[IPython-User] Help troubleshooting notebook as public server
Tue Jan 10 12:34:55 CST 2012
On Tue, Jan 10, 2012 at 2:19 AM, Fernando Perez <firstname.lastname@example.org>wrote:
> On Mon, Jan 9, 2012 at 3:57 PM, Michael Waskom <email@example.com>
> > Thanks for the hypothesis generation. It turns out that indeed we do
> have a
> > firewall on the network side that was blocking access. To get IT to open
> > some ports for me, I need to answer the following question, which I
> > figure out from the docs (compounded by my limited understanding of,
> > the internet): whether the ports use UDP or TCP.
> Also, I just want to paranoidly confirm that this server will be secure
> > of the box" provided I followed the directions about setting up a
> > for my notebook and transmitting it via SSL (so that possible intruders
> > don't get shell-like access to my system).
> Well, in as much as we haven't found security holes yet under those
> conditions :)
> What I mean is: there are no 'guaranteed secure' systems on the
> internet, only systems whose security flaws haven't been found yet.
> For this reason, we more than welcome scrutiny of the code that deals
> with these issues in IPython, and will do our best to rapidly address
> any problems reported to us.
Of course. Not expecting a miracle, just wanted to have the Berkeley
researcher on record in case I inadvertently bring down the Stanford
network and need to redirect the mob :).
> But with these caveats, the answer is: yes, to the best of our
> knowledge, once you put a password and enable SSL, the system is
> secure. SSL forces all communication between your browser and the
> server to travel encrypted (including the password) and having a
> password means that nobody can get past the front page unless they
> know it.
> We also made sure the password storage format is in hashed/salted
> mode, so that even if someone reads your config file (which is stored
> in user-only directories just like SSH keys are), they still don't
> have your password. There is enough salt to make any brute-force
> attack using precomputed tables with present generation technology
Thanks for your help! If you don't hear from me again on this topic,
everything went smoothly as soon as IT opened up a port.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the IPython-User