Drawback: DNS seeds and security
Answer: I wish to create an internet site which does the next:
- Test ‘A’ document for all domains utilized by 9 DNS seeds each 5 minutes
- Save all IP addresses in native database
- Test if these are bitcoin nodes
- Mark ✅ for DNS seed which has no points, mark ⚠️ for DNS seed wherein some IP addresses have points and mark ❌ for DNS seed wherein all IP addresses look suspicious
It’ll assist in monitoring domains utilized by DNS seeds for any points and alert customers if considered one of them has some points as a result of hacked or different causes.
Query: What precisely ought to I test in third step to contemplate an IP deal with as a bitcoin node with no points? A traditional bitcoin node would have some IP deal with, responding on port 8333 with UA string like
/Satoshi:0.21.1/ nonetheless nodes utilized by attacker can even do the identical factor?
Sub-question: What sort of IP addresses or nodes would an attacker use if will get entry to the DNS of one of many domains?