# Open Honeypot Data

This is currently a proof-of-concept.

- Current number of honeypot severs: 6
- Server Locations: globally, different VPS providers
- IP Protocol: IPv4-only for now
- Times: UTC

**The goals**:
- gathering information about common attacks
- sharing data
- learning to automate

---

## Honeypot Types

### SSH

- harvesting of credentials used in brute force attempts
- honeypot listening on default port TCP/22
- low interactive, harvest credentials, no shell

It is productive, but I have to process the data.

### Ideas

- Wordpress Login
- Network scan detection
- Telnet
- FTP
- SMB
- Maybe a database

Still not sure as too many services can indicate a honeypot and scare away attackers.

---

## License

Not yet decided