Hello Daniel, Thank you very much for you quick response. I personally am not very much concerned. The possibility just came into my mind. I plan to move my recently obtained probe into a Academic network in China, where the hosting institution there shall take the responsibility for all consequences, instead of putting it my parents’ living room. One other issue with security policies is that sometime one wouldn’t learn these rules if one hadn’t violet them in first place. Regards, Wenqin
On 22 Oct 2015, at 17:17, Daniel Karrenberg <daniel.karrenberg@ripe.net> wrote:
Wengin,
Thank you for your good question.
This is exactly why we allow HTTP measurements only to well defined targets. So far we assume that DNS queries are not harmful. Since we cannot know what is "risky" in all places there is little else we can do. Would you have more peace of mind if you could opt out of DNS the probe doing DNS queries related to measurements altogether?
On the positive side: Should any host get in trouble we commit to go back to our logs/results and testify that the traffic was originated by our probe.
Of course we cannot tell you what your local authorities will hold you responsible for. Would a ping to a certain address get you in trouble? So if you are *really* *really* concerned about this you should not host a probe.
Daniel
On 22.10.15 17:00 , Wenqin SHAO wrote:
Dear list,
Talking about how public and non-public probe participates in built-in and user-defined measurement, a possible scenario has come to my mind (maybe it’s not really relevant to what you are discussing right now). Here goes the case:
I host a probe and it is required to participate in a UDM involving sensitive destinations, say DNS measurement to ISIS’s site (could be interesting and useful in certain senses), which however might violet my local security policies. As a consequence, the big brother might knock at my door and invite me for a coffee…or something more serious.
My question is, if that happens, am I really responsible for that and whether it is possible to avoid participating in certain risky measurements.
Possibly I wrong too much.
Best regards, wenqin
On 22 Oct 2015, at 16:35, Daniel Quinn <dquinn@ripe.net> wrote:
Hi James,
I just wanted to clarify a few points about how the probes work in response to your comment.
All RIPE Atlas probes, even those not marked “public”, are available to be used in both built-in and user-defined measurements *as sources*.
Many probes are not hosted on the open Internet, so they make for lousy targets. In most cases, they're hosted on internal networks, so they're often not “targetable” at all. More importantly, hosting a probe does not make your network (which already exists on the open Internet) any more or less likely to be the target of a measurement.
And in terms of outgoing traffic, the probe generates next to nothing (typically a few Kb/s, even when it’s being used for user-defined measurements).
You can learn more about this from the FAQs: https://atlas.ripe.net/about/faq/
Please let us know if you have any other questions.
Regards,
Daniel Quinn