Error: Only anchors may be targeted.
Hello I've got "Only anchors may be targeted." on HTTP measurement creation.Any body can advise what the problem is? Thanks
I understand that you can only measure HTTP connectivity from probes to pre-defined RIPE anchor sites. You cannot measure HTTP connectivity of a real web sites, probably in fear of inadvertently DDOSing them. Which is pity, because with proper safeguards this feature would be very useful. -- With Best Regards, Marat Khalili On 15/10/16 10:52, Mozafary Mohammad wrote:
Hello I've got "Only anchors may be targeted." on HTTP measurement creation.Any body can advise what the problem is? Thanks
15.10.2016 11:36 Marat Khalili kirjutas:
I understand that you can only measure HTTP connectivity from probes to pre-defined RIPE anchor sites. You cannot measure HTTP connectivity of a real web sites, probably in fear of inadvertently DDOSing them. Which is pity, because with proper safeguards this feature would be very useful.
--
With Best Regards, Marat Khalili
On 15/10/16 10:52, Mozafary Mohammad wrote:
Hello I've got "Only anchors may be targeted." on HTTP measurement creation.Any body can advise what the problem is? Thanks
Indeed, it would be really useful to be able to measure http/https sites from atlas probes. -- Georg Kahest System Administrator / Süsteemiadministraator Eesti Interneti SA Paldiski mnt 80, 10617 Tallinn Tel 727 1016 www.internet.ee
Indeed, it would be really useful to be able to measure http/https sites from atlas probes.
As a network operator, even if those measurements were only allowed inside our own (or downstream) AS's that would be vary useful. Cheers, Joseph
User-agent: RIPE-ATLAS Allow: /test-me-here/ It would need to be checked both on control centers (to make sure
I don't know how hard it'd be to implement, but it'd be natural to use robots.txt for this. Something like: probing is allowed at all) and on probes (to react on changes quickly). -- With Best Regards, Marat Khalili On 21/10/16 07:49, Joseph B wrote:
Indeed, it would be really useful to be able to measure http/https sites from atlas probes. As a network operator, even if those measurements were only allowed inside our own (or downstream) AS's that would be vary useful.
Cheers,
Joseph
My wish list would look like: - Limits on how many tests are run against a specific target (globally) - Robots.txt/SRV Record to increase the limit - Ability to see if ISP injected Headers (Supercookies) - Ability if the server changes anything about the website (Ads etc). - Verify TLS certificates - Thomas
On Oct 21, 2016, at 3:29 , Marat Khalili <mkh@rqc.ru> wrote:
I don't know how hard it'd be to implement, but it'd be natural to use robots.txt for this. Something like:
User-agent: RIPE-ATLAS Allow: /test-me-here/ It would need to be checked both on control centers (to make sure probing is allowed at all) and on probes (to react on changes quickly).
--
With Best Regards, Marat Khalili
On 21/10/16 07:49, Joseph B wrote:
Indeed, it would be really useful to be able to measure http/https sites from atlas probes. As a network operator, even if those measurements were only allowed inside our own (or downstream) AS's that would be vary useful.
Cheers,
Joseph
+1 to all the above. With proper safeguards we could make the ATLAS network (and service) way more useful and interesting to use. I volunteer for any work necessary to make this happening. Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum
I was discussing the above with a few friends and I understand that there might be some security related concerns but I think with a proper user policy and technical implementation they could be easily mitigated: - allow HTTP(s) queries only on '/' and without any args - global rate limit on Atlas based on domain. Example: top 1000 domains can get 100 req/s globally while everything else is throttled to 10 req/s (optional: site owners can override this value via `robots.txt` or something similar) Feedback and ideas are welcome! Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum
On Mon, Jun 25, 2018 at 03:10:07PM +0200, Guido Iaquinti <guido.iaquinti@gmail.com> wrote a message of 16 lines which said:
I was discussing the above with a few friends and I understand that there might be some security related concerns but I think with a proper user policy and technical implementation they could be easily mitigated:
It is not purely technical. There is also an ethics problem as well <https://labs.ripe.net/Members/kistel/ethics-of-ripe-atlas-measurements> Basically, in places where you can have trouble for your Internet activity, HTTP is often actually monitored (which is not the case with ICMP and DNS).
- allow HTTP(s) queries only on '/' and without any args
- global rate limit on Atlas based on domain. Example: top 1000 domains can get 100 req/s globally while everything else is throttled to 10 req/s (optional: site owners can override this value via `robots.txt` or something similar)
It solves the "RIPE Atlas probes as a dDoS botnet" issue (at the price of some complexity for Atlas) but not the ethical one. Imagine people asking a saudi probe to access <https://femen.org/>
Hi all, On 25/06/2018 15:32, Stephane Bortzmeyer wrote:
On Mon, Jun 25, 2018 at 03:10:07PM +0200, Guido Iaquinti <guido.iaquinti@gmail.com> wrote a message of 16 lines which said:
I was discussing the above with a few friends and I understand that there might be some security related concerns but I think with a proper user policy and technical implementation they could be easily mitigated:
It is not purely technical. There is also an ethics problem as well <https://labs.ripe.net/Members/kistel/ethics-of-ripe-atlas-measurements> Basically, in places where you can have trouble for your Internet activity, HTTP is often actually monitored (which is not the case with ICMP and DNS).
Thanks Stephane! In addition to this , we have come up with a workaround: https://labs.ripe.net/Members/wilhelm/measuring-your-web-server-reachability... Please take a look, and see if this is useful for some of the items on your "wish list". Vesna
participants (8)
-
Georg Kahest -
Guido Iaquinti -
Joseph B -
Marat Khalili -
Mozafary Mohammad -
Stephane Bortzmeyer -
Thomas Bartelmess -
Vesna Manojlovic