Hi, On 2010.12.02. 12:41, Tore Anderson wrote:
* Emile Aben
We can see if there is broader interest for this feature and make it an opt-in (checkbox in the GUI). One thing to be careful about here is that having all probes in easy to guess hostnames, will make it easy to DoS part of the infrastructure. Doing it as an opt-in, will make sure that only the people that want/need this feature will enable it, and if that is a sufficiently low fraction of total, it makes it unlikely as a DoS target.
You could also of course make the hostname harder to guess, generating some random UID that's part of the FQDN and that each host have to look up in the Atlas dashboard manually, and set up easier-to-remember CNAMEs perhaps.
We could do that too. Or make it an option for the users, like "probe DNS registration: none, obfuscated, simple".
By the way - when it comes to secrecy for privacy reasons, I'd personally very much like to make my probes as public as possible (doesn't necessarily have to include listing the IP address if you're concerned about DoS attacks). Because one way I can imagine the Atlas projects being immensely useful to network operators world-wide is if it can be used as a kind of massive public looking glass. Someone could then go to the dashboard and query for a listing of probes dependent on various parameters, such as in autonomous system #N or in country/city/continent Foo, select the probes he wants, and then request an arbitrary traceroute or ping to be run from those probes. Heck, I'd even give it a BGP feed people could query like that too, but I assume it doesn't have the horsepower to deal with that...
Some of these are in our mid-term plans already. For example: * We will allow hosts to make some or all their measurement activities and results public. We have a couple of probes in our office, and I don't think we mind opening their measurements up to the public. (Home users might not want to do this.) * (Ssssh, don't tell anyone yet, but...) we started collecting IPv4/6 prefixes and ASNs of hosts. We plan to make this available, probably even searchable ("how many probes do you have in AS x?"). It'd be nice if one could refine this with the above, as "... and how many made their measurements available?" * At a later stage, once you can specify your own measurements, we want to allow you to say "use these sources for my measurement", so you could do on-demand stuff to/from anywhere to some extent. I think we're pretty much aligned on these features, and I'm confident we can deal with the privacy implications, if any.
I know I would certainly allow the probes I host to be used like that and hope that as many others as possible did so too. I have no idea of how of I have tried to debug a connectivity problem from some random source network and have unsuccessfully searched for a looking glass that could help me with it, but it's _a lot_ of times. I'm sure I'm not alone about that, and if people see that Atlas provides such an awesomely useful service I'm sure that would in turn make them more interested in participating by hosting or sponsoring probes of their own.
Exactly. We're building something with great potential, so this kind of feedback is very much welcome! Cheers, Robert