wumpus
|
|
May 07, 2011, 10:18:06 PM |
|
My concerns are more along the lines of potential for DDoSing the network if you have infinite nodes (well 65000 per IP) and sybil attacks. But those are mostly because I haven't read enough of the networking code to realize all the possibilities (nor do I think anyone really has). If you spend enough time reading up on net.cpp and can convince people that those aren't a problem, then I'm sure it would get merged.
OK. That sounds pretty serious. These issues will have to be addressed for IPv6 as well, then.
|
Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through File → Backup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
|
|
|
Matt Corallo
|
|
May 07, 2011, 10:24:13 PM |
|
OK. That sounds pretty serious. These issues will have to be addressed for IPv6 as well, then.
Yea, pretty much, though for IPv6 if you just take a /64 as a single address and ignore anything else from that /64 as a duplicate it might be ok. Then again, so many of use have /48's from HE so...yea it needs to be thought out.
|
|
|
|
wumpus
|
|
May 07, 2011, 10:28:23 PM |
|
Yea, pretty much, though for IPv6 if you just take a /64 as a single address and ignore anything else from that /64 as a duplicate it might be ok. Then again, so many of use have /48's from HE so...yea it needs to be thought out.
Well even now with IPv4 there are people with a shitload of IPs (for example botnet owners or ISPs), and that will only get worse. If bitcoin somehow relies on IPs being scarce, this is a pretty big (potential) hole in security.
|
Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through File → Backup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
|
|
|
Matt Corallo
|
|
May 07, 2011, 10:39:15 PM |
|
Well even now with IPv4 there are people with a shitload of IPs (for example botnet owners or ISPs), and that will only get worse. If bitcoin somehow relies on IPs being scarce, this is a pretty big (potential) hole in security.
Yea, the networking code is one of those things that no one has really touched since satoshi...though I don't think either port nor IPs can exploit bitcoin for sybil but I just don't know what kind of numbers would actually be required to pull it off (though it does get much, much easier with IPv6).
|
|
|
|
wumpus
|
|
May 10, 2011, 09:38:12 AM |
|
I just read in the IRC channel that there is up to one outgoing connection per /16. https://en.bitcoin.it/wiki/Weaknesses#Cancer_nodesIf that is true, supporting alternate ports won't open Bitcoin up for any more sybil attacks than we have now. You can have 65535 bitcoin instances running on your system, but it will ignore all of them but one.
|
Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through File → Backup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
|
|
|
payb.tc
|
|
July 29, 2011, 10:52:52 AM |
|
I've been working on adding -port= / -rpcport= command line / config file options to bitcoin. Usage looks like this: $ ./bitcoind getbalance # The TEST network Faucet bitcoind 40616.66159265000 $ ./bitcoind -datadir=/home/bitcoin/.bitcoinTEST2 getbalance 1000.000000000000 $ cat /home/bitcoin/.bitcoinTEST2/bitcoin.conf rpcpassword=..... port=18666 rpcport=18665
Patches are at http://pastebin.com/2e4hfXSS; I've only tested on Linux so far, anybody willing to try this on Windows? a) is this information still current, or is there some more up-to-date thread i should be reading instead? (i notice there is an rpcport option in the example bitcoin.conf going around, but no 'port' option). b) has this functionality made it into the default client, or i still need to find a patched version? thank you.
|
|
|
|
Matt Corallo
|
|
July 29, 2011, 11:09:33 AM |
|
a) is this information still current
Yes b) has this functionality made it into the default client, or i still need to find a patched version?
Mainline.
|
|
|
|
payb.tc
|
|
July 29, 2011, 11:21:11 AM |
|
thanks matt, i have more questions now hopefully someone can help c) do i physically need 2 copies of the bitcoind bin? i'm not much of a linux guy but i tried to nohup the 2nd instance of bitcoind from the same physical program file and it doesn't appear to have launched the 2nd process. d) i was going to ask how to just stop one instance and not both, but if you need 2 physical copies of bitcoind then a simple stop command would make sense.
|
|
|
|
Matt Corallo
|
|
July 29, 2011, 11:57:28 AM |
|
Why are you trying to run 2 bitcoinds? There is no reason to run 2 bitcoinds on the public network.
|
|
|
|
payb.tc
|
|
July 29, 2011, 12:03:42 PM |
|
Why are you trying to run 2 bitcoinds?
Isn't the answer to that question in the OP? (to run two separate websites/businesses/wallets on one server at the same time)
|
|
|
|
payb.tc
|
|
July 29, 2011, 12:47:42 PM |
|
maybe i'm just misunderstanding how this is supposed to work...
but can anyone tell me what mainline version number this was first added to? it's not working with 0.3.20 but i guess i should maybe be upgrading anyway.
|
|
|
|
|
payb.tc
|
|
July 29, 2011, 02:26:55 PM |
|
honestly i'd like to upgrade but i still haven't found a solution to the missing glibcxx_3.4.11 yet. /usr/lib/libstdc++.so.6: version `GLIBCXX_3.4.11' not found /lib/i686/cmov/libc.so.6: version `GLIBC_2.11' not found
|
|
|
|
payb.tc
|
|
July 31, 2011, 02:57:11 PM |
|
so i was able to get this working, one instance running on 8333/8332 and another working on 7333/7332.
But when I tried to stop the 2nd instance, it stopped the first one instead!
/web/sites/.bitcoin1/bitcoind <- this runs on the default ports
/web/sites/.bitcoin2/bitcoind -datadir=/web/sites/.bitcoin2/ <- this runs on 7333
/web/sites/.bitcoin2/bitcoind stop <- this command stops the bitcoin1 instance!
|
|
|
|
wumpus
|
|
July 31, 2011, 03:04:57 PM |
|
so i was able to get this working, one instance running on 8333/8332 and another working on 7333/7332.
But when I tried to stop the 2nd instance, it stopped the first one instead!
/web/sites/.bitcoin1/bitcoind <- this runs on the default ports
/web/sites/.bitcoin2/bitcoind -datadir=/web/sites/.bitcoin2/ <- this runs on 7333
/web/sites/.bitcoin2/bitcoind stop <- this command stops the bitcoin1 instance!
Use /web/sites/.bitcoin2/bitcoind -datadir=/web/sites/.bitcoin2/ stop
|
Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through File → Backup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
|
|
|
payb.tc
|
|
July 31, 2011, 03:08:14 PM |
|
so i was able to get this working, one instance running on 8333/8332 and another working on 7333/7332.
But when I tried to stop the 2nd instance, it stopped the first one instead!
/web/sites/.bitcoin1/bitcoind <- this runs on the default ports
/web/sites/.bitcoin2/bitcoind -datadir=/web/sites/.bitcoin2/ <- this runs on 7333
/web/sites/.bitcoin2/bitcoind stop <- this command stops the bitcoin1 instance!
Use /web/sites/.bitcoin2/bitcoind -datadir=/web/sites/.bitcoin2/ stop Thanks, will try that... Funny I tried that switch before, but I put it after the 'stop': /web/sites/.bitcoin2/bitcoind stop -datadir=/web/sites/.bitcoin2/ <- doesn't work didn't even think to put it first.
|
|
|
|
Matt Corallo
|
|
July 31, 2011, 04:12:26 PM |
|
You need to specify the -rpcport of the instance you want to stop (probably 7332).
|
|
|
|
payb.tc
|
|
July 31, 2011, 11:02:34 PM |
|
You need to specify the -rpcport of the instance you want to stop (probably 7332).
yep, hence using the -datadir switch to point to the secondary bitcoin.conf file... thank you.
|
|
|
|
mybtclove
Newbie
Offline
Activity: 20
Merit: 0
|
|
June 27, 2014, 03:38:40 PM |
|
You need to specify the -rpcport of the instance you want to stop (probably 7332).
yep, hence using the -datadir switch to point to the secondary bitcoin.conf file... thank you. Hi guys, I know this thread is very old but it is something I am experiencing right now. The example conf here is for old versions and I was wondering if you can post one that is suitable for 0.9 +
|
|
|
|
piotr_n
Legendary
Offline
Activity: 2055
Merit: 1359
aka tonikt
|
|
June 27, 2014, 05:11:25 PM |
|
It doesn't matter which post you select, because at some point in time (around adding the addr messages ad removing IRC) the algo in the bitcoin core for selecting peers to connect to has been fucked up. And ever since then the bitcoin core node intentionally discards peers that are listening at non-default port. I raised this issue once, but the answer was that it wasn't a bug, but a security feature. Great feature, BTW - it makes me feel so much more secured! Anyway, if you setup you node to use a different port, you only get incoming connections from non bitcoin core nodes. Because the bitcoin code node is fucked up and nobody gives a shit about it.
|
Check out gocoin - my original project of full bitcoin node & cold wallet written in Go.PGP fingerprint: AB9E A551 E262 A87A 13BB 9059 1BE7 B545 CDF3 FD0E
|
|
|
|