Operating honeypots on an ActivityPub server can help reduce the generation of unnecessary logs and thereby decrease the load on the system. Additionally, it can make attackers waste their efforts, giving administrators more time to protect the actual system. Here, we introduce honeypot projects that have been confirmed to be applicable to real servers.
- (SSH/22) droberson/ssh-honeypot - written in C/C++, Modified version available
- (Telnet/23) robertdavidgraham/telnetlogger - written in C/C++, Modified version available
- (FTP/21) farinap5/FTPHoney - written in Go
- (SMTP/25, Encrypted/465,587) decke/smtprelay - written in Go
- (MySQLd/3306) sjinks/mysql-honeypotd - written in C/C++
- (PostgreSQL/5432) betheroot/pghoney - written in Go, Modified version available
Recent honeypot operation cases have confirmed that honeypots are also vulnerable to DoS attacks such as SYN Flooding. This can cause memory shortages and lead to various related issues. This should be taken into account during operation.