From 4189120cdb63f93540fa4f6e4dedb99bc7696a27 Mon Sep 17 00:00:00 2001
From: cf7 <hello@uphillsecurity.com>
Date: Sat, 20 Jun 2026 08:58:06 +0000
Subject: [PATCH] INIT

---
 README.md | 42 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 README.md

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..33a3470
--- /dev/null
+++ b/README.md
@@ -0,0 +1,42 @@
+# Open Honeypot Data
+
+This is currently a proof-of-concept.
+
+- Current number of honeypot severs: 6
+- Server Locations: globally, different VPS providers
+- IP Protocol: IPv4-only for now
+- Times: UTC
+
+**The goals**:
+- gathering information about common attacks
+- sharing data
+- learning to automate
+
+---
+
+## Honeypot Types
+
+### SSH
+
+- harvesting of credentials used in brute force attempts
+- honeypot listening on default port TCP/22
+- low interactive, harvest credentials, no shell
+
+It is productive, but I have to process the data.
+
+### Ideas
+
+- Wordpress Login
+- Network scan detection
+- Telnet
+- FTP
+- SMB
+- Maybe a database
+
+Still not sure as too many services can indicate a honeypot and scare away attackers.
+
+---
+
+## License
+
+Not yet decided