Pro tip: secure your network with honeypot on lower port, e…

Twetch ·

Pro tip: secure your network with honeypot on lower port, eg 21.
Botnet/virus network scanners usually starts on lower ports, then increasing number. If you catch and drop them on honeypot, your higher port services, eg http/s, pop/s, imap/s will be safer.

Replies

Twetch ·

thanks for the tip

Twetch ·

Do you have any documentation for how to set this up?

Twetch ·

Well... sincerely not, I just get stuff done w/o docs.
Steps would include:
- setting up a chrooted non privileged ftp server with full debug logging to be the honeypot
- script to parse debug log and score the malicious IPs
- upon score, firewall rules

Twetch ·

The, you'd etch attacks on the BSV, and get something like this:
https://oyo.cash/result/4pig77iP/0
to have some evidence in case your network got breached.

Anyone to get involved in creating best practice workflow and a complete utility for such?

Twetch ·

Finally when we'll get it (along with documentation) to work seamlessly and properly, we can make a product that can complement uptimesv or just be it's own.
It might look a niche and very specific, but IT security enhanced with BSV could be a changer.