This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-atlas@ripe.net/
[atlas] Probe cannot connect from behind IDS/IPS with HTTPS inspection
- Previous message (by thread): [atlas] Probe cannot connect from behind IDS/IPS with HTTPS inspection
- Next message (by thread): [atlas] Probe cannot connect from behind IDS/IPS with HTTPS inspection
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Philip Homburg
philip.homburg at ripe.net
Wed May 21 16:58:36 CEST 2014
On 2014/05/21 16:37 , Ondřej Caletka wrote: > Dne 21.5.2014 13:45, Daniel Karrenberg napsal(a): >> It seems to me that just trying port 22 if no contact can be made on 443 >> should be added to the requested features list. The reason being that >> probes could then work in places where policy allows 22. However I agree >> that the priority should be low considering the small number of cases >> this would fix and the likelihood that measurements would be affected by >> middle boxes as well. > > I agree completely. The only question is, what are atlas probes supposed > to measure, Internet infrastructure or "eyeball" perspective of the > Internet? From what I see, the objective is somewhere in the middle with > probes installed both in datacentres (measuring infrastructure) as well > as at users homes (measuring eyeballs). > If measuring the users experience is legitimate use case, then it > shouldn't be problem to have some middleboxes on the way. My experience is that probes at users' homes just work. There are a few gotchas but most work. Probes that cause trouble are usually where somebody explicitly tried to configure something in the network, firewalls, etc. I'm curious what this firewall is trying to do. If it allows unrestricted outbound connectivity over ssh, but not ssh on port 443. What is that rule trying to protect? Philip
- Previous message (by thread): [atlas] Probe cannot connect from behind IDS/IPS with HTTPS inspection
- Next message (by thread): [atlas] Probe cannot connect from behind IDS/IPS with HTTPS inspection
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]