42 lines
751 B
Markdown
42 lines
751 B
Markdown
# Open Honeypot Data
|
|
|
|
This is currently a proof-of-concept.
|
|
|
|
- Current number of honeypot severs: 6
|
|
- Server Locations: globally, different VPS providers
|
|
- IP Protocol: IPv4-only for now
|
|
- Times: UTC
|
|
|
|
**The goals**:
|
|
- gathering information about common attacks
|
|
- sharing data
|
|
- learning to automate
|
|
|
|
---
|
|
|
|
## Honeypot Types
|
|
|
|
### SSH
|
|
|
|
- harvesting of credentials used in brute force attempts
|
|
- honeypot listening on default port TCP/22
|
|
- low interactive, harvest credentials, no shell
|
|
|
|
It is productive, but I have to process the data.
|
|
|
|
### Ideas
|
|
|
|
- Wordpress Login
|
|
- Network scan detection
|
|
- Telnet
|
|
- FTP
|
|
- SMB
|
|
- Maybe a database
|
|
|
|
Still not sure as too many services can indicate a honeypot and scare away attackers.
|
|
|
|
---
|
|
|
|
## License
|
|
|
|
Not yet decided
|