
21:03 semiosis lguillaume: but seriously, ubuntu is pretty far ahead of debian.  if you're using modern x86 hardware, it's great.  if you're on a raspberry pi or some other strange thing, then there's probably a debian build for it
22:20 pdurbin netbsd runs on everything
22:28 lguillaume :) even on my SE 30
22:29 pdurbin oh man, the tinky wars
22:29 lguillaume I still got mine. Does that mean I win ?
22:29 pdurbin it does :)
22:30 lguillaume hehe. I mean a rpi is quite "tinky"
22:31 pdurbin haven't played with one yet
22:31 lguillaume nor I
22:31 lguillaume I have my firewalls running on Soekris boxes
22:31 lguillaume not quite as small or powerful, but very good hardware
22:32 pdurbin oh yeah. I don't have any servers at home anymore. the server on a lamp timer is long gone
22:33 lguillaume I know - I'm a glutton for punishment and high electric bills
22:36 pdurbin I bet that Soekris box is pretty low power
22:36 lguillaume That's not the culprit :)
22:37 lguillaume I think it's the media server and the Xen host with all the websites and the mail server
22:41 pdurbin lguillaume: speaking of Xen, I'm curious if you've heard of http://www.openmirage.org
22:43 lguillaume huh - interesting.
22:44 pdurbin yeah, Xen... not Linux... perfect for you :)
22:44 pdurbin dunno how you feel about OCaml though ;)
22:45 lguillaume Or what I'd do with just a kernel!
22:46 pdurbin their website is hosted on it... so you can run a web app
22:47 pdurbin it's all open source: https://github.com/mirage
22:48 lguillaume great idea and use of Xen
22:48 pdurbin this one is their website: https://github.com/mirage/mirage-www
22:49 lguillaume Do you guys use EC2 for a lot of stuff?
22:49 pdurbin 65% javascript, 20% ocaml
22:49 pdurbin I don't. semiosis does
22:49 lguillaume I wonder how hard it is to port a DOMU running on a NetBSD DOM0 to EC2
22:50 pdurbin why port the domu? let amazon be the domu :)
22:52 lguillaume well - say I have a running system. I want to just drop it in as an image of some sort on their DOM0 (or whatever they call that)
22:58 pdurbin maybe there's a tool to convert your Xen images into AMIs (the images that run on Amazon)
23:12 semiosis lguillaume: afaik there are not different linux kernels for different xen dom0, the same should work on all
23:13 semiosis lguillaume: there is one catch, which is the bootloader.  i remember when ubuntu switched to pv-grub, which allowed for simple kernel upgrades without having to build a new image
23:15 semiosis if you have a pv-grub kernel in the AMI then you should be able to boot the kernel from the root device
23:15 semiosis whatever it is
23:16 * semiosis afk

| Channels | #crimsonfu index | Today | | Search | Google Search | Plain-Text | summary

crimsonfu - sysadmins who code