As an avid honeypot person I like this project a lot, I'll be doing a talk at a conference about them soon. Do you provide a master repository for the username/password combinations that have been guessed? I understand I could do this with constant JSON fetching but I admit, I don't have an incredible talent when it comes to web technologies (but it is something I am working on improving).
Any chance you'll make it generally public? I can see reasons for keeping it private and for having a public repository with occasional database dumps, don't know where you fall on that.
Of course, anyone who runs an SSH server on port 22 knows it's not that hard to generate your own little database quickly enough.
All the data is currently public (via the API) - you just have to know how to query the API to get it. Not sure if a publicly accessible endpoint to dump all data is a good idea (since that could get resource intensive).
If you have a suggestion for some api endpoints or better querying, let me know.
yeah, this is what I was talking about. Once for a college project we had VMs acting as honeypots, to try to get the big bears (not just bots) so we changed OpenSSH source code, let them in at the 3rd try and then the idea was to send back through ICMP payloads the session keys to decrypt the communication, based on a nettables module hack published at phrack!
Is there any benefit to running this vs just keeping your SSH port on 22 and running fail2ban or denyhosts which also run servers cataloging black-listed IP address (well, denyhosts supports the option, not sure about fail2ban).
As an avid honeypot person I like this project a lot, I'll be doing a talk at a conference about them soon. Do you provide a master repository for the username/password combinations that have been guessed? I understand I could do this with constant JSON fetching but I admit, I don't have an incredible talent when it comes to web technologies (but it is something I am working on improving).