SANS ISC: Results from Webhoneypot project

• SANS Site Network
  • Current Site
  • SANS Internet Storm Center
  • Other SANS Sites Help
  • Graduate Degree Programs
  • Security Training
  • Security Certification
  • Security Awareness Training
  • Penetration Testing
  • Industrial Control Systems
  • Cyber Defense Foundations
  • DFIR
  • Software Security
  • Government OnSite Training

SANS ISC InfoSec Forums

[Cross posting with App Sec Streetfighter blog]

The SANS ISC Webhoneypot project was started over a year ago and the client had been in public beta since June. We have been collecting data from honeypots since January. The goal of the project is to collect quantitative data about the prevalence of large scale automated attacks.

We are now ready to share some collected data with the community. Our intention is to share the data and findings with the community in the same manner as the original DShield project.

The high level stats of the Webhoneypot can be found at
http://isc.sans.org/weblogs/

Various reports can be found at
http://isc.sans.org/weblogs/reports.html

A limited search interface can be found at
http://isc.sans.org/weblogs/filter.html

These report pages and especially the search interface is in beta currently. We intend to refine these as the project matures. We appreciate any feedback on these reports and search capabilities.

Feel free to analyze the data as you wish, if you spot anything interesting, please write to us. Thanks and happy log reading.