New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Can't you just move on with your life instead of wasting money?
Any host will do, it won't generate abuse reports etc unless you run a fake open resolver or something. I ran kippo for a few weeks, but most what looked like automated attempts realised it wasn't a usable system and didn't try to download or run anything.
Honeypot detection! Nice ...
Hi,
I know almost any host will do but wouldnt have minded some options,i have loked at kippo it emulates a pretty weak debian 5 setup but allows the hacker some interaction
Any recommendations? Who did you use?
Chip
Nah, i want a vm i can use as a honeypot or more importantly a provider that doesnt mind me runing a honey pot on their network
Chip
Yes, while searching for different honeypot tutorials i stumbled upon a tutorial on detecting and identifying honeypots
Chip
hi @chip if you're still looking for a vps for your honeypot, you can give ours a look. We also got a discount code going for december for 15% off, so our basic vps with 768mb RAM, 30Gb hdd and 1TB BW for $4.25/mo with a bit more resources than what you asked for. All ddos protected as well
http://laceibanetsociety.com/en/vps-services/openvz-vps/
Did you try cowrie? It improves upon kippo significantly, and has rendered many of the methods used to identify kippo honeypots less effective.
No but I will give that a look.
Thanks
Chip
Most effective honey pot would be a VPS/Dedi hosted at online.net
Or links in your sig on LET
Judging by your comment you've never owned and online.net dedi or VPS have you. There is much to learn.
Hey Chip,
This won't be a problem for any provider, and even if any abuse reports do come in.. as long as you handle them it doesn't really matter.
Next.. that brings me onto the self promotion
Feel free to check out our most recent offering (and discount code) here!
I know you've got a pic of Russel doesn't mean you can post links to WHT. It just makes me cry and put adele someone like you on.
Judging by your comment, 1) you don't get it; 2) I have a few of them
I do understand it however links in sig = ddos not ssh brute force
Why would online.net ip range attract "attackers" more than say leaseweb or DO?
It's just a "it does". It's just something that happens not sure why but it does
I hear you; but I think it is more like:
But, yes, the Online.net IP ranges get a lot of work from potential attackers, great for honeypots.
Anyway, didn't mean to derail OP's thread.
That's interesting,so online.net get hit pretty hard?
Chip
Well, I have servers with many different providers and do not see a "so much higher" level of attacks with online.net than with the others... Maybe I'm just lucky. I have 3 servers with online.net.
Online.net mostly provides dedicated servers and that's the main reason.
If somebody hacks dedicated servers he is getting much more resources to dos/brutforce and etc.
512MB OpenVZ + 2 IP's - free if you don't run anything else.
I don't want to run anything else but also don't want it free you have hardware costs after all.
Thanks
Chip
I have some spare IP's over in Illiad (Online.net) if that works for you?