Open Honeypot Data

This is currently a proof-of-concept.

• Current number of honeypot severs: 6
• Server Locations: globally, different VPS providers
• IP Protocol: IPv4-only for now
• Times: UTC

The goals:

• gathering information about common attacks
• sharing data
• learning to automate

---

Honeypot Types

SSH

• harvesting of credentials used in brute force attempts
• honeypot listening on default port TCP/22
• low interactive, harvest credentials, no shell

It is productive, but I have to process the data.

Ideas

• Wordpress Login
• Network scan detection
• Telnet
• FTP
• SMB
• Maybe a database

Still not sure as too many services can indicate a honeypot and scare away attackers.

---

License

Not yet decided