On Tue, Dec 20, 2022 at 05:48:08PM +0100, Lukas Tribus <[email protected]> wrote a message of 60 lines which said:
> - where have those security concerns been previously discussed? Several times on this list. This is a recurring discussion, for many years. > Are you suggesting that people deploy ATLAS probes in security > sensitive inside parts of corporate networks? I believe that the concerns were more about the security of the server than the security of the probe. Nobody wants Atlas to be used as a botnet against unsuspecting HTTP servers. > And those security concerns affect only GENERIC-HTTP not other > currently available measurements like DNS? For a typical DNS server, the "cost" does not depend on the request (at least for authoritative DNS servers). On the contrary, for HTTP, the cost can vary immensely from a static favicon.ico to a request involving many SQL statements. > we are talking about small HTTP HEAD and GET requests here. The GET can be small but incurring a huge cost for the server. -- ripe-atlas mailing list [email protected] https://lists.ripe.net/mailman/listinfo/ripe-atlas
