Bitcoin Core 29.0 location & security basics

[Ivanelofanich]

Hi all,

I now have a Bitcoin Core 29.0 running on Ubuntu 24.04

Is it possible for a bad actor to work out where my node is located, thus making me a target for physical burglary?

What basic security actions would you recommend to maintain my anonymity please?

Also should I take any action against online attacks?

I have no BTC on the node, just running to help the network

Thanks in advance

[Dogedegen]

Hi all,

I now have a Bitcoin Core 29.0 running on Ubuntu 24.04

Is it possible for a bad actor to work out where my node is located, thus making me a target for physical burglary?

What basic security actions would you recommend to maintain my anonymity please?
Thanks in advance

Depends on your settings, if you are just a listening node and have not done any port forwarding you will just be seen as one of many thousands of downloading clients. At worst, your IP can be logged. But what about it? Do you know that you leave your IP address anywhere you visit on the web, including this forum?

If this is a concern for you, you could run the node behind a proxy, TOR, I2P or even somewhere online by renting out a server.

Also should I take any action against online attacks?

I have no BTC on the node, just running to help the network

You don't need to really do anything. I have not really ever heard of a case of someone getting hacked this way.

[ABCbits]

Is it possible for a bad actor to work out where my node is located, thus making me a target for physical burglary?

It's very unlikely considering there are about 21K nodes that accept incoming connection[1] and about 87K of all running full nodes[2].

What basic security actions would you recommend to maintain my anonymity please?

Also should I take any action against online attacks?

By default, Ubuntu is secure enough (assuming you're not specifically targeted by someone with tons of resources). Even Ubuntu help page only mention very common advice[3]. If you don't want your IP address known by other full node and any website you visit, VPN should be good enough. But take note some some VPN provider doesn't take privacy seriously.

[1] https://bitnodes.io/
[2] https://luke.dashjr.org/programs/bitcoin/files/charts/historical.html
[3] https://help.ubuntu.com/stable/ubuntu-help/net-security-tips.html.en

[Dogedegen]

Is it possible for a bad actor to work out where my node is located, thus making me a target for physical burglary?

By default, Ubuntu is secure enough (assuming you're not specifically targeted by someone with tons of resources). Even Ubuntu help page only mention very common advice[3]. If you don't want your IP address known by other full node and any website you visit, VPN should be good enough. But take note some some VPN provider doesn't take privacy seriously.

For his purpose, it doesn't matter if the VPN takes privacy seriously or retains logs. In any case, his real IP will be hidden. He can go with any of the current top VPN providers and it will suffice for this use case.

[Forsyth Jones]

If this is a concern for you, I recommend that you enable Tor in the Bitcoin Core settings.

I don't know about Windows (I think it's easier on Linux), but on Linux the steps to run Bitcoin Core over Tor are as linked below:

Setting up a Tor hidden service
TOR SUPPORT IN BITCOIN

15. Bitcoin over Tor[video] - This tutorial helped me a lot

Is it possible for a bad actor to work out where my node is located, thus making me a target for physical burglary?

By default, Ubuntu is secure enough (assuming you're not specifically targeted by someone with tons of resources). Even Ubuntu help page only mention very common advice[3]. If you don't want your IP address known by other full node and any website you visit, VPN should be good enough. But take note some some VPN provider doesn't take privacy seriously.

For his purpose, it doesn't matter if the VPN takes privacy seriously or retains logs. In any case, his real IP will be hidden. He can go with any of the current top VPN providers and it will suffice for this use case.

No need for VPN, just enable TOR.

[ABCbits]

Is it possible for a bad actor to work out where my node is located, thus making me a target for physical burglary?

By default, Ubuntu is secure enough (assuming you're not specifically targeted by someone with tons of resources). Even Ubuntu help page only mention very common advice[3]. If you don't want your IP address known by other full node and any website you visit, VPN should be good enough. But take note some some VPN provider doesn't take privacy seriously.

For his purpose, it doesn't matter if the VPN takes privacy seriously or retains logs. In any case, his real IP will be hidden. He can go with any of the current top VPN providers and it will suffice for this use case.

I get your point. Although i mentioned privacy since people who use Bitcoin and one of Linux distro is more likely to take privacy seriously.

--snip--

No need for VPN, just enable TOR.

Yeah, assuming OP willing to setup it (Bitcoin Core using Tor and Tor service on Ubuntu) and don't live on place where Tor connection is blocked.