[IPython-dev] how to prevent spam, ddos, etc. from IPython notebooks
William Stein
wstein at gmail.com
Mon Mar 16 12:58:43 EDT 2015
On Monday, March 16, 2015, MinRK <benjaminrk at gmail.com> wrote:
> tmpnb (try.jupyter.org) takes a similar, if more restrictive, approach to
> SageMathCloud. User containers simply have no network access. We should
> probably adopt a strict whitelist of services like William has done.
>
>
Do people complain?
> -MinRK
>
> On Mon, Mar 16, 2015 at 8:14 AM, William Stein <wstein at gmail.com
> <javascript:_e(%7B%7D,'cvml','wstein at gmail.com');>> wrote:
>
>> On Mon, Mar 16, 2015 at 6:55 AM, Robert Alexander
>> <roalexan at microsoft.com
>> <javascript:_e(%7B%7D,'cvml','roalexan at microsoft.com');>> wrote:
>> > Do people have any advice/experience on how to prevent spam, ddos, etc.
>> from
>> > users' IPython notebooks? Since arbitrary Python code is what IPython
>> > notebook is all about (see:
>> > http://ipython.org/ipython-doc/dev/notebook/security.html), this might
>> be
>> > difficult to achieve.
>>
>> For SageMathCloud (https://cloud.sagemath.com), which hosts IPython
>> notebook servers, by default I use a firewall to disable most outside
>> network access by default. Uses can write to me to explain what they
>> are doing and request network access.
>>
>> Last year I was having fairly regular problems with people using
>> SageMathCloud to launch hacking attacks against targets, which
>> resulted in complaints from those targets. I also had problems with
>> people downloading content, e.g., from MathSciNet, which violated
>> their terms of usage (this was an unintentional mistake by a grad
>> student). Basically, SageMathCloud would regularly get flagged by
>> University of Washington Netops. Once I setup a firewall with a small
>> *whitelist* (including, e.g., github), I haven't had one single
>> problem like this.
>>
>> -- William
>>
>> >
>> >
>> > _______________________________________________
>> > IPython-dev mailing list
>> > IPython-dev at scipy.org
>> <javascript:_e(%7B%7D,'cvml','IPython-dev at scipy.org');>
>> > http://mail.scipy.org/mailman/listinfo/ipython-dev
>> >
>>
>>
>>
>> --
>> William (http://wstein.org)
>> _______________________________________________
>> IPython-dev mailing list
>> IPython-dev at scipy.org
>> <javascript:_e(%7B%7D,'cvml','IPython-dev at scipy.org');>
>> http://mail.scipy.org/mailman/listinfo/ipython-dev
>>
>
>
--
William (http://wstein.org)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ipython-dev/attachments/20150316/821f49be/attachment.html>
More information about the IPython-dev
mailing list