Tuesday, May 20, 2014

honeypot is working.

Honeypot online.
The good thing is only after 2 weeks of this setup I'm down by 10% of attacks on my main server.

As you can see the bad guy is trying to connect to phpmyadmin,
what he is not aware of is I allow all request to come back with valid http back, meaning you can request a page , any page and I will say yes.

to the attacker it will look like my server has lots of security issues, but what I'm really trying to do is make him think he found something big. ( waste his time ).