Open jcnelson opened 2 months ago
I had thought about this too, the neighbors list often contains a lot of neighbors' private IPs. Should private netmasks be filtered as a whole (i.e. not included in the network map)? Leaking private network details can pose a security risk for actors -- or it's at least forbidden in the card world/PCI-DSS... I could theoretically use the information to get a node to attempt to connect to another machine on their private network by advertising that address/port; then how that could be exploited is a separate hypothetical exercise.
I noticed that some nodes will report
http://127.0.0.1:20443
as their data URL. The node should recognize this and just ignore the node altogether, because even if it reports that it has blocks via its inventory messages, there's no way to request them. Furthermore, attempts to request them will lead to a peer ban, because it looks like the node is misbehaving -- it's reporting that it has blocks that it doesn't have.