[IPython-dev] how to prevent spam, ddos, etc. from IPython notebooks

Raymond Yee raymond.yee at gmail.com
Mon Mar 16 13:03:51 EDT 2015


re whitelisting, a possibly useful model is what pythonanywhere does:

https://www.pythonanywhere.com/wiki/403ForbiddenError (you can ask for
sites to be put on the whitelist)
https://www.pythonanywhere.com/whitelist/ (sites free users can access)

-Raymond

On 3/16/15 9:58 AM, William Stein wrote:
>
>
> On Monday, March 16, 2015, MinRK <benjaminrk at gmail.com
> <mailto:benjaminrk at gmail.com>> wrote:
>
>     tmpnb (try.jupyter.org <http://try.jupyter.org>) takes a similar,
>     if more restrictive, approach to SageMathCloud. User containers
>     simply have no network access. We should probably adopt a strict
>     whitelist of services like William has done.
>
>
> Do people complain?
>  
>
>     -MinRK
>
>     On Mon, Mar 16, 2015 at 8:14 AM, William Stein <wstein at gmail.com
>     <javascript:_e(%7B%7D,'cvml','wstein at gmail.com');>> wrote:
>
>         On Mon, Mar 16, 2015 at 6:55 AM, Robert Alexander
>         <roalexan at microsoft.com
>         <javascript:_e(%7B%7D,'cvml','roalexan at microsoft.com');>> wrote:
>         > Do people have any advice/experience on how to prevent spam,
>         ddos, etc. from
>         > users' IPython notebooks? Since arbitrary Python code is
>         what IPython
>         > notebook is all about (see:
>         > http://ipython.org/ipython-doc/dev/notebook/security.html),
>         this might be
>         > difficult to achieve.
>
>         For SageMathCloud (https://cloud.sagemath.com), which hosts
>         IPython
>         notebook servers, by default I use a firewall to disable most
>         outside
>         network access by default.  Uses can write to me to explain
>         what they
>         are doing and request network access.
>
>         Last year I was having fairly regular problems with people using
>         SageMathCloud to launch hacking attacks against targets, which
>         resulted in complaints from those targets.   I also had
>         problems with
>         people downloading content, e.g., from MathSciNet, which violated
>         their terms of usage (this was an unintentional mistake by a grad
>         student).    Basically, SageMathCloud would regularly get
>         flagged by
>         University of Washington Netops.  Once I setup a firewall with
>         a small
>         *whitelist* (including, e.g., github), I haven't had one single
>         problem like this.
>
>          -- William
>
>         >
>         >
>         > _______________________________________________
>         > IPython-dev mailing list
>         > IPython-dev at scipy.org
>         <javascript:_e(%7B%7D,'cvml','IPython-dev at scipy.org');>
>         > http://mail.scipy.org/mailman/listinfo/ipython-dev
>         >
>
>
>
>         --
>         William (http://wstein.org)
>         _______________________________________________
>         IPython-dev mailing list
>         IPython-dev at scipy.org
>         <javascript:_e(%7B%7D,'cvml','IPython-dev at scipy.org');>
>         http://mail.scipy.org/mailman/listinfo/ipython-dev
>
>
>
>
> -- 
> William (http://wstein.org)
>
>
> _______________________________________________
> IPython-dev mailing list
> IPython-dev at scipy.org
> http://mail.scipy.org/mailman/listinfo/ipython-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/ipython-dev/attachments/20150316/b5136507/attachment.html>


More information about the IPython-dev mailing list