A WHILE BACK, we were getting an overwhelming 10-12,000 pieces of email spam per day. We finally realized that it was coming from the “catch-all” account.
We were getting, and supposedly sending, emails to/from things like asbkxke at cbo dot com (abbreviated of course). The catch-all account was deleted, and that took care of most of the spam.
Today, I came across one of those email addresses on a site called honeypots.net. It was listed as probable spam, and came from an IP address that did not belong to CBO.
On further investigation, I found that if you register with honeypots.net, they will help you set up “spam traps” on your site. These traps will help to catch various types of spammers – address harvesters, comment spammers, etc.
AND, once caught, the people at honeypots will do as much as possible to help get these guys arrested and off the street…uhm…highway….ah…information highway…..doh…the NET. What I mean is, they will track them down, which is great, since most of us wouldn’t have a clue how to do that!
A honeypot, or a honeynet, is a computer, or computers, dedicated to logging of intrusion attempts. Once they are set up, you do things to attract the bad guys, to see how they are running their attacks.
Using a virtual machine as a honeypot can save you from having to invest in new hardware, and re-deployment of a compromised machine can be done quickly.