The SANS ISC Webhoneypot project was started over a year ago and the client had been in public beta since June. We have been collecting data from honeypots since January. The goal of the project is to collect quantitative data about the prevalence of large scale automated attacks.
We are now ready to share some collected data with the community. Our intention is to share the data and findings with the community in the same manner as the original DShield project.
[Cross posted from SANS ISC]
SANS ISC started the Dshield Web Honeypot project roughly one year ago. The goal of this project is to replicate what Dshield had done for the community on the web application side. We are not trying to detect targeted attacks but fast scanning and replicating threats that has potential to affect the whole community quickly.
Similar to the original Dshield project, we rely on volunteers to feed us logs. In the case of web logs, it is not easy to collect detailed log (eg. HTTP header, HTTP body) by using the web server logs alone, this is why we have a PHP + Apache based client component for volunteer to install as their log collector (or honeypot). We are announcing today that the client software for this project is turning beta. Special thanks to the volunteers on this project
For this project to be successful, we