Page MenuHomePhabricator

Diffscan: host off-infra
Open, LowPublic


Diffscan currently runs from a Cloud VM, which has the main advantages of:

  1. Being puppetized
  2. Not hitting external rate-limiters
  3. Low latency

However the main drawback is that the scan is coming from a IP:

  1. Which is not representative of an external scan (different paths and ACLs)
  2. Enabling NAT (see T209011) might not be an option (could overload the NAT table)

Ideally that host has IPv6 connectivity for T265329

As the tool is quite lightweight (only needs python, internet and SMTP) it might be worth running it from an external server, like wikitech-static.

Event Timeline

im not sure what the hosting for wikitech-static is but if we go this route, which i think is a good idea, we should inform the hosting provider of our intensions just incase they have there own rate limits or outbound filters

im not sure what the hosting for wikitech-static is

That's currently on rackspace

wikitech-static may be moving off rackspace: T304688