On Sat, Sep 07, 2013 at 01:24:12PM -0400, Warren Kumari wrote:
Apologies if this has already been discussed enlist -- I took a quick look though the archives and didn't see it.
See thread "Spoofing the source IP address from a probe?" from around RIPE66.
I believe that the reason for not allowing things like tests that send spoofed packets is that it might violate the AUP that participants have with their ISPs / be viewed by participants ISPs as an attack.
So, what about having a checkbox in the Probe Settings that says something like: "I have no AUP with my ISP or I'm fine to violate my AUP. Run intrusive or dangerous tests on this probe" ? This would create a subset of probes that could be used for more interesting tests, an d would allow for greater visibility into things.
There was traffic seeming to support the idea of a properly opted-in method (as recently as 30 July) but there hadn't been specifics regarding the implementation nor commitment that it would get to such a one. :-) -- RSUC / GweepNet / Spunk / FnB / CotSG / Usenix / NANOG