[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Honeypot type services from cloud flare or other security groups?

Subject: Honeypot type services from cloud flare or other security groups?
From: bruns at 2mbit.com (Brielle)
Date: Wed, 11 Mar 2020 09:28:42 -0600

Hi all,

Sorry for formatting errors, on my iPad while I have this thought in my mind.

Does anyone know if any of the security groups or CDNs like Cloudflare have honeypots out there that can be used for analysis of unusual attacks?  As in, change the DNS temp for a host and let the honey pot take the brunt of it and hopefully get useful data (even for the benefit of the security company).

Got a situation where Iâ??ve got an abnormally high amount of legit looking GET requests to a HTTPS git server, but are too high amount to actually be legit end users or people cloning the repos.  The sources are worldwide, distributed, but with the bulk coming from China, Russia, Brazil, and Egypt.

I have some theories and observations that Iâ??d be open to sharing, but preferably not on an open mailing list until Iâ??ve had a change to have them reviewed by someone with more experience and background.

Thx!

Sent from my iPad

Follow-Ups:
- Honeypot type services from cloud flare or other security groups?
  - From: justin at cloudflare.com (Justin Paine)

Prev by Date: Any Singtel AU APAC observed
Next by Date: Anyone from EDGECASTCDN / Verizon Media on the list?
Previous by thread: Any Singtel AU APAC observed
Next by thread: Honeypot type services from cloud flare or other security groups?
Index(es):
- Date
- Thread