HaaS: Honeypot as a Service

en in tech • 2 min read

My team at CZ.NIC finally introduces a stable version of HaaS, Honeypot as a Service. Who knows Czech can read it in an official blog post (edit: English version). For non Czech readers, CZ.NIC is mainly known for Czech domain registry, but does much more. For example secure router called Turris which had honeypot included a long time ago. We decided to provide honeypot for anybody, not just Turris owners.

What is honeypot, exactly? The honeypot is special application simulating operating system and allows potential attacker to log in (we support SSH only now) and do any command or download malware. It’s not easy to install such application for ordinary users and mostly it’s not very secure. We decided to do it for you. :-)

Unfortunately, still, it’s not super easy to join the project. At least now you need to install only very small proxy. The proxy has to be there so we can know small but important detail: IP address of potential attackers. Without proxy we would know only the IP of our user, which is useless.

The collected data are used by our CSIRT.CZ team to inform owners of infected servers and computers by some botnet about the issue. Currently the biggest source of the attacks to our users is coming from China so we share our data with the security team in Taiwan. We plan to share data with other CERT/CSIRT teams as well.

If you want to join the project, you can do that on the page haas.nic.cz. Register new account and install proxy (available as deb/rpm package, on PyPI or as simple tar). In case of interest into analysis, we provide data on page with global statistics. Well, except passwords, because we experienced more than one oversight where the user logged into the honeypot…



Share on:   Facebook   Twitter   Reddit   Tumblr   Pinterest




You may also like

en AI Can Save Us, December 3, 2018
en Science Channels, August 29, 2018
en Importance of Blogs, August 21, 2018
en Brief History of Time, August 10, 2018
en Cyborgs, June 26, 2018


Popular from tech

en I’m Not Afraid of AI, October 31, 2017
en Why I Don’t Trust Recommendation Systems, January 18, 2018
en We Need to Remake the Internet, April 24, 2018
en Importance of Blogs, August 21, 2018
cs Blokování obsahu 2.0, October 6, 2016