Okay okay okay. I hear you. You know this website is a honeypot, but what’s that? Why am I doing this? Haven’t I made this too obvious? Doesn’t that defeat the point? This is a joke, right? All these questions (and more) answered here!
A honeypot, in this case at least, is a server set up to collect data about attacks against it. This data is then typically used to improve the security of other servers. As such, to protect the integrity of servers that process valuable data, honeypots are generally set up as separate servers that attempt to mimic the real server.
Nope! If you're visiting this website through a web browser, then you're fine: you won't show up in our public data. If, on the other hand, you try to break into this server, then your IP will be logged, and may be posted on this website.
Well yes, but actually no. Sure, this does give you some information about what I am able to detect. Not all of the detection logs are posted. And, perhaps more importantly, this website is fairly basic—meaning it is fairly easy to vet out suspicious traffic. And, if you happen to flag a detection, regardless of if your IP is posted publically, you will (most likley) get your IP blocked by my server's firewall for at least some time. So, you're really not getting any more information.
The site? Yes. The data? No. While this site is designed to have a humorus tone, the data here is all real. Sure, it's not the same sort of information that you'd get from a more advanced box, but still, it is useful in at least helping to block malicious actors.
From the servers I've used for my projects, I was getting quite a few attacks (I mean, as per usual for anything on the open internet). So, I was tempted to look into ways of taking that data, and publishing it on my site as useful data for others to use (mainly so that we can all reduce the number of spam requests to our sites). While thinking about what I could do with that data, I was looking into domains and discovered `honeypot.fyi` was free. I figure, if your botnet cant avoid something that is blantantly a honeypot, you deserve to be blocked.... by everyone (or whatever ramifications you get from having your IP posted on a public block list).
A bit (NO, I'M NOT SAYING THIS AS A CHALLENGE, PLEASE LEAVE MY POOR SITE ALONE). Without getting into the details, your basic ssh [email protected]
won't get you anywhere; so I'm hopeful that I won't have to regret making this website.
Umm... please don't? Yeah... I know nothing I say will really make a difference here. So... just me saying hi I guess and requesting that you take it easy on me. It's really no hard feelings: my automated system is just kind of doing its thing by posting IPs here.... oh wait... your botnet is also an automated system that's just doing its thing... hmmm... hey... to be fair, you started this first by attacking a honeypot?