A simple honeypot: ssh blasting password collection and real-time display on website
I found this post quite interesting:The machine is being blasted almost every second.
So, I wrote one myself, put it on the machine to collect other people's attack behaviors. And wrote a simple web page for display, which is equivalent to a simple honeypot application. It seems that the effect is really outstanding.
Comments
nice
basically almost same as i do, wait a bit and the list will grow
You could also look at something like https://github.com/skeeto/endlessh which is a tarpit, it basically tries to string them along for a while with slow responses wasting their time :P
W00t, my password is much simpler than that.
https://microlxc.net/
i am doing that too quite a long time, probably will add report of those too
I find this project extremely interesting. This is great for an idling VPS which already has SSH port changed. Wonderful idea to waste time of hackers!
I bookmarked this thread for future use.
Stacksocial link (aff) containing a gift of $10 after your first purchase.
Yep, I've done exactly that on a couple servers that have IPs especially prone to massive amounts of port 22 traffic, it doesn't really seem to add much load or bandwidth and maybe it slows down the scanners enough to make some difference if enough people run them heh.