[IPython-dev] how to prevent spam, ddos, etc. from IPython notebooks

William Stein wstein at gmail.com
Mon Mar 16 10:14:00 EDT 2015


On Mon, Mar 16, 2015 at 6:55 AM, Robert Alexander
<roalexan at microsoft.com> wrote:
> Do people have any advice/experience on how to prevent spam, ddos, etc. from
> users' IPython notebooks? Since arbitrary Python code is what IPython
> notebook is all about (see:
> http://ipython.org/ipython-doc/dev/notebook/security.html), this might be
> difficult to achieve.

For SageMathCloud (https://cloud.sagemath.com), which hosts IPython
notebook servers, by default I use a firewall to disable most outside
network access by default.  Uses can write to me to explain what they
are doing and request network access.

Last year I was having fairly regular problems with people using
SageMathCloud to launch hacking attacks against targets, which
resulted in complaints from those targets.   I also had problems with
people downloading content, e.g., from MathSciNet, which violated
their terms of usage (this was an unintentional mistake by a grad
student).    Basically, SageMathCloud would regularly get flagged by
University of Washington Netops.  Once I setup a firewall with a small
*whitelist* (including, e.g., github), I haven't had one single
problem like this.

 -- William

>
>
> _______________________________________________
> IPython-dev mailing list
> IPython-dev at scipy.org
> http://mail.scipy.org/mailman/listinfo/ipython-dev
>



-- 
William (http://wstein.org)



More information about the IPython-dev mailing list