Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Bitcoin Mining Detection

    General pfSense Questions
    8
    13
    1242
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      luke1018 last edited by

      Hi all, may I know with recent issue with bitcoin mining getting more active, will there be any new patch or new component for Suricata to have this ability to detect these activities?

      Seeking your opinion and advise.

      1 Reply Last reply Reply Quote 0
      • NogBadTheBad
        NogBadTheBad last edited by

        It might just be a matter of enabling the bitcoin rules in snort_app-detect.rules.

        Also you might want to blacklist these servers https://github.com/ZeroDot1/CoinBlockerLists/blob/master/MiningServerIPList.txt

        Andy

        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

        A N AKEGEC 3 Replies Last reply Reply Quote 0
        • N
          nhTlr6 Banned last edited by

          I'm sorry for posting here but I'm looking for this new patch, did you find anything like that?

          1 Reply Last reply Reply Quote 0
          • N
            nhTlr6 Banned last edited by nhTlr6

            This post is deleted!
            1 Reply Last reply Reply Quote 0
            • A
              Ace864 Banned @NogBadTheBad last edited by

              @NogBadTheBad thank you for helping. You actually solved my issue.

              1 Reply Last reply Reply Quote 0
              • N
                nbctcp @NogBadTheBad last edited by

                @NogBadTheBad
                link dead

                A 1 Reply Last reply Reply Quote 0
                • kiokoman
                  kiokoman LAYER 8 last edited by kiokoman

                  google is your best friend !

                  “This list contains all domains - A list for administrators to prevent mining in networks” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list.txt?inline=false
                  “This list contains all optional domains - An additional list for administrators” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_optional.txt?inline=false
                  “This list contains all browser mining domains - A list to prevent browser mining only” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_browser.txt?inline=false
                  “This list contains all IPs - A additional list for administrators to prevent mining in networks” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/MiningServerIPList.txt?inline=false

                  😀

                  ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                  Please do not use chat/PM to ask for help
                  we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                  Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                  N 1 Reply Last reply Reply Quote 1
                  • N
                    nbctcp @kiokoman last edited by

                    This post is deleted!
                    1 Reply Last reply Reply Quote 0
                    • kiokoman
                      kiokoman LAYER 8 last edited by kiokoman

                      https://zerodot1.gitlab.io/CoinBlockerLists/hosts

                      https://github.com/MISP/MISP/pull/5553

                      ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                      Please do not use chat/PM to ask for help
                      we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                      Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                      1 Reply Last reply Reply Quote 1
                      • AKEGEC
                        AKEGEC @NogBadTheBad last edited by

                        Hi all, did it solved the issue?

                        @NogBadTheBad said in Bitcoin Mining Detection:

                        It might just be a matter of enabling the bitcoin rules in snort_app-detect.rules.

                        Also you might want to blacklist these servers https://github.com/ZeroDot1/CoinBlockerLists/blob/master/MiningServerIPList.txt

                        1 Reply Last reply Reply Quote 0
                        • A
                          Ace864 Banned @nbctcp last edited by

                          @nbctcp That's veird that the link is dead. I worked for me a couple of days ago.

                          1 Reply Last reply Reply Quote 0
                          • A
                            Ace864 Banned last edited by Ace864

                            This post is deleted!
                            1 Reply Last reply Reply Quote 0
                            • stephenw10
                              stephenw10 Netgate Administrator last edited by

                              Locking this. It's just attracting spam at a ridiculous rate. 🙄

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post