3

I'm newly trying to do some tutorials in dapp development and I ran into an issue with security.

I was trying to sync with testnet through geth. For the most part, it went smoothly. However, I was alerted that the geth command tried to communicate with a suspected malicious IP address. The IP in question (and information about where the address has been used maliciously in the past) is: https://www.virustotal.com/#/ip-address/74.119.194.18

The command I used specifically was:

geth --testnet --syncmode "fast" --rpc --rpcapi db,eth,net,web3,personal --cache=1024 --rpcport 8545 --rpcaddr 127.0.0.1 --rpccorsdomain "*" --bootnodes "enode://20c9ad97c081d63397d7b685a412227a40e23c8bdc6688c6f37e97cfbc22d2b4d1db1510d8f61e6a8866ad7f0e17c02b14182d37ea7c3c8b9c2683aeb6b733a1@52.169.14.227:30303,enode://6ce05930c72abc632c58e2e4324f7c7ea478cec0ed4fa2528982cf34483094e9cbc9216e7aa349691242576d552a2a56aaeae426c5303ded677ce455ba1acd9d@13.84.180.240:30303"

Though I also tried the one on Github: https://github.com/ethereum/ropsten

Now I'm afraid of continuing to run the command. Can someone with more experience explain what are the implications of this and if it's secure to continuing running geth on my machine? How do I minimize risks if I want to continue developing on a personal computer? I'd prefer not to buy a completely separate computer just for dabbling in dapp development.

Thanks in advance for any help on this.

Improve this question

1 Answer 1

Reset to default
1

Geth and Parity are designed under the assumption that they will talk to arbitrary peers on the network, and some of those peers may be malicious. There is no filtering process, and nodes can try to send other nodes whatever data they like to try to break them. It's not particularly surpising to see an IP address that's been connected to malicious activity connected to your node on the network.

If Geth is functioning correctly, there will be no way for a malicious peer to infect your computer with a virus or otherwise damage it.

However, as with any software that communicates on the internet, if there is some bug in Geth that we do not currently know about, it is possible that a malicious peer could either harm the operation of your Geth node or, worse, read or alter other files on your computer.

The upshot is that if you have an ordinary PC that is not securing anything of particularly high value, you shouldn't worry too much about the risk of something bad happening as a result of running Geth on it. As with any other software, just keep your software up-to-date, and make sure you have adequate backups in case something bad happens.

However, if you have very high security requirements for that particular computer, every additional network service reduces your security, and network services that end up connected to arbitrary nodes reduce it a lot, so you might be better running Geth on a different machine, or at least configuring Geth to only connect to a particular known set of Ethereum nodes.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.