[IPython-dev] how to prevent spam, ddos, etc. from IPython notebooks
Raymond Yee
raymond.yee at gmail.com
Mon Mar 16 13:03:51 EDT 2015
re whitelisting, a possibly useful model is what pythonanywhere does:
https://www.pythonanywhere.com/wiki/403ForbiddenError (you can ask for
sites to be put on the whitelist)
https://www.pythonanywhere.com/whitelist/ (sites free users can access)
-Raymond
On 3/16/15 9:58 AM, William Stein wrote:
>
>
> On Monday, March 16, 2015, MinRK <benjaminrk at gmail.com
> <mailto:benjaminrk at gmail.com>> wrote:
>
> tmpnb (try.jupyter.org <http://try.jupyter.org>) takes a similar,
> if more restrictive, approach to SageMathCloud. User containers
> simply have no network access. We should probably adopt a strict
> whitelist of services like William has done.
>
>
> Do people complain?
>
>
> -MinRK
>
> On Mon, Mar 16, 2015 at 8:14 AM, William Stein <wstein at gmail.com
> <javascript:_e(%7B%7D,'cvml','wstein at gmail.com');>> wrote:
>
> On Mon, Mar 16, 2015 at 6:55 AM, Robert Alexander
> <roalexan at microsoft.com
> <javascript:_e(%7B%7D,'cvml','roalexan at microsoft.com');>> wrote:
> > Do people have any advice/experience on how to prevent spam,
> ddos, etc. from
> > users' IPython notebooks? Since arbitrary Python code is
> what IPython
> > notebook is all about (see:
> > http://ipython.org/ipython-doc/dev/notebook/security.html),
> this might be
> > difficult to achieve.
>
> For SageMathCloud (https://cloud.sagemath.com), which hosts
> IPython
> notebook servers, by default I use a firewall to disable most
> outside
> network access by default. Uses can write to me to explain
> what they
> are doing and request network access.
>
> Last year I was having fairly regular problems with people using
> SageMathCloud to launch hacking attacks against targets, which
> resulted in complaints from those targets. I also had
> problems with
> people downloading content, e.g., from MathSciNet, which violated
> their terms of usage (this was an unintentional mistake by a grad
> student). Basically, SageMathCloud would regularly get
> flagged by
> University of Washington Netops. Once I setup a firewall with
> a small
> *whitelist* (including, e.g., github), I haven't had one single
> problem like this.
>
> -- William
>
> >
> >
> > _______________________________________________
> > IPython-dev mailing list
> > IPython-dev at scipy.org
> <javascript:_e(%7B%7D,'cvml','IPython-dev at scipy.org');>
> > http://mail.scipy.org/mailman/listinfo/ipython-dev
> >
>
>
>
> --
> William (http://wstein.org)
> _______________________________________________
> IPython-dev mailing list
> IPython-dev at scipy.org
> <javascript:_e(%7B%7D,'cvml','IPython-dev at scipy.org');>
> http://mail.scipy.org/mailman/listinfo/ipython-dev
>
>
>
>
> --
> William (http://wstein.org)
>
>
> _______________________________________________
> IPython-dev mailing list
> IPython-dev at scipy.org
> http://mail.scipy.org/mailman/listinfo/ipython-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ipython-dev/attachments/20150316/b5136507/attachment.html>
More information about the IPython-dev
mailing list