Clarification of the acceptable use policy regarding statement 4
In statement 4 Vulnerability testing of Linode's servers are prohibited, but was written in such a way to exclude 3rd party serves. It also doesn't explicitly state what "Vulnerability Testing" entails, thus excluding a ping sweeps. Is it possible to clarify the extent of the AUP.
Vulnerability Testing. You shall not attempt to probe, scan, penetrate, or test the vulnerability of Linode or any Service, and shall not breach Linode security or authentication measures, whether by passive or intrusive techniques, without Linode's express written consent. If you are a Linode customer and need to perform a penetration test, let us know beforehand by emailing Support here.
1 Reply
hdiep
Linode Staff
I'd be happy to clarify a bit further. Activities such as penetration testing are permitted on our platform as long as all activity is legal, does not violate our Terms of Service, and falls within the allowed scope of prior agreement between you and the target. Testing that causes performance problems for other Linode customers, Linode infrastructure, or outside of a prior agreed scope is not permitted. This includes DDoS stress testing, which is explicitly not allowed.
If you receive a ToS violation ticket, please respond as soon as possible with an explanation of the reported behavior or evidence that the behavior was approved.
I hope this addresses your concerns.