Suppose I have two EC2 instances on AWS that are running geth nodes. They have the same genesis block and are in synchronization because peering is setup with open port 30303 (by default is for peering among nodes).
What would be potential issues with this setup? Wouldn't others be able to access from outside the network by hitting the open ports?
Also any issues with scaling?
As you say if your nodes are listening on the internet then other nodes would be able to communicate with yours. If they knew the genesis settings they could actually mine in your network, and if you have an open JSON-RPC port and they had gas on the network they could send transactions.
The solution is to restrict access at the network level, so your nodes can only talking to each other on the relevant ports, and do not accept access from other nodes. There are a few ways to do this: