Re: [atlas] Communication with probes' owners

2019-05-01 Thread Christian Kuhtz 
Please no automatic nag emails.

On Sun, Apr 21, 2019, 3:14 PM Carsten Schiefner 
wrote:

> Am 21.04.2019 um 19:59 schrieb Dave . :
> If this gets implemented, please add a checkbox where one can indicate
> whether one is a user or also can get things fixed in the AS where your
> probe is connected.
> Makes sense to me: +1.
>
> Would then a reminder every 1/2/3 month[s] make sense that this is (still)
> the case aka. this flag to be set?
>
> As the probe’s circumstances may change...
>
> Op vr 19 apr. 2019 om 12:37 schreef Paolo Pozzan  >:
>
>> It seems a good idea. I don't think this will be abused and in case it
>> would be easy to point out the spammers.
>> Would this be useful also for other kind of messages?
>>
>> Paolo
>>
>

Re: [atlas] Communication with probes' owners

2019-04-24 Thread Emile Aben 
On 24/04/2019 19:20, Ponikierski, Grzegorz wrote:
> Thanks everybody for comments and interest :)
> 
>  
> 
> When it comes to security and spammers I think that you can approach to
> it like to any PM feature available on any message board. I think it's
> natural for any community to be able to communicate with each other.
> After all RIPE Atlas is a community of networking geeks/nerds/engineers
> who like to measure the Internet and share resources with others.
> Sometimes we just need to exchange some info to get help and mailing
> lists is not always the best way to do it. I don't think it's a serious
> security threat but I also find comments from Martin Boissonneault quite
> helpful to build something as much secure as possible without excessive
> complexity.
> 
>  
> 
> When it comes to location of probes, Steve Gibbard probably described
> the real problem more precisely than me. The goal is to get reliable
> data about probes location and this is for sure important for all RIPE
> Atlas users. One way is to poke people manually and it's OK if you have

As someone who uses RIPE Atlas at scale, i fully agree. Probe location
accuracy is an important data quality issue in RIPE Atlas. Wrongly
located probes are a big source of weirdness in things like
ixp-country-jedi (
https://www.ripe.net/analyse/internet-measurements/ixp-country-jedi ).

> to do it once per few months but it would be better to get more
> automated detection mechanism for that. Steve uses IP geolocation which
> has its limitations (I know probes with IPs from country X but they are
> properly deployed and described in country Y on different continent). I
> personally visualize distance from probe to target and compare it with
> RTT and hops but it's still not fully automated and still can be tricky
> and requires additional checks.

I've also seen the limitations of (Maxmind) geolocation. and i would say
it's very hard to find good guidelines on when Maxmind geolocation is
better or worse then what probe hosts provide.

> So open question is: How to reliably verify location of probes OR How to
> motivate RIPE Atlas users to provide valid locations and keep it up-to-date?

What i've seen for many cases of incorrectly geolocated probes is that
this was caused by probes being physically moved (because the person
hosting the probe moved to a different city, possibly country).
One thing i've briefly looked into is if we can use a change of ASN that
we see the probe in as an indicator that the probe host should be sent a
reminder to check if the probes geolocation is still correct. This
turned out messier then i thought (too many probes seem to cycle through
two or more ASNs), but we can revisit this idea and see if we can make
this work as part of a process to counter wrongly geolocated probes.

Another thing i looked into is using similarity between probes as an
indicator of wrong geolocation. Intuition is that if 2 probes see the
same IP path to a destination, they are probably topologically close to
each other, which typically means they are physically close (but not
always, eg. tunnels). So if we see 2 probes that are topologically
close, but physically very distant, that probably means either a wrong
geolocation or an 'interesting' setup of one of the probes.
See table 1 (and text below) of
https://archive.psg.com/170602.anrw17-paper9.pdf

hope this helps,
Emile

Re: [atlas] Communication with probes' owners

2019-04-24 Thread Ponikierski, Grzegorz 
Thanks everybody for comments and interest :)

When it comes to security and spammers I think that you can approach to it like 
to any PM feature available on any message board. I think it's natural for any 
community to be able to communicate with each other. After all RIPE Atlas is a 
community of networking geeks/nerds/engineers who like to measure the Internet 
and share resources with others. Sometimes we just need to exchange some info 
to get help and mailing lists is not always the best way to do it. I don't 
think it's a serious security threat but I also find comments from Martin 
Boissonneault quite helpful to build something as much secure as possible 
without excessive complexity.

When it comes to location of probes, Steve Gibbard probably described the real 
problem more precisely than me. The goal is to get reliable data about probes 
location and this is for sure important for all RIPE Atlas users. One way is to 
poke people manually and it's OK if you have to do it once per few months but 
it would be better to get more automated detection mechanism for that. Steve 
uses IP geolocation which has its limitations (I know probes with IPs from 
country X but they are properly deployed and described in country Y on 
different continent). I personally visualize distance from probe to target and 
compare it with RTT and hops but it's still not fully automated and still can 
be tricky and requires additional checks.

So open question is: How to reliably verify location of probes OR How to 
motivate RIPE Atlas users to provide valid locations and keep it up-to-date?

Regards,
Grzegorz

From: Robert Kisteleki 
Organization: RIPE NCC
Date: Wednesday 2019-04-24 at 10:43
To: "ripe-atlas@ripe.net" 
Subject: Re: [atlas] Communication with probes' owners



On 2019-04-23 13:10, Ponikierski, Grzegorz wrote:
I thought about simple web form available only for logged users of RIPE
Atlas. In this way all private data are hidden and RIPE can rate limit
usage of the form. Message itself can be send to probe's owner via email
from RIPE Atlas infra so sender identity also can be hidden. If somebody
wants to switch to email communication then form can also be used to
exchange email addresses.

Regards,
Grzegorz

Hi,

I agree that allowing RIPE Atlas users to send messages to probe hosts
would be a useful feature. I also think that requiring someone to log in
first before sending a message to the probe hosts is a sufficiently high
bar against systematic abuse (to begin with -- we can be stricter later
if needed).

I can imagine the form also having a feature to let the original sender
expose her email to the recipient to facilitate further communication.

Regards,
Robert

Re: [atlas] Communication with probes' owners

2019-04-24 Thread Robert Kisteleki 



On 2019-04-23 13:10, Ponikierski, Grzegorz wrote:
> I thought about simple web form available only for logged users of RIPE
> Atlas. In this way all private data are hidden and RIPE can rate limit
> usage of the form. Message itself can be send to probe's owner via email
> from RIPE Atlas infra so sender identity also can be hidden. If somebody
> wants to switch to email communication then form can also be used to
> exchange email addresses.
> 
>  
> 
> Regards,
> 
> Grzegorz

Hi,

I agree that allowing RIPE Atlas users to send messages to probe hosts
would be a useful feature. I also think that requiring someone to log in
first before sending a message to the probe hosts is a sufficiently high
bar against systematic abuse (to begin with -- we can be stricter later
if needed).

I can imagine the form also having a feature to let the original sender
expose her email to the recipient to facilitate further communication.

Regards,
Robert

Re: [atlas] Communication with probes' owners

2019-04-23 Thread Martin Boissonneault 
@Steve Gibbard
  I totally agree. I think it's best for RIPE to analyze the data and ask probe 
owners to update the probe profiles if it's believed wrong.

  Maybe tag the probe if the information is suspicious or the owner does not 
respond?

Martin Boissonneault
Sent from my iPhone

On Apr 23, 2019, at 12:36, "s...@gibbard.org<mailto:s...@gibbard.org>" 
mailto:s...@gibbard.org>> wrote:

Having individual users contacting other individual users about probe location 
problems seems like a not very scalable solution to this problem. It both 
leaves it somewhat random which issues will be caught, and may leave probe 
owners whose probes look somewhat atypical having to explain their situation 
over and over again to random people.

I have a cron job that goes through the entire probe list every few hours and 
runs the IP addresses against the MaxMind Geolite databases.  MaxMind has its 
own accuracy issues, but after a bunch of spot checking I decided that trusting 
the MaxMind answers was better than trusting the owner-reported information for 
the probes.

If somebody wants to take a more systematic approach to getting the Atlas 
location data cleaned up, I’d be happy to share a diff. But I’d suggest that it 
be done by somebody with access to the database cleaning up things that look 
wrong, instead of bugging a bunch of individual probe owners.

-Steve

Steve Gibbard

On Apr 23, 2019, at 4:10 AM, Ponikierski, Grzegorz 
mailto:gponi...@akamai.com>> wrote:

I thought about simple web form available only for logged users of RIPE Atlas. 
In this way all private data are hidden and RIPE can rate limit usage of the 
form. Message itself can be send to probe's owner via email from RIPE Atlas 
infra so sender identity also can be hidden. If somebody wants to switch to 
email communication then form can also be used to exchange email addresses.

Regards,
Grzegorz

From: Martin Boissonneault mailto:ve2...@hotmail.com>>
Date: Monday 2019-04-22 at 02:25
To: Carsten Schiefner mailto:cars...@schiefner.de>>
Cc: "ripe-atlas@ripe.net<mailto:ripe-atlas@ripe.net>" 
mailto:ripe-atlas@ripe.net>>
Subject: Re: [atlas] Communication with probes' owners

The best might be for RIPE to contact the owner when the records don't match 
what is detected from the probe?

Some method to trigger a check could be added to the probe's profile, and there 
would not be ANY chance of email abuse by throwaway accounts?

Allowing users to contact probe owners has to be VERY well made to avoid all 
sorts of attacks and spam!

Martin Boissonneault
Sent from my iPhone

On Apr 21, 2019, at 18:14, Carsten Schiefner 
mailto:cars...@schiefner.de>> wrote:
Am 21.04.2019 um 19:59 schrieb Dave . 
mailto:gboo...@gmail.com>>:
If this gets implemented, please add a checkbox where one can indicate whether 
one is a user or also can get things fixed in the AS where your probe is 
connected.
Makes sense to me: +1.

Would then a reminder every 1/2/3 month[s] make sense that this is (still) the 
case aka. this flag to be set?

As the probe’s circumstances may change...

Op vr 19 apr. 2019 om 12:37 schreef Paolo Pozzan 
mailto:paolo.poz...@telemar.it>>:
It seems a good idea. I don't think this will be abused and in case it would be 
easy to point out the spammers.
Would this be useful also for other kind of messages?

Paolo

Re: [atlas] Communication with probes' owners

2019-04-23 Thread Martin Boissonneault 
Hi Grzegorz,

  I'm sorry if I sound paranoid, computer security does that to some ;-)

  My registering for my Atlas account was a few years ago, so I don't remember 
all the details. But usually, new account creation can be scripted and fake 
accounts can rapidly created by a willing party. For that reason, account 
creation should not be the only measure against spam.

  Limiting the speed of account creation based on network address can help, but 
can be circumvented. One big step would be physical address or ID validation. 
Linking the virtual and physical worlds is harder to abuse.

  Another way to limit spam is to control the message. The form could give a 
few checkboxes or pre-defined messages but no place to write a message. If you 
cannot advertise stuff on the form, it's useless for most spammers.

  Some forms can be used to DoS email by not using rate-limiting. So, that  
form could limit the rate per _destination and sender_  like the Digest mode of 
mailing lists. One or two digests per day, and replies would be like a mailing 
list. I mean that RIPE would always be the sender or the receiver, ensuring 
privacy of email address of one party to the other.

  Now that I think of it, it's pretty much the messaging system of most forums 
with a front-end. Except that your username is the probe's ID?

  I think RIPE could do it, if it there is enough demand?

Martin Boissonneault
Sent from my iPhone

On Apr 23, 2019, at 07:10, Ponikierski, Grzegorz 
mailto:gponi...@akamai.com>> wrote:

I thought about simple web form available only for logged users of RIPE Atlas. 
In this way all private data are hidden and RIPE can rate limit usage of the 
form. Message itself can be send to probe's owner via email from RIPE Atlas 
infra so sender identity also can be hidden. If somebody wants to switch to 
email communication then form can also be used to exchange email addresses.

Regards,
Grzegorz

From: Martin Boissonneault mailto:ve2...@hotmail.com>>
Date: Monday 2019-04-22 at 02:25
To: Carsten Schiefner mailto:cars...@schiefner.de>>
Cc: "ripe-atlas@ripe.net<mailto:ripe-atlas@ripe.net>" 
mailto:ripe-atlas@ripe.net>>
Subject: Re: [atlas] Communication with probes' owners

The best might be for RIPE to contact the owner when the records don't match 
what is detected from the probe?

Some method to trigger a check could be added to the probe's profile, and there 
would not be ANY chance of email abuse by throwaway accounts?

Allowing users to contact probe owners has to be VERY well made to avoid all 
sorts of attacks and spam!

Martin Boissonneault
Sent from my iPhone

On Apr 21, 2019, at 18:14, Carsten Schiefner 
mailto:cars...@schiefner.de>> wrote:
Am 21.04.2019 um 19:59 schrieb Dave . 
mailto:gboo...@gmail.com>>:
If this gets implemented, please add a checkbox where one can indicate whether 
one is a user or also can get things fixed in the AS where your probe is 
connected.
Makes sense to me: +1.

Would then a reminder every 1/2/3 month[s] make sense that this is (still) the 
case aka. this flag to be set?

As the probe’s circumstances may change...

Op vr 19 apr. 2019 om 12:37 schreef Paolo Pozzan 
mailto:paolo.poz...@telemar.it>>:
It seems a good idea. I don't think this will be abused and in case it would be 
easy to point out the spammers.
Would this be useful also for other kind of messages?

Paolo

Re: [atlas] Communication with probes' owners

2019-04-23 Thread scg 
Having individual users contacting other individual users about probe location 
problems seems like a not very scalable solution to this problem. It both 
leaves it somewhat random which issues will be caught, and may leave probe 
owners whose probes look somewhat atypical having to explain their situation 
over and over again to random people. 

I have a cron job that goes through the entire probe list every few hours and 
runs the IP addresses against the MaxMind Geolite databases.  MaxMind has its 
own accuracy issues, but after a bunch of spot checking I decided that trusting 
the MaxMind answers was better than trusting the owner-reported information for 
the probes. 

If somebody wants to take a more systematic approach to getting the Atlas 
location data cleaned up, I’d be happy to share a diff. But I’d suggest that it 
be done by somebody with access to the database cleaning up things that look 
wrong, instead of bugging a bunch of individual probe owners. 

-Steve

Steve Gibbard

> On Apr 23, 2019, at 4:10 AM, Ponikierski, Grzegorz  
> wrote:
> 
> I thought about simple web form available only for logged users of RIPE 
> Atlas. In this way all private data are hidden and RIPE can rate limit usage 
> of the form. Message itself can be send to probe's owner via email from RIPE 
> Atlas infra so sender identity also can be hidden. If somebody wants to 
> switch to email communication then form can also be used to exchange email 
> addresses.
>  
> Regards,
> Grzegorz
>  
> From: Martin Boissonneault 
> Date: Monday 2019-04-22 at 02:25
> To: Carsten Schiefner 
> Cc: "ripe-atlas@ripe.net" 
> Subject: Re: [atlas] Communication with probes' owners
>  
> The best might be for RIPE to contact the owner when the records don't match 
> what is detected from the probe? 
>  
> Some method to trigger a check could be added to the probe's profile, and 
> there would not be ANY chance of email abuse by throwaway accounts?
>  
> Allowing users to contact probe owners has to be VERY well made to avoid all 
> sorts of attacks and spam!
>  
> Martin Boissonneault
> Sent from my iPhone
> 
> On Apr 21, 2019, at 18:14, Carsten Schiefner  wrote:
> 
> Am 21.04.2019 um 19:59 schrieb Dave . :
> If this gets implemented, please add a checkbox where one can indicate 
> whether one is a user or also can get things fixed in the AS where your probe 
> is connected.
> Makes sense to me: +1.
>  
> Would then a reminder every 1/2/3 month[s] make sense that this is (still) 
> the case aka. this flag to be set?
>  
> As the probe’s circumstances may change...
>  
> Op vr 19 apr. 2019 om 12:37 schreef Paolo Pozzan :
> It seems a good idea. I don't think this will be abused and in case it would 
> be easy to point out the spammers.
> Would this be useful also for other kind of messages?
>  
> Paolo

Re: [atlas] Communication with probes' owners

2019-04-23 Thread Ponikierski, Grzegorz 
I thought about simple web form available only for logged users of RIPE Atlas. 
In this way all private data are hidden and RIPE can rate limit usage of the 
form. Message itself can be send to probe's owner via email from RIPE Atlas 
infra so sender identity also can be hidden. If somebody wants to switch to 
email communication then form can also be used to exchange email addresses.

Regards,
Grzegorz

From: Martin Boissonneault 
Date: Monday 2019-04-22 at 02:25
To: Carsten Schiefner 
Cc: "ripe-atlas@ripe.net" 
Subject: Re: [atlas] Communication with probes' owners

The best might be for RIPE to contact the owner when the records don't match 
what is detected from the probe?

Some method to trigger a check could be added to the probe's profile, and there 
would not be ANY chance of email abuse by throwaway accounts?

Allowing users to contact probe owners has to be VERY well made to avoid all 
sorts of attacks and spam!

Martin Boissonneault
Sent from my iPhone

On Apr 21, 2019, at 18:14, Carsten Schiefner 
mailto:cars...@schiefner.de>> wrote:
Am 21.04.2019 um 19:59 schrieb Dave . 
mailto:gboo...@gmail.com>>:
If this gets implemented, please add a checkbox where one can indicate whether 
one is a user or also can get things fixed in the AS where your probe is 
connected.
Makes sense to me: +1.

Would then a reminder every 1/2/3 month[s] make sense that this is (still) the 
case aka. this flag to be set?

As the probe’s circumstances may change...

Op vr 19 apr. 2019 om 12:37 schreef Paolo Pozzan 
mailto:paolo.poz...@telemar.it>>:
It seems a good idea. I don't think this will be abused and in case it would be 
easy to point out the spammers.
Would this be useful also for other kind of messages?

Paolo

Re: [atlas] Communication with probes' owners

2019-04-21 Thread Martin Boissonneault 
The best might be for RIPE to contact the owner when the records don't match 
what is detected from the probe?

Some method to trigger a check could be added to the probe's profile, and there 
would not be ANY chance of email abuse by throwaway accounts?

Allowing users to contact probe owners has to be VERY well made to avoid all 
sorts of attacks and spam!

Martin Boissonneault
Sent from my iPhone

On Apr 21, 2019, at 18:14, Carsten Schiefner 
mailto:cars...@schiefner.de>> wrote:

Am 21.04.2019 um 19:59 schrieb Dave . 
mailto:gboo...@gmail.com>>:
If this gets implemented, please add a checkbox where one can indicate whether 
one is a user or also can get things fixed in the AS where your probe is 
connected.
Makes sense to me: +1.

Would then a reminder every 1/2/3 month[s] make sense that this is (still) the 
case aka. this flag to be set?

As the probe’s circumstances may change...

Op vr 19 apr. 2019 om 12:37 schreef Paolo Pozzan 
mailto:paolo.poz...@telemar.it>>:
It seems a good idea. I don't think this will be abused and in case it would be 
easy to point out the spammers.
Would this be useful also for other kind of messages?

Paolo

Re: [atlas] Communication with probes' owners

2019-04-21 Thread Carsten Schiefner 
Am 21.04.2019 um 19:59 schrieb Dave . :
> If this gets implemented, please add a checkbox where one can indicate 
> whether one is a user or also can get things fixed in the AS where your probe 
> is connected.

Makes sense to me: +1.

Would then a reminder every 1/2/3 month[s] make sense that this is (still) the 
case aka. this flag to be set?

As the probe’s circumstances may change...

> Op vr 19 apr. 2019 om 12:37 schreef Paolo Pozzan :
>> It seems a good idea. I don't think this will be abused and in case it would 
>> be easy to point out the spammers.
>> Would this be useful also for other kind of messages?
>> 
>> Paolo

Re: [atlas] Communication with probes' owners

2019-04-21 Thread Dave . 
If this gets implemented, please add a checkbox where one can indicate
whether one is a user or also can get things fixed in the AS where your
probe is connected.

Op vr 19 apr. 2019 om 12:37 schreef Paolo Pozzan :

> It seems a good idea. I don't think this will be abused and in case it
> would be easy to point out the spammers.
> Would this be useful also for other kind of messages?
>
> Paolo
>
> --
>
> *Da: *"Grzegorz Ponikierski" 
> *A: *ripe-atlas@ripe.net
> *Inviato: *Mercoledì, 17 aprile 2019 19:13:37
> *Oggetto: *[atlas] Communication with probes' owners
>
> Hi all!
>
>
>
> From time to time I find probes which has incorrect country in their
> description. For example #10333 supposed to be in US but from my
> measurements it looks like it is somewhere nearby Amsterdam. If something
> has 10ms RTT to target in Amsterdam, has hops with `
> nl-ams14a-ri1-ae8-0.aorta.net
> <https://stat.ripe.net/nl-ams14a-ri1-ae8-0.aorta.net>` description and
> has ASN for LibertyGlobal then this probe is rather in Europe. It takes
> some time to resolve such issue via RIPE team so maybe we can get a form to
> send direct and short message to probe owner to let him/her know that
> something is wrong with his/her probe and we ask for verification. What do
> you think about that?
>
>
>
> Regards,
>
> Grzegorz
>
>
>

Re: [atlas] Communication with probes' owners

2019-04-20 Thread Carsten Schiefner 
Grzegorz, Paolo, all -

On 19.04.2019 12:26, Paolo Pozzan wrote:
> It seems a good idea.

+1.

> I don't think this will be abused

Quite the opposite IMHO, understanding that the anticipated means of
communication will be email and that the email address of a probe's host
will be generic, eg. ,
redirecting all incoming emails to a final address. The redirection
would be configured via the portal then.

> and in case it would be easy to point out the spammers.

Maybe the NCC could and would operate a purpose specific spam catcher
for the 3rd level domain 'atlas'.

But after all I wouldn't really care as I am already running anti-spam
measures anyway.

YMMV though...

> Would this be useful also for other kind of messages?

Like what?

Best,

-C.

> 
> 
> *Da: *"Grzegorz Ponikierski" 
> *A: *ripe-atlas@ripe.net
> *Inviato: *Mercoledì, 17 aprile 2019 19:13:37
> *Oggetto: *[atlas] Communication with probes' owners
> 
> Hi all!
> 
>  
> 
> From time to time I find probes which has incorrect country in their
> description. For example #10333 supposed to be in US but from my
> measurements it looks like it is somewhere nearby Amsterdam. If
> something has 10ms RTT to target in Amsterdam, has hops with
> `nl-ams14a-ri1-ae8-0.aorta.net
> <https://stat.ripe.net/nl-ams14a-ri1-ae8-0.aorta.net>` description
> and has ASN for LibertyGlobal then this probe is rather in Europe.
> It takes some time to resolve such issue via RIPE team so maybe we
> can get a form to send direct and short message to probe owner to
> let him/her know that something is wrong with his/her probe and we
> ask for verification. What do you think about that?
> 
>  
> 
> Regards,
> 
> Grzegorz

Re: [atlas] Communication with probes' owners

2019-04-19 Thread Paolo Pozzan 
It seems a good idea. I don't think this will be abused and in case it would be 
easy to point out the spammers. 
Would this be useful also for other kind of messages? 

Paolo 
- Messaggio originale -

> Da: "Grzegorz Ponikierski" 
> A: ripe-atlas@ripe.net
> Inviato: Mercoledì, 17 aprile 2019 19:13:37
> Oggetto: [atlas] Communication with probes' owners

> Hi all!

> From time to time I find probes which has incorrect country in their
> description. For example #10333 supposed to be in US but from my
> measurements it looks like it is somewhere nearby Amsterdam. If
> something has 10ms RTT to target in Amsterdam, has hops with `
> nl-ams14a-ri1-ae8-0.aorta.net ` description and has ASN for
> LibertyGlobal then this probe is rather in Europe. It takes some
> time to resolve such issue via RIPE team so maybe we can get a form
> to send direct and short message to probe owner to let him/her know
> that something is wrong with his/her probe and we ask for
> verification. What do you think about that?

> Regards,
> Grzegorz

[atlas] Communication with probes' owners

2019-04-17 Thread Ponikierski, Grzegorz 
Hi all!

From time to time I find probes which has incorrect country in their 
description. For example #10333 supposed to be in US but from my measurements 
it looks like it is somewhere nearby Amsterdam. If something has 10ms RTT to 
target in Amsterdam, has hops with 
`nl-ams14a-ri1-ae8-0.aorta.net`
 description and has ASN for LibertyGlobal then this probe is rather in Europe. 
It takes some time to resolve such issue via RIPE team so maybe we can get a 
form to send direct and short message to probe owner to let him/her know that 
something is wrong with his/her probe and we ask for verification. What do you 
think about that?

Regards,
Grzegorz