Dienstag, 21. Juli 2015

Telnet Honeypot works

More like a Proof of Service
2015-07-22 06:46:58
Source IP: 218.161.14.170
Country: TW RiskScore: 1 Malware: []
echo -e '\x67\x61\x79\x66\x67\x74'
User: root
Pass: root

 END OF DATA
I implemented a TELNET honeypot service yesterday evening.
The access attempts during the night show that it works. The one posted above is one of the nicer ones, at the attacker at least tried to run a command also.

The TELNET server will welcomes you and asks you for username and password. He will let you access anyway and give you the chance to fire one command, actually, it let you type one command.