logoalt Hacker News

naturalmovementyesterday at 11:57 PM5 repliesview on HN

I front all my honeypots with the IIS landing page precisely because it attracts black hat jagoffs.

Nothing makes me happier than knowing I've wasted hours of their time chasing their own tails.

Replies

p1neconetoday at 12:46 AM

Why stop there? Front the honeypot with a real IIS server, build a matryoshka doll of honeypots and see how far people get.

DaSHackatoday at 3:21 AM

Unless you're honeypotting in the IP range of an established organization, all you're doing is getting bot traffic.

High-tier blackhats focus on big targets, and low-tier ones focus on low-hanging fruits they find off shodan or application 0days they've found.

wil421today at 2:50 AM

Tell me more…I opened a plex and Nintendo switch port, the scans were out of control. I’d love to screw over port scanner over.

themafiatoday at 12:03 AM

Noise is a really underrated security layer.

raverbashingtoday at 11:23 AM

Sounds like creating an url like aspnet_client/admin.php returning a WebObjects header might be a good hobby

show 1 reply