where to host web server

where to host web server

Shahar Dag dag at cs.technion.ac.il
Tue Oct 23 16:57:05 IST 2012 

 

 

From: linux-il-bounces at cs.huji.ac.il [mailto:linux-il-bounces at cs.huji.ac.il]
On Behalf Of Oleg Goldshmidt
Sent: Sunday, October 21, 2012 4:02 PM
To: Steve G.
Cc: IGLU Mailing list
Subject: Re: where to host web server

 

 

On Sun, Oct 21, 2012 at 3:13 PM, Steve G. <wordz2u at gmail.com> wrote:

 

Easiest example - a server with poor password. If you are in the intranet,
and someone hacks into it and runs a DDOS on a local server, the admin will
shut the offending server down and that's the end of it. Ditto for an error
that creates infinite processing or broadcast loops. Do it to the outside
world, and you'll have the authorities at your door. 

 

A second example - unauthorized content. Host kiddy porn on your internal
account, and you'll be suspended (or your account closed till it is
secured). Have an external hacker serving same from your university server,
and you - and your institution and amin - will have to account to Interpol.

 

You get my drift - some things are better left outside, where responsibility
is the student's and the ISP's and not the Technion.


No, sorry, I don't get your drift. We are talking about a course project or
some such, i.e., a part of Technion's curriculum, where a student is
supposed to create a web site, and - I presume - his/her creation is
supposed to be tested and graded. 

Either the site is on the Technion's internal net and not accessible from
outside, or it is public and is open to the world to see. In the first case,
an internal host seems easier. In the latter case, what's the URL? I *do*
expect it to be something.technion.ac.il (what else?). 

In either case it is the Technion that will be responsible for the hosting
(networking, DNS, etc.), not the student. The student will just use
Technion's facility for his/her course work. In this case (creation of a web
site) I suppose the student will not even have any administrative
privileges. I absolutely do not see the Technion telling its students
"please enter into a hosting contract with Amazon on your own if you want to
pass this course". In any case, the hosting provider will deal with the
Technion, and if "authorities knock at the door" the Technion will have to
answer, and find the responsible student, and deal with it, etc.

If there is an illegal copy of Skyfall offered for download (or illegal
porn, or DDOS zombie, or whatever) then I do expect the Technion to be
liable equally regardless of the physical hosting facility. There may be a
difference related to which country it is hosted on - I would expect Israel
to be preferable for the Technion to anything else.

-- 
Oleg Goldshmidt | pub at goldshmidt.org

 

OK I will try to clarify

The students will have sudo account on the machine (every project will have
its own machine)

The students will decide which web server and supporting programs to install
(but it will be Linux) and then install everything they need.

We cannot test in advanced that the web site & the machine behave in a
reasonable way.

Everything can be accessed internally via a limited network.

 

The problem starts for example if you want to test your system from a mobile
device via 3G. Here you need to open your system to the world. Currently we
can't do it (for next year we will try to host a virtual cluster in the
DMZ).

 

Shahar

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20121023/ab8d9954/attachment-0001.html>

More information about the Linux-il mailing list