• HOME
  • About
  • Program Plan
  • Annual Report
  • Joining CAIDA
  • Staff
  • Jobs
  • Legal Agreements
  • How-To
  • Blog
  • Contact Us
• CATALOG
  • Datasets
  • Media
  • Papers
  • Recipes
  • Software
• RESEARCH
  • Topology
  • Security
  • Traffic Analysis
  • Economics and Policy
  • Visualization
• DATA
  • Overview
  • Data Sharing
  • Distribution Statistics
  • How-to
  • Data Usage FAQ
  • Papers using CAIDA Data
  • Acceptable Use Agreement
• TOOLS
  • Overview
• SERVICES
  • AS Rank
  • AS Rank API
  • BGPStream
  • BGPStream API
  • HI-CUBE (login required)
  • IODA
  • MANIC
  • MANIC API
  • Vela
  • Vela web API
  • Vela MIDAR API
  • Vela aliasq API
• PUBLICATIONS
  • Papers
  • Presentations
  • Blog
  • Visualizations
  • - Animations
  • - Posters
  • Networking Bibliography
• WORKSHOPS
  • Overview
  • AIMS
  • DUST
  • IMAPS
  • KISMET
  • WIE
  • WOMBIR
  • Collaborative
  • Archive
• PROJECTS
  • Ark
  • KISMET
  • MANIC
  • Macroscopic Topology
  • Spoofer
  • Network Telescope
  • IMPACT (PREDICT)
• FUNDING
  • PANDA
  • FANTAIL
  • PENMAN
  • SLAM
  • Censorship Outages
  • MapKIT
  • STARDUST
  • MADDVIPR
  • Program Plan

Archipelago Acceptable Use Policy (AUP) for the Spoofer Project

It must be made clear that ARK Monitors will not spoof any IP packets, nor will they send any new probes for this experiment beyond normal traceroutes to participating clients. The role of Ark monitors in this study is to RECEIVE potentially spoofed traffic sent by users volunteering to participate in our study. Participating users download the spoofer client software from spoofer.csail.mit.edu, and the tool sends spoofed UDP-based probes from the user's own machine to an Ark monitor. If the spoofed traffic reaches the Ark monitor, the monitor forwards it on to the analysis server at MIT.

In this experiment, incoming UDP traffic to Ark nodes will have destination port 53, so we can only use Ark monitors that allow traffic to port 53. So, any firewall between Ark and the Internet must:

• allow FROM any address, at any port TO the ark monitor at your site at port 53

We rate-limit the total incoming measurement traffic from all clients to an average of 30kbps over any minute. THERE WILL BE NO NEW OUTGOING CONNECTIONS OR PROBES, and only CAIDA researchers will develop and deploy software on Ark nodes.

Rob Beverly began the Spoofer project in 2005 as a Phd student at MIT, using a single server at MIT to receive spoofed traffic. The Ark infrastructure allows us to increase the precision and accuracy of his IP spoofing survey to unprecedented levels, at a time when the question is resurfacing simultaneously in operational, policy, and law enforcement communities. The more Ark monitors we have participating, the more accurate our assessments of spoofing capabilities will be.

Please send a message to monitor-info@caida.org if you are interested in participating and whether you approve of the broader usage under Archipelago. Also, please let us know if you find certain specific usages to be unacceptable (for example, because of the AUP you yourself must work under) but are otherwise willing to participate. In most cases, we can work with you to define a narrower set of acceptable activities for your particular node.

For further information on the Spoofer Project, see:

• Spoofer Project page
• The Spoofer Project: Inferring the Extent of Source Address Filtering on the Internet
  
  Technical paper published at USENIX SRUTI Workshop 2005, with presentation slides