Bitcoin Forum
November 13, 2018, 03:37:51 AM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Node Privacy  (Read 197 times)
ruinous
Jr. Member
*
Offline Offline

Activity: 88
Merit: 3


View Profile
May 15, 2018, 02:10:12 AM
 #1

I'm looking to run a full node not for wallet but for network so I'm hoping to have it available for connections incoming obviously but want to ensure privacy. I read a fair amount and have discovered some conflicting information. Hoping for some better references.

What I have is: 1gb dl, 50mb ul, winX and access to free VPN service through Avast, not that it's necessary to use it.

Appreciative of all help.
1542080271
Hero Member
*
Offline Offline

Posts: 1542080271

View Profile Personal Message (Offline)

Ignore
1542080271
Reply with quote  #2

1542080271
Report to moderator
1542080271
Hero Member
*
Offline Offline

Posts: 1542080271

View Profile Personal Message (Offline)

Ignore
1542080271
Reply with quote  #2

1542080271
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
achow101
Moderator
Legendary
*
Offline Offline

Activity: 1582
Merit: 1739


bc1qshxkrpe4arppq89fpzm6c0tpdvx5cfkve2c8kl


View Profile WWW
May 15, 2018, 04:17:19 AM
 #2

Privacy in what regard? Do you want people to not know your node's IP address? Or do you want people to not know whether you are behind your transactions? Or something else?

bob123
Hero Member
*****
Offline Offline

Activity: 742
Merit: 689



View Profile WWW
May 15, 2018, 06:28:14 AM
Merited by bones261 (1)
 #3

You have to describe more detailed what exactly you want to achieve regarding privacy.

With core it won't be possible to see which transaction you have broadcasted.
If you broadcast a TX with core, it is just one between thousands (which you relay to other nodes). The receipent (1 hop away) can't tell for sure that you have broadcasted the TX. It could have been broadcasted by anyone, relayed by your node.

With electrum an attacker might be able (under some circumstances) to gather the IP of the broadcasting wallet (and therefore also your location; assuming no VPN/proxy is used).


You IP, however, will be visible to all nodes connected to your node. This is necessary.
Pretend you want to send a mail via snail-mail, but don't know the address. This doesn't work.
The only way to hide your IP is via using a VPN service (which will relay the traffic via their server to you; The IP of the VPN server will be visible to the network).


For a more detailed anwser, ask more detailed.

mocacinno
Legendary
*
Offline Offline

Activity: 1400
Merit: 1251


https://unblur.ninja =>lightning network testsite


View Profile WWW
May 15, 2018, 06:30:46 AM
 #4

Altough i do have questions about why you'd want to hide your node, here's a how-to on how to run your node as a hidden service on tor:

https://en.bitcoin.it/wiki/Setting_up_a_Tor_hidden_service

But like achow101 and bob123 already explained: usually, there is no good reason to do this... Ip's are not recorded on the blockchain. If you create a new transaction and broadcast it trough your node, your peer will not know wether you created that transaction, or merely broadcasted somebody else's transaction...

ruinous
Jr. Member
*
Offline Offline

Activity: 88
Merit: 3


View Profile
May 15, 2018, 03:20:06 PM
 #5

Thank you for quick responses.

I don't want to hide the node I just want to ensure that my system and home network isn't vulnerable and my personal privacy and identity aren't at risk if I run a node. Or at the very least what I can do to minimize any risk.

I do want to ensure there are incoming connections if I install and sync a full node and be an active participant to the network.

I suppose VPN will at least mask the IP and my home network and computer is just as vulnerable as it otherwise would be? And Tor is going to block incoming connections?
Sellingaccs
Member
**
Offline Offline

Activity: 126
Merit: 49

Ask me for Pools, Nodes and Explorers.


View Profile
May 15, 2018, 06:25:28 PM
 #6

I don't want to hide the node I just want to ensure that my system and home network isn't vulnerable and my personal privacy and identity aren't at risk if I run a node. Or at the very least what I can do to minimize any risk.

I do want to ensure there are incoming connections if I install and sync a full node and be an active participant to the network.
I suppose VPN will at least mask the IP and my home network and computer is just as vulnerable as it otherwise would be?

No. Using a VPN will mean that, you are contacting to one of the VPN providers servers, and the clients who connect to your node will see your VPN providers IP address rather than your homes. They would need to basically compromise the VPN provider, to get access to you. Just make sure that the VPN provider allows P2P and Port forwarding.

And Tor is going to block incoming connections?

I suggest not wasting tor networks capacities, even if you could.

But overall, using a VPN is already enough if you are scared of your IP showing to your clients. However personally i'd run the node on a seperate computer, with an different IP address if i was storing some important information.

Jet Cash
Legendary
*
Offline Offline

Activity: 1064
Merit: 1291


I don't merit Spambies


View Profile WWW
May 15, 2018, 07:14:07 PM
 #7

Am I being naive here, but surely if you run a node at home, your isp will see the packets, and know that you have a Bitcoin node running. He probably won't care though. In my opinion if you want complete privacy, then you need to go public, and use a variety of public WiFi services.

mocacinno
Legendary
*
Offline Offline

Activity: 1400
Merit: 1251


https://unblur.ninja =>lightning network testsite


View Profile WWW
May 15, 2018, 07:33:52 PM
 #8

Am I being naive here, but surely if you run a node at home, your isp will see the packets, and know that you have a Bitcoin node running. He probably won't care though. In my opinion if you want complete privacy, then you need to go public, and use a variety of public WiFi services.

Your isp won't be able to analyse your traffic if you run your node as a hidden service or over a VPN... Sure, he'll be able to monitor your bandwith usage, but that's about all

LeGaulois
Copper Member
Hero Member
*****
Offline Offline

Activity: 882
Merit: 896

Bitcoin Ninja Unregulated Banker Unbanking Folks


View Profile
May 15, 2018, 08:09:36 PM
 #9

Nowadays most ISP have an unlimited bandwidth for the customers, and the ISP with a data cap don't care as long as you pay what you consume.
Using different public WiFi services is difficult while you're at home, or unless you want to run a node at the Mac Donald

bitmover
Sr. Member
****
Offline Offline

Activity: 294
Merit: 473


Make winning bets on sports with Sportsbet.io!


View Profile
May 16, 2018, 12:14:42 PM
 #10

I have never seen this kind of problem regarding privacy in full nodes. As you download all the data related to all transactions and addresses...

Lightweight wallets on the other hand have privacy problems. As they only get data related to your addresses, it would be theoretically possible to discover what are your addresses.

But there are already some wallets using protocols that reduce this privacy risk.

   ▄▄██████▄▄
  ████████████
███▄▄
 ██████████████▀▀▀██▄
████████████████   ▀██▄
████████████████     ▀██
██████████████       ██▌
██████████████        ▐██
██▌▀▀██████▀▀         ▐██
▐██                   ██▌
 ██▄                 ▄██
  ▀██▄             ▄██▀
    ▀██▄▄▄     ▄▄▄██▀
      ▀▀█████████▀▀





███████████████████████████
███████████▀▀         ▀▀███
████████▀   ▄▄██▄  ▀█▄  ▀██
██████▀  ▄████████▄  ▀█  ██
████▀  ▄██████▄▀  ██▄    ██
███▀  ██████▄▀  ▄▀████▄  ██
██▀  █████▄▀  ▄▀██████  ▄██
██  ▀███▄▀  ▄▀███████  ▄███
██    ▀██▄▄▀███████▀  ▄████
██  █▄  ▀████████▀  ▄██████
██▄  ▀█▄  ▀██▀▀   ▄████████
███▄▄         ▄▄███████████
███████████████████████████
███████████████████████████
████████▀▀       ▀▀████████
█████▀   ▄ ▀███▀ ▄   ▀█████
████  ▄████▄ ▀ ▄████▄  ████
███  ▄ ▀███▀ ▄ ▀███▀ ▄  ███
██  ▄██ ▀▀ ▄███▄ ▀▀ ██▄  ██
██  █▀ ▄█ ███████ █▄ ▀█  ██
██   ▄███▄ █████ ▄███▄   ██
███  ████▀ ▄▄▄▄▄ ▀████  ███
████  ▀ ▄ ▀█████▀ ▄ ▀  ████
█████▄  ▀▀▄ ███ ▄▀▀  ▄█████
████████▄▄       ▄▄████████
███████████████████████████
████████     INDUSTRY LEADING BITCOIN SPORTSBOOK     ████████
LIVE
STREAMING
DAILY PRICE
BOOSTS
LIVE DEALER
CASINO
FAST & SECURE
PAYMENTS
███████████████████████████
████████▀▀       ▀▀████████
█████▀  ▄█▄  ▀  ▄▄   ▀█████
████  ▄  ▀    ▀█████▄  ████
███  ▀█▀   ▀█▄   ▀▀██▄  ███
██  ▄    █▄  ▀██▄▄  ▀█▄  ██
██  █▀ ▄  ▀█▄  ▀███▄  ▀  ██
██    ▄██  ▀██▄  ▀███▄   ██
███  ▀████  ▀███▄  ▀█▀  ███
████  ▀████  ▀████▄    ████
█████▄   ▀▀█▄  ▀▀▀   ▄█████
████████▄▄       ▄▄████████
███████████████████████████
███████████████████████████
████████▀▀ █████ ▀▀████████
█████▀    ▄█████▄    ▀█████
██████▄▄█▀▀ ▄▄▄ ▀▀█▄▄██████
███▀███▀ ▄███▀███▄ ▀███▀███
██   █ ▄██▀     ▀██▄ █   ██
██   █ ██         ██ █   ██
██   █ ▀██▄▄█ █▄▄██▀ █   ██
███▄███▄ ▀██▄▄▄██▀ ▄███▄███
██████▀▀█▄▄ ▀▀▀ ▄▄█▀▀██████
█████▄    ▀█████▀    ▄█████
████████▄▄ █████ ▄▄████████
███████████████████████████





[.
WIN WITH US!
]
ruinous
Jr. Member
*
Offline Offline

Activity: 88
Merit: 3


View Profile
May 16, 2018, 03:28:48 PM
 #11

So Avast allows P2P on specific VPN connections, I didn't see documentation on port forwarding though. I put a request in for more information.

I did dl and sync a full node for bitcoin core. Followed all the the network instructions but after full sync and over night I still only see 8 outbound connections/ 0 inbound and not using VPN currently.

Ports are forwarded in router and winX firewall should be configured. I did TCP/UDP to 8333 but when I call to my IP and port 8333 any site I use says connection timed out.

Static IP through DHCP in router is set.

Not sure what I'm missing.
ranochigo
Legendary
*
Offline Offline

Activity: 1568
Merit: 1094

Somewhat inactive.


View Profile WWW
May 16, 2018, 04:34:03 PM
 #12

I did dl and sync a full node for bitcoin core. Followed all the the network instructions but after full sync and over night I still only see 8 outbound connections/ 0 inbound and not using VPN currently.

Ports are forwarded in router and winX firewall should be configured. I did TCP/UDP to 8333 but when I call to my IP and port 8333 any site I use says connection timed out.

Static IP through DHCP in router is set.

Not sure what I'm missing.

The most common issue I've seen is that the port forwarding is incorrect. Go to command prompt and type ipconfig and take note of your IPV4 address in the column with the connection you're using. That is your local IP address. Check if your port forwarding asks for any IP address, if it does, use that IP address and not your public IP address.

Go to bitnodes.earn.com and press check node at the bottom. If it shows your client version then you're good to go.

ruinous
Jr. Member
*
Offline Offline

Activity: 88
Merit: 3


View Profile
May 16, 2018, 04:57:37 PM
 #13



Correct, I used the internal/local ip i set static on router. ipconfig confirms they match. Double checked the port forwarding ip matches as well. bitnodes still gives me a red box with http403.
ruinous
Jr. Member
*
Offline Offline

Activity: 88
Merit: 3


View Profile
May 16, 2018, 06:39:19 PM
 #14

Thank you all for the reply's, I was able to diagnose my connection issues.

My modem rented through ISP is a combo router and since I have my own router/firewall etc. I had a multiple NAT issue. Embarassingly I hadnt switched the modem to bridge mode. I changed that setting and had incoming connections almost instantly to full node.

Avast VPN works P2P and supports port forwarding but you have to connect to their P2P VPN sites manually. So VPN is working with incoming to node and is "alive".

I have option to enable a guest network on router without broadcasting ssid so that may provide more anonymity? Appreciate the added thoughts and help. Seem though this may be unnecessary from previous comments though?
ranochigo
Legendary
*
Offline Offline

Activity: 1568
Merit: 1094

Somewhat inactive.


View Profile WWW
May 17, 2018, 02:26:22 AM
 #15

I have option to enable a guest network on router without broadcasting ssid so that may provide more anonymity? Appreciate the added thoughts and help. Seem though this may be unnecessary from previous comments though?
By disabling SSID broadcasting, your router will not openly say that the specific WiFi network exist. The only thing this would discourage is script kiddy trying to bruteforce your password protected WiFi. However, it would still be possible for someone else to detect your WiFi with monitoring.

It wouldn't help in anonymity, especially if you have a relatively strong password. Even if it gets cracked, the only thing they can possibly see if the peers that you're connected to.

ruinous
Jr. Member
*
Offline Offline

Activity: 88
Merit: 3


View Profile
May 18, 2018, 06:12:50 PM
 #16

Is it worth the trouble though? To separate my routers traffic? I suppose my own local wifi is under the same risk, so it's pointless. The VPN is enough to give anonymity for the node?

Also, the node has been running what has to occur for a peer to be banned from my node? Is this anything I should be concerned about?
bob123
Hero Member
*****
Offline Offline

Activity: 742
Merit: 689



View Profile WWW
May 20, 2018, 11:41:10 AM
 #17

Is it worth the trouble though? To separate my routers traffic?

No. You won't gain anything.
The internet traffic is going from your local network (doesn't matter which of your wifi's) through your router into the internet.



The VPN is enough to give anonymity for the node?

Yes, definetely.
No layman will be able to track it back to you.

But governments or authorities may be able to 'force' the vpn provider to give your details out.
In such a case you need to use a VPN which is trustworthy (and does not store any logs).



Also, the node has been running what has to occur for a peer to be banned from my node? Is this anything I should be concerned about?

No, nothing to worry.
Your node does ban other nodes if they 'misbehave'. They are either trying a DoS or using the client with wrong configuration (e.g. bcash fellows not understanding how to configure software properly).
It is a feature.

ruinous
Jr. Member
*
Offline Offline

Activity: 88
Merit: 3


View Profile
May 21, 2018, 02:16:16 AM
 #18

Ok, thank you and thanks to everyone here. I'm glad the forum is here as I can bounce this off the community. I imagine I'd be struggling with a double NAT issue much longer since that should have been taken care of when we moved into the house years ago. I imagine all my port forwarding is actually working  .. .. as embarrassed as I am I'm better off for it all node and home network. 

Anyway super comfortable with the set up and I'll check on the VPN if they log. Excited for when I have time to set up a lightening node now.

Mod feel free to close thread. Thanks again everyone!
bob123
Hero Member
*****
Offline Offline

Activity: 742
Merit: 689



View Profile WWW
May 21, 2018, 10:25:44 AM
 #19

Mod feel free to close thread. Thanks again everyone!

Actually, you can close the thread yourself.
At the bottom left of your thread you choose between 'Move Thread' and 'Lock ThreadWink

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!