29 Sep
2016
29 Sep
'16
5:16 p.m.
On Thu, Sep 29, 2016 at 10:55:20PM +0200, Rob Janssen wrote:
That is correct. In my case I quickly hacked something together but there are lots of examples to be found that are probably much more advanced.
When I had SSH open to the world, I saw similar usernames in the failure log as I now see on this telnet honeypot.
If your connectivity to the world is via a tunnel from amprgw, please resist the temptation to run a honeypot - we're trying to reduce the amount of bandwidth, not increase it. Although a honeypot isn't necessarily a big bandwidth consumer, every bit helps. - Brian