Bitcoin Forum
December 03, 2016, 07:48:30 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Can I Stop all Network / Internet connections Besides bitcoin?  (Read 1390 times)
Fuzzy
Hero Member
*****
Offline Offline

Activity: 560



View Profile
June 29, 2011, 07:20:16 AM
 #1

I'm building a small machine dedicated to creating wallets and sending BTCs.

It's running a fresh install of XP SP3 and has yet to be connected via RJ45 cable to the network.

I've installed Avast, Winrar, and NetLimiter.

While NetLimiter will demand authorization from you for every process that attempts to connect to the network/internet, I believe it only controls the legit connections made by your applications. I don't trust it blocks ALL possible connections, and can probably be bypassed if one were so inclined.

Is there a way I can hard block ALL outgoing/Incomming connections other than bitcoin? I'm not even planning on using any browsers.
1480794510
Hero Member
*
Offline Offline

Posts: 1480794510

View Profile Personal Message (Offline)

Ignore
1480794510
Reply with quote  #2

1480794510
Report to moderator
1480794510
Hero Member
*
Offline Offline

Posts: 1480794510

View Profile Personal Message (Offline)

Ignore
1480794510
Reply with quote  #2

1480794510
Report to moderator
1480794510
Hero Member
*
Offline Offline

Posts: 1480794510

View Profile Personal Message (Offline)

Ignore
1480794510
Reply with quote  #2

1480794510
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
2weiX
Legendary
*
Offline Offline

Activity: 1638


View Profile
June 29, 2011, 07:22:20 AM
 #2

install a firewall and block all ports except 8333.
cloud9
Member
**
Offline Offline

Activity: 70


View Profile
June 29, 2011, 07:49:25 AM
 #3

Can wallet.dat be hacked through port 8333 ?

Disclaimer:  Postings of Cloud9 are only individual views of opinion and/or musings and/or hypothesisses.  On a non-authoritative, peer-to-peer public forum, you do not need permission from Cloud9 to derive your own conclusions or opinions, so please do.  Calculations and assumptions to be verified.
nhodges
Sr. Member
****
Offline Offline

Activity: 308


View Profile
June 29, 2011, 07:57:19 AM
 #4

Can wallet.dat be hacked through port 8333 ?

No that is the omniport.

cloud9
Member
**
Offline Offline

Activity: 70


View Profile
June 29, 2011, 08:26:40 AM
 #5

Can wallet.dat be hacked through port 8333 ?

No that is the omniport.

What is an omniport?  Can any other network traffic pass through port 8333 accept bitcoin client traffic?

Disclaimer:  Postings of Cloud9 are only individual views of opinion and/or musings and/or hypothesisses.  On a non-authoritative, peer-to-peer public forum, you do not need permission from Cloud9 to derive your own conclusions or opinions, so please do.  Calculations and assumptions to be verified.
Fuzzy
Hero Member
*****
Offline Offline

Activity: 560



View Profile
June 29, 2011, 08:42:05 AM
 #6

Obviously, when the 64,000 port protocol was made, they didn't reserve 8333 for bitcoin, so it must be accessible otherwise. Unless you lock that port to the bitcoin.exe client, via a hash check or something, but that's all techno babble on my part, have no clue how any of that would be done.
cloud9
Member
**
Offline Offline

Activity: 70


View Profile
June 29, 2011, 09:41:17 AM
 #7

So wallet.dat can be hacked through port 8333 by malware?

Disclaimer:  Postings of Cloud9 are only individual views of opinion and/or musings and/or hypothesisses.  On a non-authoritative, peer-to-peer public forum, you do not need permission from Cloud9 to derive your own conclusions or opinions, so please do.  Calculations and assumptions to be verified.
Fuzzy
Hero Member
*****
Offline Offline

Activity: 560



View Profile
June 29, 2011, 11:07:50 AM
 #8

either no one here knows, or they're all asleep, or they're all scared of being quoted when all joor btc are gone...
kerogre256
Full Member
***
Offline Offline

Activity: 161


View Profile
June 29, 2011, 11:39:03 AM
 #9

install openBSD it has only 2 remote holes in default installation in abaut 10 years....
kerogre256
Full Member
***
Offline Offline

Activity: 161


View Profile
June 29, 2011, 11:43:01 AM
 #10

install openBSD it has only 2 remote holes in default installation in abaut 10 years....
99,99% or hacker will not touch it when have thousands of windows computers to hack, ech again duble post can i delete it ?
titeuf_87
Member
**
Offline Offline

Activity: 112


View Profile
June 29, 2011, 12:55:50 PM
 #11

Install a firewall and block all ports except for outgoing to 8333: bitcoin will use that to connect to other bitcoin nodes.

You may also want to open the outgoing irc port, as bitcoin uses irc to discover other clients. If you don't open this on your firewall, you'll probably have to run bitcoin with the -addnode parameter as otherwise I doubt you'll have any connections.

15kfBM3TQ4PGzL7cKncU3su2pH7ZJmiLtr
cloud9
Member
**
Offline Offline

Activity: 70


View Profile
June 29, 2011, 01:00:09 PM
 #12

Install a firewall and block all ports except for outgoing to 8333: bitcoin will use that to connect to other bitcoin nodes.

You may also want to open the outgoing irc port, as bitcoin uses irc to discover other clients. If you don't open this on your firewall, you'll probably have to run bitcoin with the -addnode parameter as otherwise I doubt you'll have any connections.

Thanks.  Will iptables suffice?

Disclaimer:  Postings of Cloud9 are only individual views of opinion and/or musings and/or hypothesisses.  On a non-authoritative, peer-to-peer public forum, you do not need permission from Cloud9 to derive your own conclusions or opinions, so please do.  Calculations and assumptions to be verified.
titeuf_87
Member
**
Offline Offline

Activity: 112


View Profile
June 29, 2011, 01:16:53 PM
 #13

Install a firewall and block all ports except for outgoing to 8333: bitcoin will use that to connect to other bitcoin nodes.

You may also want to open the outgoing irc port, as bitcoin uses irc to discover other clients. If you don't open this on your firewall, you'll probably have to run bitcoin with the -addnode parameter as otherwise I doubt you'll have any connections.

Thanks.  Will iptables suffice?
Probably. I never used iptables myself so I can't answer questions about that.

15kfBM3TQ4PGzL7cKncU3su2pH7ZJmiLtr
kerogre256
Full Member
***
Offline Offline

Activity: 161


View Profile
June 29, 2011, 02:22:59 PM
 #14

Install a firewall and block all ports except for outgoing to 8333: bitcoin will use that to connect to other bitcoin nodes.

You may also want to open the outgoing irc port, as bitcoin uses irc to discover other clients. If you don't open this on your firewall, you'll probably have to run bitcoin with the -addnode parameter as otherwise I doubt you'll have any connections.

Thanks.  Will iptables suffice?
YES
kerogre256
Full Member
***
Offline Offline

Activity: 161


View Profile
June 29, 2011, 02:27:05 PM
 #15

And try this  http://en.wikipedia.org/wiki/Security-Enhanced_Linux
cloud9
Member
**
Offline Offline

Activity: 70


View Profile
June 29, 2011, 08:29:42 PM
 #16


Why would N-S-A develop something in 2000 and then collaborate with the open source community for an inclusion of this software into the linux kernel in 2003 ( http://en.wikipedia.org/wiki/Security-Enhanced_Linux#Overview ) if it would make nosing into individuals' systems more difficult:

From NSA Security-enhanced Linux Team:

    "NSA Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control (MAC) architecture into the major subsystems of the kernel. It provides an enhanced mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications. It includes a set of sample security policy configuration files designed to meet common, general-purpose security goals."

(SELinux has been integrated into version 2.6 series of the Linux kernel, and separate patches are now unnecessary; the above is a historical quote.)


It is in stark contrast to the Magic Lantern attempt just a few years earlier down the timeline in 2001?:  http://www.wired.com/politics/law/news/2001/11/48648 and http://www.uhuh.com/control/list-pat.htm

"Other security mavens pointed to free software projects such as openvirus.org as more trustworthy alternatives to Network Associates' McAfee anti-virus products, and GPG as a replacement for Network Associates' PGP encryption software.

The criticism raised a well-known point in security circles: Security software, including PGP and anti-virus products ware, is either looking out for your interests or those of the government. It can't do both.

.
.
.

In his 1982 book The Puzzle Palace, author James Bamford recounted how the National Security Agency's predecessor coerced Western Union, RCA, and ITT Communications to turn over telegraph traffic to the feds in 1945."

Disclaimer:  Postings of Cloud9 are only individual views of opinion and/or musings and/or hypothesisses.  On a non-authoritative, peer-to-peer public forum, you do not need permission from Cloud9 to derive your own conclusions or opinions, so please do.  Calculations and assumptions to be verified.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!