Hi there. One of my clients has some security alerts configured and they pinged me about some traffic from a prefect flow to 126.96.36.199. They say this is associated with Netlify which is not "approved" by their security team.
We are running Prefect 1 and Prefect 2 flows. I am trying to figure out what may be causing our flow to connect to this address. Would this be related to the anonymous tracking? (we just disabled that). Any other ideas? Thanks
09/08/2023, 4:27 PM
Hey Pedro, my name is Jonathan and I’m part of Prefect’s security team.
This address appears to be in Google’s IP space, but does not match the IPv4 addresses of any of our endpoints used by Prefect Cloud (api.prefect.io is 188.8.131.52 and api.prefect.cloud is 184.108.40.206).
It’s possible that it’s related to our anonymous telemetry, yes, because that uses Cloud Run, which does not have a fixed IP address. The hostname is sens-o-matic.prefect.io but I think the IP address may change (this is a CNAME to ghs.googlehosted.com). It’s also possible that other libraries you’re using are sending some telemetry to Google, so may be tricky to isolate.
I’m happy to support your investigation in any way that we can; you can reach us via email@example.com
09/08/2023, 4:32 PM
Hi Jonathan. Thanks for the update and additional information. I found the setting to disable telemetry on Prefect 2. How do I do the same in Prefect 1?