Honeypot type services from cloud flare or other security groups?

• Previous message (by thread): Any Singtel AU APAC observed
• Next message (by thread): Honeypot type services from cloud flare or other security groups?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

Sorry for formatting errors, on my iPad while I have this thought in my mind.

Does anyone know if any of the security groups or CDNs like Cloudflare have honeypots out there that can be used for analysis of unusual attacks?  As in, change the DNS temp for a host and let the honey pot take the brunt of it and hopefully get useful data (even for the benefit of the security company).

Got a situation where I’ve got an abnormally high amount of legit looking GET requests to a HTTPS git server, but are too high amount to actually be legit end users or people cloning the repos.  The sources are worldwide, distributed, but with the bulk coming from China, Russia, Brazil, and Egypt.

I have some theories and observations that I’d be open to sharing, but preferably not on an open mailing list until I’ve had a change to have them reviewed by someone with more experience and background.

Thx!

Sent from my iPad

• Previous message (by thread): Any Singtel AU APAC observed
• Next message (by thread): Honeypot type services from cloud flare or other security groups?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]