

Run Your Own Massive Distributed Honeypot System - jaytaylor
http://threatstream.github.io/mhn

======
nowarninglabel
How does this compare to Project Honeypot?

I've had really good results at Kiva with Project Honeypot and http:bL but
have also implemented a local management for whitelisting/blacklisting IPs to
work around what it misses or is overzealous on.

------
gregcmartin
The cool thing is you can pair this with Ansible and get 1,000's of honeypots
deployed at once. In a proof of concept we deployed nearly dozens using
digital ocean API and got blocked by their API creation limits.

If you use more interesting honeypot software like Conpot you can monitor
which countries are attacking SCADA systems, etc.

------
biomechanica
Wow, Evil.

~~~
watty
What's evil about finding out which ports are being attacked and by who?

~~~
shitlord
This is just speculation, but maybe it's a reference to the fact that the
company is funded (in part) by Google.

