10:02:07 <pink_zebra[m]> What do you think about the tether fraud? Will it drop the price of all cryptos?
10:33:48 <mmxxx[m]> Tether got exposed again?
11:28:27 <allthatis[m]> This looks promising
11:28:27 <allthatis[m]> https://aboveground.market/shining-light-on-black-markets/
11:29:40 <mmxxx[m]> nothing on telegram is 'promising'
11:29:47 <mmxxx[m]> seems to attract the worst kind of people
11:30:59 <mmxxx[m]> also not sure how this is good, long term - **_"aboveground.market aims to do this by maintaining a centralized infrastructure. No need to setup a store node"_**
11:54:44 <Inge-> I'm guessing tether fud blows over. again.
11:58:01 <kromgrul> nnedmoney90: Let me quote your hero. 'How do I ban FUK? AAAHHHH I don't remember. youtube.com/watch?v=mdLfkhxIH5Q Keep tryin' champion.
12:13:32 <Guest71949> hello
14:36:48 <sadfasdfsadfasd> how do i check how many incoming rpc connections i got on win10?
15:38:02 <Lyza> <sadfasdfsadfasd> enter 0.0.0.0:18089/get_info in a browser, replace the ip address and port with whatever is appropriate for your setup
15:39:28 <sadfasdfsadfasd> and look for what
15:40:14 <Lyza> "rpc_connections_count"
15:41:18 <Lyza> I think maybe that info is only avail on the unrestricted RPC interface though
15:41:26 <sadfasdfsadfasd> it says 0
15:41:34 <Lyza> ^^
15:41:45 <sadfasdfsadfasd> ?
15:42:03 <Lyza> it will say 0 unless you connect to the unrestricted RPC
15:42:16 <sadfasdfsadfasd> how do i do that
15:43:35 <Lyza> there might be a better way to get the RPC info, setting up unristricted RPC is a whole thing if it's not already configured
15:44:38 <sadfasdfsadfasd> ahh i had different ip for unrestricted
15:44:49 <sadfasdfsadfasd> thx for help, i have 1 connected atm
15:45:02 <Lyza> the one connected is the browser that's grabbing the get_info
15:45:17 <Lyza> so really it's 0. if you open a wallet you should see 2
15:47:17 <sadfasdfsadfasd> i opened wallet gui it's still at 1, cba to create a new wallet
15:47:36 <sadfasdfsadfasd> why im not getting any more incoming rpc connections?
15:48:01 <silverdragon[m]> Your firewall might have the ports blocked
15:48:21 <sadfasdfsadfasd> why would it, i'm getting p2p connections just fine
15:48:33 <Lyza> you would ahve to have an actual wallet open to connect. as for not having more, I actually don't either, even though I have ports open and the --public-node flag set *shrug
15:49:05 <sadfasdfsadfasd> same
15:49:42 <sadfasdfsadfasd> also wtf was that on christmas eve, monerod started using 100% of my cpu, probably because of RPC open ports
15:50:25 <Lyza> I think the GUI simple mode connects to other nodes through the p2p port of other nodes instead of using RPC directly, might have something to do with it. when I do sync_info I have a number of peers at block 1 which I believe are simple node users / users running monerod with --no-sync
15:50:48 <Lyza> christmas eve attack on the network, brought down lots of nodes. zero day kinda deal
15:51:13 <sadfasdfsadfasd> i know about the attack, but running RPC is unsafe af, probably better now after updates
15:51:48 <Lyza> yeah it indeed related to RPC
15:55:05 <sadfasdfsadfasd> silverdragon[m] maybe my windows firewall is blocking  the 18081 port?
15:56:35 <Lyza> try connecting to it from your external IP
15:56:38 <Lyza> actually wait
15:56:51 <Lyza> you do not want toopen 18081 (unristricted RPC) to the outside
15:56:59 <Lyza> only restricted / 18089
15:57:04 <sadfasdfsadfasd> i have my restriced as 18081
15:57:08 <Lyza> ok
15:57:17 <Lyza> just checking :D
15:57:28 <sadfasdfsadfasd> wdym connect from my external ip
16:29:42 <anicow> moo.!
16:29:59 <anicow> https://youtu.be/kgeS4KzVS5c this, is good stuff. well done fluffypony
16:30:12 <anicow> always wear a mask!
16:30:46 <anicow> you guys, listen to that guy he knows what hes talking about
16:30:48 * anicow idles
16:39:41 <IPFreely> Don't wear a mask. It's your sign of submission and satanistic ritual,
16:40:11 <azy> sounds reasonable
16:40:30 <IPFreely> Truth is always reasonable.
16:41:21 <azy> is that true
16:42:07 <IPFreely> Nowadays truth is fluid, just like gender for example...
16:42:12 <anicow> lol
16:42:18 <anicow> wear a mask or stay AWAY FROM ME AND MEY FAMILY
16:42:29 <IPFreely> Nonetheless knowledge is factual. You can read history books and hopefully learn something about the world.
16:43:31 <IPFreely> anicow: Because my breathing oxygen somehow endangers your safety.
16:43:43 <anicow>  no, the virus does, spreading it. what are you 12???
16:43:51 <IPFreely> Cool story.
16:44:00 <IPFreely> Do you believe anything your TV tells you?
16:44:12 <anicow> i dont watch cable.
16:44:15 <anicow> so...no?
16:44:20 <moneromooo> Stop spamming please.
16:44:21 <anicow> or... yea?
16:45:43 <endor00[m]> I always find it funny when people say "read a history book", but they never specify __which part__
16:47:20 <IPFreely> The part about vaccines being ineffective. ;)
16:47:26 <anicow> moneromooo: whenever i come here you seem to saw somthing about spam, am i the spammm??!
16:47:43 <binaryFate> you tell us :)
16:47:53 <anicow>    :( no... i am not the spam
16:48:12 <anicow> i literally posted a video with fluffypony hes like a monero person
16:48:15 <anicow> how is that spam?
16:48:34 <binaryFate> didn't say it was
16:48:50 <anicow> ah , ok ok . i am not the spam
16:49:34 * anicow exhales
16:49:45 * anicow becomes one with everyting
16:49:46 <anicow> i am not the spam
16:50:24 * IPFreely exhales and medidates on not being a walking disease to humanity.
16:50:38 <IPFreely> I am not the disease.
16:52:33 <anicow> the rest of these flashy social media sites are ok...
16:52:53 <anicow>  irc gets stuff done though
16:52:55 <anicow> discord is nice
17:14:37 <anicow> i hope im not too dumb to learn rust
17:14:47 <anicow> it sounds old... maybe im old enough
17:16:28 * anicow runs the kids off the lawn.
17:17:55 <h2017> .trex
17:18:11 <h2017> sorry wrong chan
17:19:55 <anicow> hey h20, get off my lawn
17:20:07 <anicow> :D
17:48:33 <anicow> life is about sounding sensual 100% of the time
17:48:58 <anicow> well 95%
17:50:29 <Mochi102> Monero is love
17:55:27 <anicow> <3
18:38:46 <anicow> monero is life
19:32:01 <monerouser1144> Hi all, I noticed that SS completely changed his guide for running a public node to use Docker https://sethsimmons.me/guides/run-a-monero-node/ I find Docker sub-optimal for this purpose (particularly for running high-performance nodes on dedi servers). I was thinking that a template setup using systemd, iptables+ipset, tor, and some monitoring
19:32:01 <monerouser1144> like zabbix would be best. Thoughts?
19:32:39 <monerouser1144> Maybe there was a discussion about it that I missed ...
19:43:37 <selsta> monerouser1144: did you see https://sethsimmons.me/guides/run-a-monero-node-advanced/ ?
19:55:36 <sethsimmons> The performance difference between Docker and systemd would be negligible if even existent.
19:56:19 <sethsimmons> Honestly if you want to setup a script to do all of the things you mentioned it would be far easier and more advisable to just use Docker Compose, setting up each of those components and linking them together manually will be a nightmare.
19:56:41 <selsta> sethsimmons: did you test docker vs without sync time?
19:56:49 <sethsimmons> Systemd is still a good method and advisable for those more worried about trusting Docked Hub etc, but IMO its fine for almost everydayones thread models.
19:57:05 <sethsimmons> * Systemd is still a good method and advisable for those more worried about trusting Docked Hub etc, but IMO its fine for almost everyones threat models.
19:57:28 <sethsimmons> <selsta "sethsimmons: did you test docker"> Not directly but I did multiple syncs from scratch recently over docker and it was about what I'd expect
19:57:52 <sethsimmons> There was certainly no noticeable difference between systemd and Docker runs on the same host.
19:58:47 <sethsimmons> I think people incorrectly conflate Docker with running in a VM, which isn't a good comparison for performance.
19:58:47 <sethsimmons> Docker essentially runs on the underlying OS using the same kernel but different namespaces to isolate.
20:03:59 <anicow> hm
20:05:34 <sethsimmons> <monerouser1144 "like zabbix would be best. Thoug"> I personally use Zabbix to monitor my own but the setup is far too much for normal people.
20:05:43 <monerouser1144> Seth, I haven't tested it, but I know that Docker creates several more "layers" (e.g. using OverlayFS), not sure about networking (I seem to remember a significant penalty if using NAT)
20:07:36 <monerouser1144> So if I rent a Hetzner dedi to be used as a public node to maximize contribution to the network, I am inclined to think that a conventional setup would be best. But I'm open to other opinions (or even better actual results).
20:08:43 <sethsimmons> If you're running on the same underlying kernel (Linux container on Linux) Docker will use the native FS via a driver if at all possible.
20:08:43 <sethsimmons> I'll do an IBD comparison to test today, though.
20:09:32 <sethsimmons> <monerouser1144 "So if I rent a Hetzner dedi to b"> My goal here is not the highest performance possible, its an approachable and low-maintenance way for people to run a contributing node.
20:09:42 <monerouser1144> I should note that my knowledge of Docker is 3-4 years old, which in this space is an eternity ...
20:10:01 <sethsimmons> Even if I was losing 10% total performance that is well worth it if we get 10% more nodes.
20:14:21 <monerouser1144> Seth, I want a Hetzner dedi that will have 1000+ peers and saturate the 1Gbps offered. https://www.hetzner.com/dedicated-rootserver/matrix-ax
20:17:07 <monerouser1144> I mean at a cost of 40-50eur/mo per dedi, the community could spin up 100s. And maybe put HAproxy on VPS in front of the RPC port to get even more (no disk requirement).
20:17:50 <sethsimmons> HAProxy doesn't help for individual nodes, and no average user will be able to configure an actual load-balanced cluster.
20:18:10 <sethsimmons> <monerouser1144 "Seth, I want a Hetzner dedi that"> I've had high performance nodes up for a long time, no way to force your way to a massive peer count and bandwidth usage.
20:20:52 <monerouser1144> haproxy in front of the rpc port. Back in Sep-2020 before setting up my own mode, I tried to use wallet-cli with the public nodes and had a lot of issues (and I'm pretty technical).
20:21:24 <sethsimmons> <monerouser1144 "haproxy in front of the rpc port"> How does that help if you only run one node?
20:21:47 <sethsimmons> Most user's are not running HA clusters of nodes with public RPC, most users are running at home or on a VPS with little technical know-how.
20:21:58 <sethsimmons> That's why stable/simple/low-maintenance nodes are far more important IMO
20:22:14 <sethsimmons> *far more nodes are far more important than a few HA clusters in DCs.
20:23:01 <sethsimmons> I'm kicking off a Docker vs Systemd test right now on identical hardware, will report back in a few hours.
20:23:30 <monerouser1144> Well, haproxy might help to resist against a possible resource-exhaustion / DDoS attack in the future.
20:26:03 <monerouser1144> My opinion is that running monerod from home is not a good idea, due to security as well as performance and 24/7
20:28:30 <monerouser1144> So it's either many small VPSes (which have "accepable use" limits) or fewer larger dedis with much higher numbers. And then maybe use haproxy in front of the dedis proactively.
20:29:50 <sethsimmons> <monerouser1144 "My opinion is that running moner"> I don't see any reason we should dissuade people from running public nodes from home. It's a tiny attack surface and makes Monero far more resilient than promoting VPS usage in a few DCs/countries.
20:30:17 <moneromooo> The most secure is not to run a node at all.
20:30:24 <moneromooo> In fact, no computer.
20:30:25 <sethsimmons> <monerouser1144 "So it's either many small VPSes "> You don't need HAProxy if you're just wanting to use it for a reverse proxy/protection mechanism. Just deply nginx with some simple rules and call it a day.
20:30:28 <sethsimmons> HAProxy is for load-balancing
20:30:32 <sethsimmons> *primarily.
20:30:42 <sethsimmons> <moneromooo "In fact, no computer."> Quite true :D
20:31:23 <moneromooo> I've been running a node on my laptop for years fwiw. Annoying sometimes when I rnu a lot of memory hungry VMs but otherwise no trouble.
20:32:18 <mmxxx[m]> i run nodes on laptops
20:32:21 <mmxxx[m]> no issues so far
20:34:49 <nioc> from wat I hear from people that have done it for a public node serving as a remote node is to get a dedi with 128GB of ram so that the blockchain is stored in ram for which enables the fastest service possible for the wallets
20:35:38 <nioc> I priced hetzner for this and the price was reasonable for what you get
20:36:08 <lza_menace> wut, i want to do that
20:36:12 <monerouser1144> I wouldn't run a public node from my laptop or PC at home. Over the years there have been many exploits. Why risk it?
20:36:29 <nioc> !tip lza_menace 128GB RAM
20:36:33 <sethsimmons> There have been no exploits that grant access or priv escalation
20:36:40 <sethsimmons> OOM or DoS are not a big deal.
20:36:46 <lza_menace> i don't think anything serious to not warrant running locally....no rce
20:37:01 <moneromooo> Exploits on monero RPC ?
20:37:06 <lza_menace> oi, thonks nioc
20:37:13 <sethsimmons> Honestly as someone who works in infosec I don't want people scared off of running a node because of some vague boogirman.
20:37:15 <nioc> np son
20:37:33 <sethsimmons> <moneromooo "Exploits on monero RPC ?"> None that I know of before this DoS/OOM attack
20:37:58 <moneromooo> I guess it depends what you call exploit then. Fair enough.
20:38:26 <moneromooo> People should run their own node anyway.
20:38:27 <sethsimmons> <nioc "from wat I hear from people that"> I would be curious to see performance numbers on this vs a smaller RAM amount for actual wallet usage, as I would suspect most users are just accessing recent blocks for most syncs, which would be stored in RAM first anyways even on smaller RAM hosts.
20:38:39 <sethsimmons> <moneromooo "People should run their own node"> Absolutely, and wherever they can handle it.
20:39:03 <nioc> sethsimmons: see ginger, he may have some numbers for you
20:39:12 <sethsimmons> Sweet, thanks.
20:39:16 <monerouser1144> I'm not talking about monerod, but of commonly used internet software like bind or exim https://www.bleepingcomputer.com/news/security/nsa-russian-govt-hackers-exploiting-critical-exim-flaw-since-2019/
20:39:17 <moneromooo> 6, 53 and 26.
20:40:01 <sethsimmons> <monerouser1144 "I'm not talking about monerod, b"> No one is recommending people expose more than p2p/RPC to the internet, and that doesn't allow for any priv escalation etc. to date.
20:40:14 <moneromooo> I assume you're not trying to claim running a monero node needs exim. So... what are you trying to claim ?
20:40:14 <sethsimmons> Just because there are exploits for some services doesn't mean you should never run things at home.
20:41:19 <moneromooo> Just that "it's software, and therefore shit" ? :D
20:41:20 <monerouser1144> I mean that in the future there might be an exploit against monerod
20:41:50 <sethsimmons> There could be, and if there was a 0-day no one would use it against someone's house -- they'd use it against VPS instances to get some real value.
20:41:58 <monerouser1144> Seems perfectly reasonable imho, considering the complexity.
20:42:06 <sethsimmons> The threat model just doesn't warrant scaring people out of running nodes at home.
20:42:45 <sethsimmons> Off topic but Hetzner takes so long to deploy :'(
20:42:51 <sethsimmons> JUST GIVE ME MY DAMN SERVERS ALREADY
20:43:14 <monerouser1144> I don't think this is a negligible risk, that's why I wouldn't run a public node from home.
20:43:39 <sethsimmons> I would explicitly define it as negligible :P
20:43:45 <sethsimmons> But to each their own.
20:46:16 <monerouser1144> https://twitter.com/JEhrenhofer/status/1349826376413700102
20:58:45 <sethsimmons> <sethsimmons "Off topic but Hetzner takes so l"> Oh they don't deploy on weekends
20:58:46 <sethsimmons> Weird
22:56:24 <fade_> hello im looking at the official getmonero wallets and i saw the the cli wallet mentions being able to route transactions thru tor wondering if this option is not there for the gui wallet
22:57:01 <moneromooo> It's a node thing, so the GUI wallet will use it.
22:57:29 <fade_> automatically?
22:58:08 <moneromooo> Yes.