INIT
This commit is contained in:
commit
4189120cdb
1 changed files with 42 additions and 0 deletions
42
README.md
Normal file
42
README.md
Normal file
|
|
@ -0,0 +1,42 @@
|
||||||
|
# Open Honeypot Data
|
||||||
|
|
||||||
|
This is currently a proof-of-concept.
|
||||||
|
|
||||||
|
- Current number of honeypot severs: 6
|
||||||
|
- Server Locations: globally, different VPS providers
|
||||||
|
- IP Protocol: IPv4-only for now
|
||||||
|
- Times: UTC
|
||||||
|
|
||||||
|
**The goals**:
|
||||||
|
- gathering information about common attacks
|
||||||
|
- sharing data
|
||||||
|
- learning to automate
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## Honeypot Types
|
||||||
|
|
||||||
|
### SSH
|
||||||
|
|
||||||
|
- harvesting of credentials used in brute force attempts
|
||||||
|
- honeypot listening on default port TCP/22
|
||||||
|
- low interactive, harvest credentials, no shell
|
||||||
|
|
||||||
|
It is productive, but I have to process the data.
|
||||||
|
|
||||||
|
### Ideas
|
||||||
|
|
||||||
|
- Wordpress Login
|
||||||
|
- Network scan detection
|
||||||
|
- Telnet
|
||||||
|
- FTP
|
||||||
|
- SMB
|
||||||
|
- Maybe a database
|
||||||
|
|
||||||
|
Still not sure as too many services can indicate a honeypot and scare away attackers.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
Not yet decided
|
||||||
Loading…
Add table
Add a link
Reference in a new issue