TrapperJohn

A First Time for Everything

posted May 21, 2011, 7:15 PM by Ramece Cave   [ updated May 26, 2011, 4:11 PM ]

In the 4 years that TrapperJohn has been running, I have never run out of disk space due to a worm propagation, or someone generally trying to haxor the box. Well, a few days ago over 30GBs of logs were written to disk. No I did not stutter that was 3-0-G-B of logs, both raw and PCAP combined. That particular host is offline for now, while 
I write a few processes to prevent this from happening again and offload the data.

The influx of traffic appeared to be caused by the Microsoft Data Services vulnerabilities that were released last month.

Project Description

posted May 21, 2011, 7:04 PM by Ramece Cave

TrapperJohn is the core analytical and data wrangler component for a honeypot network n00dle has operating into two domestic locations. With another in the process of being added in the near future. The goal is to have a network of honeypots all over the world reporting back to a central location. The data is analyzed, categorized and the binaries processed for additional information.

1-2 of 2