New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Version: 0.9-βeta 🔥
Upgraded the main server
-> 2 CPU cores to 4 CPU cores
-> 4 GB RAM to 8 GB RAM
-> HDD to SSD
search for IP should also be little faster
Gcore is not proxying anything, and the DNS cache will still live locally.
thanks for info, but well, for now it works perfectly with CF so i wont change that
Point of CF proxying is to improve stability
I consider CF to be very reliable
Maybe everyone don’t agree
For a hobby project they’re however far more stable than anyone could require
Question: do you do anything special to make bots attack you?
umm no, i just let them play on ssh and telnet
2023 April 15
Version: 0.11-βeta 🔥
- Page ASNs moved to IPs
-> /ips
- Created new page for ASNs
-> /asns
-> Possible to filter the ASN by name to get all the IPs logged
2023 April 15
Version: 0.10-βeta 🔥
- Created changelog page 😊
-> /changelog
What does this mean? That you don't block tries and therefore they just keep coming and trying?
exactly, they even comes with new IPs
soon the stats page of attacks per day:
So if I spin up a Hetzner VPS, don't setup any security, disable everything if there's something, and track login attempts to a database, I'll get a crazy amount from day 1?
As soon as Censys/Shodan catches up, you will surely get shit ton of login attempts.
People scanning entire internet should catch later on, due to their mostly limited capacity.
not from day 1, from 1 minute or even 1 sec.
ok challenge accepted, I'll try it with a VPS on my OVH dedicated SolusVM installation and just see how it goes
Thanks @treesmokah & @dIsK
Very boring 10 minutes in and NOTHING
Post the IP here, LET gets indexed at google very quick so you can expect scanners to catch quick
lol so that's how it works
I'll try again with an IP that isn't connected to everything that's important in my life xD
well, thats why i have servers at different providers, but probably sooner or later they will catch on you are you sure you have port open to the world?
Yes
On the first day of setting up an HAProxy to listen on almost 20,000 TCP ports, I received connection attempts from over 800 unique IP addresses. If you're only monitoring failed SSH logins (a single TCP port), it would be wise to wait a bit longer.
so does haproxy spawn 20k listening TCP ports o.O ? wouldnt be better listen on one port and redirect all other into that single port?
Excerpt from my haproxy.conf, with some modification:
I use HAProxy to listen on many TCP ports, which are redirected to a single backend on 127.0.0.1:25904. You can use an SSH server as the backend. Make sure it will refuse any login attempts.
The "=>" in the log-format statement is used to separate [source IP:source port] (attackers) and [destination IP:destination port] (detection hosts).
This is what it looks like in action (attakers' source ports and detection hosts' IPs were masked):
2023 April 15
Version: 0.12-βeta 🔥
- Created new page for Sponsors
-> /sponsors
- Got our first sponsor - IncogNet.io
-> Server #13 - 🇳🇱 Netherlands
-> Server #14 - 🇺🇸 United States
Thanks goes out to @MannDude
Is it possible to run your application inside a Docker container? If so, I'll be happy to make some servers available for free.
i dont use docker, but we can try, can you PM me?
No problem, happy to help.
2023 April 16
Version: 0.15-βeta 🔥
- Added #11 new server - 🇬🇧 Great Britain
- Added #12 new server - 🇨🇦 Canada
- Added #13 new server - 🇳🇱 Netherlands
- Added #14 new server - 🇺🇸 United States
2023 April 15
Version: 0.14-βeta 🔥
- When searching now the output is sorted properly, newest attacks at the top
2023 April 15
Version: 0.13-βeta 🔥
- When searching for IP you can now see which server is sponsored
- Clicking to the sponsor favicon will take you to our page /sponsors
2023 April 16
Version: 0.16-βeta 🔥
-> Server #15 - 🇦🇱 Albania
Thanks goes out to @AlbaHost
Have you consider using Hpfeeds for shipping data from other honeypots? https://github.com/hpfeeds/hpfeeds
I just send all my traffic to 100::1
@pointgod
latest update was Mar 28, 2021 ? thats 2 years without any update to the code, probably stable but idk... why would i use that? we just provide a list of IPs (on our site with detailed info about their malicious activity), thats all