Submitted by mig5 on Mon, 31/05/2010 - 17:03
I've been running a honeypot on a server running Nepenthes, which is apt-get installable on Debian Lenny at time of writing.
Nepenthes works by starting up a bunch of emulated vulnerable services on all the typical ports you'd expect. It then monitors and reports on automated sniffers and malware attacks that think they're delivering payload to a real service.
The server has been running for 24 hours - here are my stats using the Submissions2stat.py log parser by Andrew Waite.
