ruinous (OP)
Jr. Member
Offline
Activity: 94
Merit: 3
|
|
May 15, 2018, 02:10:12 AM |
|
I'm looking to run a full node not for wallet but for network so I'm hoping to have it available for connections incoming obviously but want to ensure privacy. I read a fair amount and have discovered some conflicting information. Hoping for some better references.
What I have is: 1gb dl, 50mb ul, winX and access to free VPN service through Avast, not that it's necessary to use it.
Appreciative of all help.
|
|
|
|
achow101
Moderator
Legendary
Offline
Activity: 3542
Merit: 6886
Just writing some code
|
|
May 15, 2018, 04:17:19 AM |
|
Privacy in what regard? Do you want people to not know your node's IP address? Or do you want people to not know whether you are behind your transactions? Or something else?
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
May 15, 2018, 06:28:14 AM |
|
You have to describe more detailed what exactly you want to achieve regarding privacy.
With core it won't be possible to see which transaction you have broadcasted. If you broadcast a TX with core, it is just one between thousands (which you relay to other nodes). The receipent (1 hop away) can't tell for sure that you have broadcasted the TX. It could have been broadcasted by anyone, relayed by your node.
With electrum an attacker might be able (under some circumstances) to gather the IP of the broadcasting wallet (and therefore also your location; assuming no VPN/proxy is used).
You IP, however, will be visible to all nodes connected to your node. This is necessary. Pretend you want to send a mail via snail-mail, but don't know the address. This doesn't work. The only way to hide your IP is via using a VPN service (which will relay the traffic via their server to you; The IP of the VPN server will be visible to the network).
For a more detailed anwser, ask more detailed.
|
|
|
|
mocacinno
Legendary
Offline
Activity: 3570
Merit: 5233
https://merel.mobi => buy facemasks with BTC/LTC
|
|
May 15, 2018, 06:30:46 AM |
|
Altough i do have questions about why you'd want to hide your node, here's a how-to on how to run your node as a hidden service on tor: https://en.bitcoin.it/wiki/Setting_up_a_Tor_hidden_serviceBut like achow101 and bob123 already explained: usually, there is no good reason to do this... Ip's are not recorded on the blockchain. If you create a new transaction and broadcast it trough your node, your peer will not know wether you created that transaction, or merely broadcasted somebody else's transaction...
|
|
|
|
ruinous (OP)
Jr. Member
Offline
Activity: 94
Merit: 3
|
|
May 15, 2018, 03:20:06 PM |
|
Thank you for quick responses.
I don't want to hide the node I just want to ensure that my system and home network isn't vulnerable and my personal privacy and identity aren't at risk if I run a node. Or at the very least what I can do to minimize any risk.
I do want to ensure there are incoming connections if I install and sync a full node and be an active participant to the network.
I suppose VPN will at least mask the IP and my home network and computer is just as vulnerable as it otherwise would be? And Tor is going to block incoming connections?
|
|
|
|
Sellingaccs
Member
Offline
Activity: 126
Merit: 50
Ask me for Pools, Nodes and Explorers.
|
|
May 15, 2018, 06:25:28 PM |
|
I don't want to hide the node I just want to ensure that my system and home network isn't vulnerable and my personal privacy and identity aren't at risk if I run a node. Or at the very least what I can do to minimize any risk.
I do want to ensure there are incoming connections if I install and sync a full node and be an active participant to the network. I suppose VPN will at least mask the IP and my home network and computer is just as vulnerable as it otherwise would be?
No. Using a VPN will mean that, you are contacting to one of the VPN providers servers, and the clients who connect to your node will see your VPN providers IP address rather than your homes. They would need to basically compromise the VPN provider, to get access to you. Just make sure that the VPN provider allows P2P and Port forwarding. And Tor is going to block incoming connections?
I suggest not wasting tor networks capacities, even if you could. But overall, using a VPN is already enough if you are scared of your IP showing to your clients. However personally i'd run the node on a seperate computer, with an different IP address if i was storing some important information.
|
|
|
|
Jet Cash
Legendary
Offline
Activity: 2828
Merit: 2472
https://JetCash.com
|
|
May 15, 2018, 07:14:07 PM |
|
Am I being naive here, but surely if you run a node at home, your isp will see the packets, and know that you have a Bitcoin node running. He probably won't care though. In my opinion if you want complete privacy, then you need to go public, and use a variety of public WiFi services.
|
Offgrid campers allow you to enjoy life and preserve your health and wealth. Save old Cars - my project to save old cars from scrapage schemes, and to reduce the sale of new cars. My new Bitcoin transfer address is - bc1q9gtz8e40en6glgxwk4eujuau2fk5wxrprs6fys
|
|
|
mocacinno
Legendary
Offline
Activity: 3570
Merit: 5233
https://merel.mobi => buy facemasks with BTC/LTC
|
|
May 15, 2018, 07:33:52 PM |
|
Am I being naive here, but surely if you run a node at home, your isp will see the packets, and know that you have a Bitcoin node running. He probably won't care though. In my opinion if you want complete privacy, then you need to go public, and use a variety of public WiFi services.
Your isp won't be able to analyse your traffic if you run your node as a hidden service or over a VPN... Sure, he'll be able to monitor your bandwith usage, but that's about all
|
|
|
|
LeGaulois
Copper Member
Legendary
Offline
Activity: 2940
Merit: 4101
Top Crypto Casino
|
|
May 15, 2018, 08:09:36 PM |
|
Nowadays most ISP have an unlimited bandwidth for the customers, and the ISP with a data cap don't care as long as you pay what you consume. Using different public WiFi services is difficult while you're at home, or unless you want to run a node at the Mac Donald
|
|
|
|
bitmover
Legendary
Offline
Activity: 2478
Merit: 6318
bitcoindata.science
|
|
May 16, 2018, 12:14:42 PM |
|
I have never seen this kind of problem regarding privacy in full nodes. As you download all the data related to all transactions and addresses...
Lightweight wallets on the other hand have privacy problems. As they only get data related to your addresses, it would be theoretically possible to discover what are your addresses.
But there are already some wallets using protocols that reduce this privacy risk.
|
|
|
|
ruinous (OP)
Jr. Member
Offline
Activity: 94
Merit: 3
|
|
May 16, 2018, 03:28:48 PM |
|
So Avast allows P2P on specific VPN connections, I didn't see documentation on port forwarding though. I put a request in for more information.
I did dl and sync a full node for bitcoin core. Followed all the the network instructions but after full sync and over night I still only see 8 outbound connections/ 0 inbound and not using VPN currently.
Ports are forwarded in router and winX firewall should be configured. I did TCP/UDP to 8333 but when I call to my IP and port 8333 any site I use says connection timed out.
Static IP through DHCP in router is set.
Not sure what I'm missing.
|
|
|
|
ranochigo
Legendary
Offline
Activity: 3038
Merit: 4420
Crypto Swap Exchange
|
|
May 16, 2018, 04:34:03 PM |
|
I did dl and sync a full node for bitcoin core. Followed all the the network instructions but after full sync and over night I still only see 8 outbound connections/ 0 inbound and not using VPN currently.
Ports are forwarded in router and winX firewall should be configured. I did TCP/UDP to 8333 but when I call to my IP and port 8333 any site I use says connection timed out.
Static IP through DHCP in router is set.
Not sure what I'm missing.
The most common issue I've seen is that the port forwarding is incorrect. Go to command prompt and type ipconfig and take note of your IPV4 address in the column with the connection you're using. That is your local IP address. Check if your port forwarding asks for any IP address, if it does, use that IP address and not your public IP address. Go to bitnodes.earn.com and press check node at the bottom. If it shows your client version then you're good to go.
|
|
|
|
ruinous (OP)
Jr. Member
Offline
Activity: 94
Merit: 3
|
|
May 16, 2018, 04:57:37 PM |
|
Correct, I used the internal/local ip i set static on router. ipconfig confirms they match. Double checked the port forwarding ip matches as well. bitnodes still gives me a red box with http403.
|
|
|
|
ruinous (OP)
Jr. Member
Offline
Activity: 94
Merit: 3
|
|
May 16, 2018, 06:39:19 PM |
|
Thank you all for the reply's, I was able to diagnose my connection issues.
My modem rented through ISP is a combo router and since I have my own router/firewall etc. I had a multiple NAT issue. Embarassingly I hadnt switched the modem to bridge mode. I changed that setting and had incoming connections almost instantly to full node.
Avast VPN works P2P and supports port forwarding but you have to connect to their P2P VPN sites manually. So VPN is working with incoming to node and is "alive".
I have option to enable a guest network on router without broadcasting ssid so that may provide more anonymity? Appreciate the added thoughts and help. Seem though this may be unnecessary from previous comments though?
|
|
|
|
ranochigo
Legendary
Offline
Activity: 3038
Merit: 4420
Crypto Swap Exchange
|
|
May 17, 2018, 02:26:22 AM |
|
I have option to enable a guest network on router without broadcasting ssid so that may provide more anonymity? Appreciate the added thoughts and help. Seem though this may be unnecessary from previous comments though?
By disabling SSID broadcasting, your router will not openly say that the specific WiFi network exist. The only thing this would discourage is script kiddy trying to bruteforce your password protected WiFi. However, it would still be possible for someone else to detect your WiFi with monitoring. It wouldn't help in anonymity, especially if you have a relatively strong password. Even if it gets cracked, the only thing they can possibly see if the peers that you're connected to.
|
|
|
|
ruinous (OP)
Jr. Member
Offline
Activity: 94
Merit: 3
|
|
May 18, 2018, 06:12:50 PM |
|
Is it worth the trouble though? To separate my routers traffic? I suppose my own local wifi is under the same risk, so it's pointless. The VPN is enough to give anonymity for the node?
Also, the node has been running what has to occur for a peer to be banned from my node? Is this anything I should be concerned about?
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
May 20, 2018, 11:41:10 AM |
|
Is it worth the trouble though? To separate my routers traffic?
No. You won't gain anything. The internet traffic is going from your local network (doesn't matter which of your wifi's) through your router into the internet. The VPN is enough to give anonymity for the node?
Yes, definetely. No layman will be able to track it back to you. But governments or authorities may be able to 'force' the vpn provider to give your details out. In such a case you need to use a VPN which is trustworthy (and does not store any logs). Also, the node has been running what has to occur for a peer to be banned from my node? Is this anything I should be concerned about?
No, nothing to worry. Your node does ban other nodes if they 'misbehave'. They are either trying a DoS or using the client with wrong configuration (e.g. bcash fellows not understanding how to configure software properly). It is a feature.
|
|
|
|
ruinous (OP)
Jr. Member
Offline
Activity: 94
Merit: 3
|
|
May 21, 2018, 02:16:16 AM |
|
Ok, thank you and thanks to everyone here. I'm glad the forum is here as I can bounce this off the community. I imagine I'd be struggling with a double NAT issue much longer since that should have been taken care of when we moved into the house years ago. I imagine all my port forwarding is actually working .. .. as embarrassed as I am I'm better off for it all node and home network.
Anyway super comfortable with the set up and I'll check on the VPN if they log. Excited for when I have time to set up a lightening node now.
Mod feel free to close thread. Thanks again everyone!
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
May 21, 2018, 10:25:44 AM |
|
Mod feel free to close thread. Thanks again everyone!
Actually, you can close the thread yourself. At the bottom left of your thread you choose between 'Move Thread' and ' Lock Thread'
|
|
|
|
|