[atlas] Proposal: Measure well-known CDNs,[CDN-HTTP]
- Previous message (by thread): [atlas] Proposal: Measure well-known CDNs,[CDN-HTTP]
- Next message (by thread): [atlas] Proposal: Measure well-known CDNs,[CDN-HTTP]
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Stephane Bortzmeyer
bortzmeyer at nic.fr
Thu Dec 29 15:15:16 CET 2022
On Tue, Dec 20, 2022 at 05:48:08PM +0100, Lukas Tribus <lukas at ltri.eu> wrote a message of 60 lines which said: > - where have those security concerns been previously discussed? Several times on this list. This is a recurring discussion, for many years. > Are you suggesting that people deploy ATLAS probes in security > sensitive inside parts of corporate networks? I believe that the concerns were more about the security of the server than the security of the probe. Nobody wants Atlas to be used as a botnet against unsuspecting HTTP servers. > And those security concerns affect only GENERIC-HTTP not other > currently available measurements like DNS? For a typical DNS server, the "cost" does not depend on the request (at least for authoritative DNS servers). On the contrary, for HTTP, the cost can vary immensely from a static favicon.ico to a request involving many SQL statements. > we are talking about small HTTP HEAD and GET requests here. The GET can be small but incurring a huge cost for the server.
- Previous message (by thread): [atlas] Proposal: Measure well-known CDNs,[CDN-HTTP]
- Next message (by thread): [atlas] Proposal: Measure well-known CDNs,[CDN-HTTP]
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]