I know the main concern for attack is a DDOS attack. I have a static IPV4 address for my home network. I’m concerned that if my IP ends up on a malicious user’s, or bitcoin hater’s, shit-list that I may become a target. I am confident in securing my network, but I’d like to hear what network appliances people are using to protect their mining operations.
If you have a good firewall then it should drop the DDOS.
My new router has a checkbox that says “Enable DDOS protection”. No idea if it works well. I’m sure Cisco could sell you something, but I don’t think you’d like the prices. There’s got to be something you can install in a linux box.
It is really difficult to counter a DDoS. Protection built in to the router/firewall just drops the rogue packets without replying but there is no way the router can stop all that traffic from still traversing the pipe and hitting your router/firewall.
You can either:
– Have more bandwidth than the attackers which will still allow your legitimate traffic. With amplification attacks, this is very costly!
– Have your ISP block the traffic further upstream leaving your pipe free.
– Use one of the companies that provide this service which normally means you use them as a proxy hiding your true IP.
– Setup your own proxies in hosted datacentre’s and hide behind those.
That is all I can think of at the moment.
If the mining setup is in your home/office, I would just pull in another internet pipe. Preferably with a different ISP and switch to that when required. Or just use a dedicated line for the miners minimising exposure of your IP to third parties.
You could always tell your ISP you’re being attacked and maybe get a new IP assigned? Or go through a VPN for $10 a month for all your traffic.