Wengin, Thank you for your good question.
This is exactly why we allow HTTP measurements only to well defined targets. So far we assume that DNS queries are not harmful. Since we cannot know what is "risky" in all places there is little else we can do. Would you have more peace of mind if you could opt out of DNS the probe doing DNS queries related to measurements altogether? On the positive side: Should any host get in trouble we commit to go back to our logs/results and testify that the traffic was originated by our probe. Of course we cannot tell you what your local authorities will hold you responsible for. Would a ping to a certain address get you in trouble? So if you are *really* *really* concerned about this you should not host a probe. Daniel On 22.10.15 17:00 , Wenqin SHAO wrote: > Dear list, > > Talking about how public and non-public probe participates in built-in and > user-defined measurement, a possible scenario has come to my mind (maybe it’s > not really relevant to what you are discussing right now). Here goes the case: > > I host a probe and it is required to participate in a UDM involving sensitive > destinations, say DNS measurement to ISIS’s site (could be interesting and > useful in certain senses), which however might violet my local security > policies. As a consequence, the big brother might knock at my door and > invite me for a coffee…or something more serious. > > My question is, if that happens, am I really responsible for that and whether > it is possible to avoid participating in certain risky measurements. > > Possibly I wrong too much. > > Best regards, > wenqin > >> On 22 Oct 2015, at 16:35, Daniel Quinn <dqu...@ripe.net> wrote: >> >> Hi James, >> >> I just wanted to clarify a few points about how the probes work in response >> to your comment. >> >> All RIPE Atlas probes, even those not marked “public”, are available to be >> used in both built-in and user-defined measurements *as sources*. >> >> Many probes are not hosted on the open Internet, so they make for lousy >> targets. In most cases, they're hosted on internal networks, so they're >> often not “targetable” at all. More importantly, hosting a probe does not >> make your network (which already exists on the open Internet) any more or >> less likely to be the target of a measurement. >> >> And in terms of outgoing traffic, the probe generates next to nothing >> (typically a few Kb/s, even when it’s being used for user-defined >> measurements). >> >> You can learn more about this from the FAQs: >> https://atlas.ripe.net/about/faq/ >> >> Please let us know if you have any other questions. >> >> Regards, >> >> Daniel Quinn >> > > >
