-
pink_zebra[m]
What do you think about the tether fraud? Will it drop the price of all cryptos?
-
mmxxx[m]
Tether got exposed again?
-
allthatis[m]
This looks promising
-
allthatis[m]
-
mmxxx[m]
nothing on telegram is 'promising'
-
mmxxx[m]
seems to attract the worst kind of people
-
mmxxx[m]
also not sure how this is good, long term - **_"aboveground.market aims to do this by maintaining a centralized infrastructure. No need to setup a store node"_**
-
Inge-
I'm guessing tether fud blows over. again.
-
kromgrul
nnedmoney90: Let me quote your hero. 'How do I ban FUK? AAAHHHH I don't remember. youtube.com/watch?v=mdLfkhxIH5Q Keep tryin' champion.
-
Guest71949
hello
-
sadfasdfsadfasd
how do i check how many incoming rpc connections i got on win10?
-
Lyza
<sadfasdfsadfasd> enter 0.0.0.0:18089/get_info in a browser, replace the ip address and port with whatever is appropriate for your setup
-
sadfasdfsadfasd
and look for what
-
Lyza
"rpc_connections_count"
-
Lyza
I think maybe that info is only avail on the unrestricted RPC interface though
-
sadfasdfsadfasd
it says 0
-
Lyza
^^
-
sadfasdfsadfasd
?
-
Lyza
it will say 0 unless you connect to the unrestricted RPC
-
sadfasdfsadfasd
how do i do that
-
Lyza
there might be a better way to get the RPC info, setting up unristricted RPC is a whole thing if it's not already configured
-
sadfasdfsadfasd
ahh i had different ip for unrestricted
-
sadfasdfsadfasd
thx for help, i have 1 connected atm
-
Lyza
the one connected is the browser that's grabbing the get_info
-
Lyza
so really it's 0. if you open a wallet you should see 2
-
sadfasdfsadfasd
i opened wallet gui it's still at 1, cba to create a new wallet
-
sadfasdfsadfasd
why im not getting any more incoming rpc connections?
-
silverdragon[m]
Your firewall might have the ports blocked
-
sadfasdfsadfasd
why would it, i'm getting p2p connections just fine
-
Lyza
you would ahve to have an actual wallet open to connect. as for not having more, I actually don't either, even though I have ports open and the --public-node flag set *shrug
-
sadfasdfsadfasd
same
-
sadfasdfsadfasd
also wtf was that on christmas eve, monerod started using 100% of my cpu, probably because of RPC open ports
-
Lyza
I think the GUI simple mode connects to other nodes through the p2p port of other nodes instead of using RPC directly, might have something to do with it. when I do sync_info I have a number of peers at block 1 which I believe are simple node users / users running monerod with --no-sync
-
Lyza
christmas eve attack on the network, brought down lots of nodes. zero day kinda deal
-
sadfasdfsadfasd
i know about the attack, but running RPC is unsafe af, probably better now after updates
-
Lyza
yeah it indeed related to RPC
-
sadfasdfsadfasd
silverdragon[m] maybe my windows firewall is blocking the 18081 port?
-
Lyza
try connecting to it from your external IP
-
Lyza
actually wait
-
Lyza
you do not want toopen 18081 (unristricted RPC) to the outside
-
Lyza
only restricted / 18089
-
sadfasdfsadfasd
i have my restriced as 18081
-
Lyza
ok
-
Lyza
just checking :D
-
sadfasdfsadfasd
wdym connect from my external ip
-
anicow
moo.!
-
anicow
youtu.be/kgeS4KzVS5c this, is good stuff. well done fluffypony
-
anicow
always wear a mask!
-
anicow
you guys, listen to that guy he knows what hes talking about
-
» anicow idles
-
IPFreely
Don't wear a mask. It's your sign of submission and satanistic ritual,
-
azy
sounds reasonable
-
IPFreely
Truth is always reasonable.
-
azy
is that true
-
IPFreely
Nowadays truth is fluid, just like gender for example...
-
anicow
lol
-
anicow
wear a mask or stay AWAY FROM ME AND MEY FAMILY
-
IPFreely
Nonetheless knowledge is factual. You can read history books and hopefully learn something about the world.
-
IPFreely
anicow: Because my breathing oxygen somehow endangers your safety.
-
anicow
no, the virus does, spreading it. what are you 12???
-
IPFreely
Cool story.
-
IPFreely
Do you believe anything your TV tells you?
-
anicow
i dont watch cable.
-
anicow
so...no?
-
moneromooo
Stop spamming please.
-
anicow
or... yea?
-
endor00[m]
I always find it funny when people say "read a history book", but they never specify __which part__
-
IPFreely
The part about vaccines being ineffective. ;)
-
anicow
moneromooo: whenever i come here you seem to saw somthing about spam, am i the spammm??!
-
binaryFate
you tell us :)
-
anicow
:( no... i am not the spam
-
anicow
i literally posted a video with fluffypony hes like a monero person
-
anicow
how is that spam?
-
binaryFate
didn't say it was
-
anicow
ah , ok ok . i am not the spam
-
» anicow exhales
-
» anicow becomes one with everyting
-
anicow
i am not the spam
-
» IPFreely exhales and medidates on not being a walking disease to humanity.
-
IPFreely
I am not the disease.
-
anicow
the rest of these flashy social media sites are ok...
-
anicow
irc gets stuff done though
-
anicow
discord is nice
-
anicow
i hope im not too dumb to learn rust
-
anicow
it sounds old... maybe im old enough
-
» anicow runs the kids off the lawn.
-
h2017
.trex
-
h2017
sorry wrong chan
-
anicow
hey h20, get off my lawn
-
anicow
:D
-
anicow
life is about sounding sensual 100% of the time
-
anicow
well 95%
-
Mochi102
Monero is love
-
anicow
<3
-
anicow
monero is life
-
monerouser1144
Hi all, I noticed that SS completely changed his guide for running a public node to use Docker
sethsimmons.me/guides/run-a-monero-node I find Docker sub-optimal for this purpose (particularly for running high-performance nodes on dedi servers). I was thinking that a template setup using systemd, iptables+ipset, tor, and some monitoring
-
monerouser1144
like zabbix would be best. Thoughts?
-
monerouser1144
Maybe there was a discussion about it that I missed ...
-
selsta
-
sethsimmons
The performance difference between Docker and systemd would be negligible if even existent.
-
sethsimmons
Honestly if you want to setup a script to do all of the things you mentioned it would be far easier and more advisable to just use Docker Compose, setting up each of those components and linking them together manually will be a nightmare.
-
selsta
sethsimmons: did you test docker vs without sync time?
-
sethsimmons
Systemd is still a good method and advisable for those more worried about trusting Docked Hub etc, but IMO its fine for almost everydayones thread models.
-
sethsimmons
* Systemd is still a good method and advisable for those more worried about trusting Docked Hub etc, but IMO its fine for almost everyones threat models.
-
sethsimmons
<selsta "sethsimmons: did you test docker"> Not directly but I did multiple syncs from scratch recently over docker and it was about what I'd expect
-
sethsimmons
There was certainly no noticeable difference between systemd and Docker runs on the same host.
-
sethsimmons
I think people incorrectly conflate Docker with running in a VM, which isn't a good comparison for performance.
-
sethsimmons
Docker essentially runs on the underlying OS using the same kernel but different namespaces to isolate.
-
anicow
hm
-
sethsimmons
<monerouser1144 "like zabbix would be best. Thoug"> I personally use Zabbix to monitor my own but the setup is far too much for normal people.
-
monerouser1144
Seth, I haven't tested it, but I know that Docker creates several more "layers" (e.g. using OverlayFS), not sure about networking (I seem to remember a significant penalty if using NAT)
-
monerouser1144
So if I rent a Hetzner dedi to be used as a public node to maximize contribution to the network, I am inclined to think that a conventional setup would be best. But I'm open to other opinions (or even better actual results).
-
sethsimmons
If you're running on the same underlying kernel (Linux container on Linux) Docker will use the native FS via a driver if at all possible.
-
sethsimmons
I'll do an IBD comparison to test today, though.
-
sethsimmons
<monerouser1144 "So if I rent a Hetzner dedi to b"> My goal here is not the highest performance possible, its an approachable and low-maintenance way for people to run a contributing node.
-
monerouser1144
I should note that my knowledge of Docker is 3-4 years old, which in this space is an eternity ...
-
sethsimmons
Even if I was losing 10% total performance that is well worth it if we get 10% more nodes.
-
monerouser1144
Seth, I want a Hetzner dedi that will have 1000+ peers and saturate the 1Gbps offered.
hetzner.com/dedicated-rootserver/matrix-ax
-
monerouser1144
I mean at a cost of 40-50eur/mo per dedi, the community could spin up 100s. And maybe put HAproxy on VPS in front of the RPC port to get even more (no disk requirement).
-
sethsimmons
HAProxy doesn't help for individual nodes, and no average user will be able to configure an actual load-balanced cluster.
-
sethsimmons
<monerouser1144 "Seth, I want a Hetzner dedi that"> I've had high performance nodes up for a long time, no way to force your way to a massive peer count and bandwidth usage.
-
monerouser1144
haproxy in front of the rpc port. Back in Sep-2020 before setting up my own mode, I tried to use wallet-cli with the public nodes and had a lot of issues (and I'm pretty technical).
-
sethsimmons
<monerouser1144 "haproxy in front of the rpc port"> How does that help if you only run one node?
-
sethsimmons
Most user's are not running HA clusters of nodes with public RPC, most users are running at home or on a VPS with little technical know-how.
-
sethsimmons
That's why stable/simple/low-maintenance nodes are far more important IMO
-
sethsimmons
*far more nodes are far more important than a few HA clusters in DCs.
-
sethsimmons
I'm kicking off a Docker vs Systemd test right now on identical hardware, will report back in a few hours.
-
monerouser1144
Well, haproxy might help to resist against a possible resource-exhaustion / DDoS attack in the future.
-
monerouser1144
My opinion is that running monerod from home is not a good idea, due to security as well as performance and 24/7
-
monerouser1144
So it's either many small VPSes (which have "accepable use" limits) or fewer larger dedis with much higher numbers. And then maybe use haproxy in front of the dedis proactively.
-
sethsimmons
<monerouser1144 "My opinion is that running moner"> I don't see any reason we should dissuade people from running public nodes from home. It's a tiny attack surface and makes Monero far more resilient than promoting VPS usage in a few DCs/countries.
-
moneromooo
The most secure is not to run a node at all.
-
moneromooo
In fact, no computer.
-
sethsimmons
<monerouser1144 "So it's either many small VPSes "> You don't need HAProxy if you're just wanting to use it for a reverse proxy/protection mechanism. Just deply nginx with some simple rules and call it a day.
-
sethsimmons
HAProxy is for load-balancing
-
sethsimmons
*primarily.
-
sethsimmons
<moneromooo "In fact, no computer."> Quite true :D
-
moneromooo
I've been running a node on my laptop for years fwiw. Annoying sometimes when I rnu a lot of memory hungry VMs but otherwise no trouble.
-
mmxxx[m]
i run nodes on laptops
-
mmxxx[m]
no issues so far
-
nioc
from wat I hear from people that have done it for a public node serving as a remote node is to get a dedi with 128GB of ram so that the blockchain is stored in ram for which enables the fastest service possible for the wallets
-
nioc
I priced hetzner for this and the price was reasonable for what you get
-
lza_menace
wut, i want to do that
-
monerouser1144
I wouldn't run a public node from my laptop or PC at home. Over the years there have been many exploits. Why risk it?
-
nioc
!tip lza_menace 128GB RAM
-
sethsimmons
There have been no exploits that grant access or priv escalation
-
sethsimmons
OOM or DoS are not a big deal.
-
lza_menace
i don't think anything serious to not warrant running locally....no rce
-
moneromooo
Exploits on monero RPC ?
-
lza_menace
oi, thonks nioc
-
sethsimmons
Honestly as someone who works in infosec I don't want people scared off of running a node because of some vague boogirman.
-
nioc
np son
-
sethsimmons
<moneromooo "Exploits on monero RPC ?"> None that I know of before this DoS/OOM attack
-
moneromooo
I guess it depends what you call exploit then. Fair enough.
-
moneromooo
People should run their own node anyway.
-
sethsimmons
<nioc "from wat I hear from people that"> I would be curious to see performance numbers on this vs a smaller RAM amount for actual wallet usage, as I would suspect most users are just accessing recent blocks for most syncs, which would be stored in RAM first anyways even on smaller RAM hosts.
-
sethsimmons
<moneromooo "People should run their own node"> Absolutely, and wherever they can handle it.
-
nioc
sethsimmons: see ginger, he may have some numbers for you
-
sethsimmons
Sweet, thanks.
-
monerouser1144
I'm not talking about monerod, but of commonly used internet software like bind or exim
bleepingcomputer.com/news/security/…iting-critical-exim-flaw-since-2019
-
moneromooo
6, 53 and 26.
-
sethsimmons
<monerouser1144 "I'm not talking about monerod, b"> No one is recommending people expose more than p2p/RPC to the internet, and that doesn't allow for any priv escalation etc. to date.
-
moneromooo
I assume you're not trying to claim running a monero node needs exim. So... what are you trying to claim ?
-
sethsimmons
Just because there are exploits for some services doesn't mean you should never run things at home.
-
moneromooo
Just that "it's software, and therefore shit" ? :D
-
monerouser1144
I mean that in the future there might be an exploit against monerod
-
sethsimmons
There could be, and if there was a 0-day no one would use it against someone's house -- they'd use it against VPS instances to get some real value.
-
monerouser1144
Seems perfectly reasonable imho, considering the complexity.
-
sethsimmons
The threat model just doesn't warrant scaring people out of running nodes at home.
-
sethsimmons
Off topic but Hetzner takes so long to deploy :'(
-
sethsimmons
JUST GIVE ME MY DAMN SERVERS ALREADY
-
monerouser1144
I don't think this is a negligible risk, that's why I wouldn't run a public node from home.
-
sethsimmons
I would explicitly define it as negligible :P
-
sethsimmons
But to each their own.
-
monerouser1144
-
sethsimmons
<sethsimmons "Off topic but Hetzner takes so l"> Oh they don't deploy on weekends
-
sethsimmons
Weird
-
fade_
hello im looking at the official getmonero wallets and i saw the the cli wallet mentions being able to route transactions thru tor wondering if this option is not there for the gui wallet
-
moneromooo
It's a node thing, so the GUI wallet will use it.
-
fade_
automatically?
-
moneromooo
Yes.