Security of internal IPFS network

Erotemic · December 10, 2022, 6:12am

I’m wondering about implications of running an IPFS network on an internal network and the risks of exfiltrating data outside of the internal network.

From what I understand, if there are IPFS nodes on an internal network, they can talk to each other and the CIDs pinned on any of them will be available to other machines on the network. The internal IPFS nodes can access external items, but because the network is firewalled from incoming connections any sensitive data stored on the internal network cannot be accessed by the larger network.

However, what happens if a user VPNs into the internal network, but is also on a secondary network that is connected to an IPFS node exposed to the larger internet? This is assuming the node connected to the VPN is also running an IPFS daemon.

Erotemic · December 20, 2022, 7:04pm

Anyone know anything about this?

Discordian · January 6, 2023, 8:11pm

Hello! If you want to use IPFS internally and nowhere else (can’t retrieve data from outside the network either), you’ll likely want to look into Kubo’s Private Network feature: kubo/experimental-features.md at master · ipfs/kubo · GitHub

The security will be similar to a VPN, all traffic is encrypted via symmetric key.

Topic		Replies	Views
IPFS Private network setup IPFS ipfs-cluster	3	566	September 17, 2020
Created IPFS cluster but content is reachable from public gateways Help go-ipfs , ipfs-cluster	4	242	July 26, 2023
I want to run a IPFS public node Help	5	228	October 17, 2022
Trying to understand some things about private ipfs	0	227	May 9, 2022
Private network with public client	6	158	February 2, 2024

Security of internal IPFS network

Related Topics