[ask] Best way to hide bitcoin server IP?

[buffett]

I read from here: http://bitcoin.stackexchange.com/questions/193/how-do-i-see-the-ip-address-of-a-bitcoin-transaction

that it is possible (and might be easy) to reveal bitcoin sender's ip address.

so the question is, what do you think is the best and reliable way to protect a bitcoin server's ip address.

maybe a proxy or vpn is enough? are TOR and I2P reliable enough to handle bitcoin transaction?

i'm building a bitcoin service and won't let anyone find my bitcoin server's ip address.

thanks!

[1714141745]

1714141745

[1714141745]

1714141745

[1714141745]

1714141745

[1714141745]

1714141745

[1714141745]

1714141745

[kjj]

Start by blocking traffic to well known sensor nodes.

No, even better, start by checking blockchain.info for your node's IP, and then check it for your transactions.  Odds are good that your IP has relayed tons of transactions that are not yours, and that tons of your transactions were first seen through other nodes.

Once you've got a decent idea of the reliability of the data being collected, decide if you still care enough to try hiding.  If you still do, then block connections to the sensor nodes.

[buffett]

Start by blocking traffic to well known sensor nodes.

No, even better, start by checking blockchain.info for your node's IP, and then check it for your transactions.  Odds are good that your IP has relayed tons of transactions that are not yours, and that tons of your transactions were first seen through other nodes.

Once you've got a decent idea of the reliability of the data being collected, decide if you still care enough to try hiding.  If you still do, then block connections to the sensor nodes.

do you mean it is near impossible for someone to find a reliable information about someone ip address?

so what is your suggestion, should my bitcoin server hidden behind a proxy or not?

thanks!

[aminorex]

To answer that question, the responder would really need to know your threat model.

[wumpus]

vpn is enough? are TOR and I2P reliable enough to handle bitcoin transaction?

To hide your IP you need to run your node behind TOR. That's the only reliable way and very easy as bitcoind has native support for that. If you are paranoid and don't trust TOR on itself you could use VPN->TOR, or even VPN->TOR->VPN (though this is challenging).

[Kluge]

vpn is enough? are TOR and I2P reliable enough to handle bitcoin transaction?

To hide your IP you need to run your node behind TOR. That's the only reliable way and very easy as bitcoind has native support for that. If you are paranoid and don't trust TOR on itself you could use VPN->TOR, or even VPN->TOR->VPN (though this is challenging).

Is Tor actually able to reliably handle the bandwidth needed by a full QT node anymore? I haven't used it in a long while because I remember it being unable to load anything but basic text within a reasonable amount of time. Could the QT client be reworked to receive information off un-obfuscated connections and to send through the obfuscators to help minimize load on the obfuscation services?

[wumpus]

Yes, TOR has enough bandwidth. Lots of people use Bitcoin over TOR.

But for the initial sync I'd recommend using jgarzik's torrent and/or copying some other node's blocks. After the initial sync the bandwidth usage is small, at least if you don't run an listening hidden node.

I recommend against trying to make the client do some things over TOR and others outside of TOR. This makes it easier for third parties to correlate some way (timing analysis, ways to mark/identify your node etc).

[BlueFalcon13]

How about using a VPN that doesn't log traffic? 

[piotr_n]

I read from here: http://bitcoin.stackexchange.com/questions/193/how-do-i-see-the-ip-address-of-a-bitcoin-transaction

that it is possible (and might be easy) to reveal bitcoin sender's ip address.

so the question is, what do you think is the best and reliable way to protect a bitcoin server's ip address.

maybe a proxy or vpn is enough? are TOR and I2P reliable enough to handle bitcoin transaction?

i'm building a bitcoin service and won't let anyone find my bitcoin server's ip address.

thanks!

If you care to use bitcoin-qt (or bitcoind) wallet, then a simple solution is to be offline while "sending" the money.
The outgoing tx will still show up in your transaction history (as an unconfirmed one) - you can check its TxID there.
Then (still being offline) use "getrawtransaction" RPC command to get the raw transaction data.
Now use Tor to load this webpage: https://blockchain.info/pushtx
After it loads, paste the raw transaction data into the box, press the button - and voila.
And now you can get your wallet back online.

Another method is to setup the node to connect through your Tor proxy.
That should also keep safe the IP of where your spending txs originate.
The only problem is (as someone pointed out) that Tor connection is much slower, but you only need to use it while actually spending the money.
Syncing up block-chain without Tor only exposes a fact that you are running a bitcoin node, but tells them nothing about its financial activity.

[buffett]

To answer that question, the responder would really need to know your threat model.

the only thing i care is a persistent hacker/competitor cannot find my bitcoind ip address so he can ddos or do any kind of activity which can harm my bitcoind server. i don not need perfect 100% anonymous like for doing criminal activity.

for my case i think using a proxy is enough? if a hacker managed to find the ip he only harm the proxy server. bitcoind server remains safe unless he able to root proxy server and read the log.

what do you think?

[aminorex]

I think tor is perfect for protecting against DDOS.

[itod]

To hide your IP you need to run your node behind TOR. That's the only reliable way and very easy as bitcoind has native support for that.

What's wrong with good, old VPN? Much, much easier than TOR, and there are many VPN providers who doesn't log traffic. Even if you get one VPN provider who lies and logs it, your IP is protected without the VPN provider's full cooperation with the interested third party.