The Internet has already become a hostile environment for computers, especially when they are directly connected with a public IP address. We have experienced this hostile activity where on an average day; the ITB Honeypot recorded over a thousand reconnaissance attacks seeking unauthorised entry onto our private network. Our Honeypot is a basic PC running Windows XP with no services offered and no activity from users that would generate traffic. The Honeypot is running in a passive state on a stub-network where all inbound and outbound traffic is recorded at the bridging computer to the WAN. We report on the majority of scans and vulnerability attacks that were used and investigate the processes that targeted vulnerable ports and access points on the network.
Meyer, Stephen; Smyth, Ivan; Cummins, Mark; and Keane, Anthony
"Be Aware with a Honeypot,"
The ITB Journal:
2, Article 2.
Available at: http://arrow.dit.ie/itbj/vol8/iss2/2