Between March 2 - 5, we detected a significant increase in scanning activities over Tenet ports via the target, ''NoThink! Telnet HoneyPot – IPs," provided by NoThink. To put this in perspective, the magnitude includes an increase of 4,000 IPs to about 130,000 IPs that were a part of the scanning on telnet ports, as presented in Figure 1 below.Read More
DShield has a project called the 404Project. The goal of the project is to track attackers looking to compromise web pages.
To do this, they've started selling a Raspberry Pi Honeypot to hook into your network. The alternative, is to embed one of a selection of code snippets into your website's 404 error page. These honey pots track hits on the 404 page. Hackers generate these hits when scanning for vulnerable utilities common to various web hosts. When the 404Project detects these scans, it records the attacker's IP and uploads it to DShield.Read More