Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bitcoin Mining Detection

    Scheduled Pinned Locked Moved General pfSense Questions
    13 Posts 8 Posters 2.2k Views 6 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L Offline
      luke1018
      last edited by

      Hi all, may I know with recent issue with bitcoin mining getting more active, will there be any new patch or new component for Suricata to have this ability to detect these activities?

      Seeking your opinion and advise.

      1 Reply Last reply Reply Quote 0
      • NogBadTheBadN Offline
        NogBadTheBad
        last edited by

        It might just be a matter of enabling the bitcoin rules in snort_app-detect.rules.

        Also you might want to blacklist these servers https://github.com/ZeroDot1/CoinBlockerLists/blob/master/MiningServerIPList.txt

        Andy

        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

        A N AKEGECA 3 Replies Last reply Reply Quote 0
        • N Offline
          nhTlr6 Banned
          last edited by

          I'm sorry for posting here but I'm looking for this new patch, did you find anything like that?

          1 Reply Last reply Reply Quote 0
          • N Offline
            nhTlr6 Banned
            last edited by nhTlr6

            This post is deleted!
            1 Reply Last reply Reply Quote 0
            • A Offline
              Ace864 Banned @NogBadTheBad
              last edited by

              @NogBadTheBad thank you for helping. You actually solved my issue.

              1 Reply Last reply Reply Quote 0
              • N Offline
                nbctcp @NogBadTheBad
                last edited by

                @NogBadTheBad
                link dead

                A 1 Reply Last reply Reply Quote 0
                • kiokomanK Offline
                  kiokoman LAYER 8
                  last edited by kiokoman

                  google is your best friend !

                  “This list contains all domains - A list for administrators to prevent mining in networks” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list.txt?inline=false
                  “This list contains all optional domains - An additional list for administrators” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_optional.txt?inline=false
                  “This list contains all browser mining domains - A list to prevent browser mining only” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/list_browser.txt?inline=false
                  “This list contains all IPs - A additional list for administrators to prevent mining in networks” - https://gitlab.com/ZeroDot1/CoinBlockerLists/raw/master/MiningServerIPList.txt?inline=false

                  😀

                  ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                  Please do not use chat/PM to ask for help
                  we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                  Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                  N 1 Reply Last reply Reply Quote 1
                  • N Offline
                    nbctcp @kiokoman
                    last edited by

                    This post is deleted!
                    1 Reply Last reply Reply Quote 0
                    • kiokomanK Offline
                      kiokoman LAYER 8
                      last edited by kiokoman

                      https://zerodot1.gitlab.io/CoinBlockerLists/hosts

                      https://github.com/MISP/MISP/pull/5553

                      ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
                      Please do not use chat/PM to ask for help
                      we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
                      Don't forget to Upvote with the 👍 button for any post you find to be helpful.

                      1 Reply Last reply Reply Quote 1
                      • AKEGECA Offline
                        AKEGEC @NogBadTheBad
                        last edited by

                        Hi all, did it solved the issue?

                        @NogBadTheBad said in Bitcoin Mining Detection:

                        It might just be a matter of enabling the bitcoin rules in snort_app-detect.rules.

                        Also you might want to blacklist these servers https://github.com/ZeroDot1/CoinBlockerLists/blob/master/MiningServerIPList.txt

                        1 Reply Last reply Reply Quote 0
                        • A Offline
                          Ace864 Banned @nbctcp
                          last edited by

                          @nbctcp That's veird that the link is dead. I worked for me a couple of days ago.

                          1 Reply Last reply Reply Quote 0
                          • A Offline
                            Ace864 Banned
                            last edited by Ace864

                            This post is deleted!
                            1 Reply Last reply Reply Quote 0
                            • stephenw10S Offline
                              stephenw10 Netgate Administrator
                              last edited by

                              Locking this. It's just attracting spam at a ridiculous rate. 🙄

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.