[Update] Honeypot results June 2012

Here are the latest graphs of my honeypot. Overall “normal traffic”, at the exception of several attempts to download a file named “h.exe” from a particular IP address. However it seems that this host has been cleaned in the meantime as all attempts results in a “404 Not Found”.

[Update] I have done a bit more research regarding this particular IP address. It seems that this host has been used for other piece of malwares based on the Malc0de database:

Continue reading “[Update] Honeypot results June 2012”

Honeypot results May 2012

Find below the latest graphs of the honeypot I’m running. Overall an increase in the number of connection with some huge speak at the end of April and beginning of May.

Note: due to a system restart, the honeypot was not running for a few days at the end of May beginning of June.
Note 2: this honeypot is a Dionaea instance. If you want to set up an instance on your server, follow the step-by-step guide on the Dionaea website.

Continue reading “Honeypot results May 2012”