|
|
|
|
|
|
by enthus1ast
986 days ago
|
|
|
I've build a simple telnet honeypot that emulated some embedded device.
I also got thousand of samples. I think it was mostly different strains of Mirai. I learned some things about how bots fingerprint the honeypots, and patched it accordingly that they do not identify my service as a honeypot. The funny thing about this was, that my ISP send me a letter (by post o.0),
that i run a vulnerable service on my network. The honeypot had a "MOD" from an old nuclear power plant, and did some random tarpit and randomly let random user/password combinations to log in. It was a fun experiment |
|
|