Title: P3: Security and hacking: Honeypots [2024-11-03 Sun]
and /proc/cmdline, which contain UML-specific
information.
- strange HELLO or Banner on ports.

Example: https://www.shodan.io/host/43.203.236.174
蠡 #dailyreport #hack #hacking #honeypot #honeypots #infosec #security

Title: P2: P0: Security and hacking: Honeypots [2024-11-03 Sun]
emulate IP subnet.

Honeypots may be detected, they:
- do not provide complete environment: ex. in shell not
implement commands
- have strange ports: #dailyreport #hack #hacking #honeypot #honeypots #infosec #security

Title: P1: P0: Security and hacking: Honeypots [2024-11-03 Sun]
I have been reading about honeypots. It is a popular
security tool to trap hackers and global botnets
detector.

They may be simple: just emitate open ports, complex:
have whole OS, distributed: forward connections, virtual: #dailyreport #hack #hacking #honeypot #honeypots #infosec #security

T-minus 10 days!!!

In #CyberSecurity terms, I'm about to deliberately walk into an entirely new threat landscape with no local threat intel, a foreign language I'm still actively patching. The attack surface has changed. The adversaries are now cobblestones, bureaucratic Portuguese, and the very real possibility that I will confidently order the wrong thing at a restaurant and just go with it. Threat level: manageable. Vibes: elevated!!

The honeypots aren't moving. They never do - that's the whole point. They stay scattered where they are, quietly doing their thing, collecting everything. The only thing changing is where the intel gets delivered. Starting April 29th, that's Porto.

I'm a little concerned they're going to start sending it in #Portuguese. 🤷‍♀️

Half my home lab is already there ahead of me. ZimaBoard, #opnsense the Pis - all running, all waiting, probably judging me for not arriving sooner. Home Assistant is next on the list once I land, which means I get to find out whether my automations survived the relocation or whether I'm about to have a very intimate conversation with Portuguese error messages. Could go either way.

And yes, I'm leaving behind the Chicago "L". The L. An elevated rail system so charmingly held together by decades of deferred maintenance and sheer Chicagoan stubbornness that honestly, it's kind of a security metaphor. I'm going to miss the ambiance of a train that sounds like it's actively negotiating with physics.

The Metro stop is literally across the street from my apartment. It's clean. It's modern. It's quiet. The trains run on time. I don't know how I'll cope. 👀

@sashatheflamingo is excited but has concerns about the cobblestones hurting her feet. I told her she can ride on my shoulder. Problem solved. The flamingo adapts. 🦩

And if you're in the security community and haven't looked at #BSidesPorto yet - June 26th and 27th - I don't know what to tell you except that you're going to miss an awesome event if you don't get your tickets - NOW! And come find me. I'll be the one who showed up 60 days before the conference and is still figuring out which bus/metro train goes where.

The operation doesn't stop. It just changes coordinates. The #honeypots already know. They figured it out before I told them. (That's kind of their whole thing.)

⚡ Fresh Talk Alert for BSides Luxembourg 2026!

“Confound and Delay: Honeypot Chronicles from the Digital Battlefield” – Kat Fitzgerald ( @rnbwkat )
Talk (40 minutes)

Step into a 40-minute talk that takes you across the globe through real-world honeypot deployments, uncovering how attackers behave when they think no one is watching. From unexpected attack patterns to cultural quirks and operational chaos, this session blends storytelling with practical insights drawn from running deception systems in diverse and high-risk environments.

Through vivid field experiences, you’ll learn how honeypots can be tailored, maintained, and leveraged to strengthen detection and response strategies. Beyond the humor and war stories, the talk delivers actionable lessons on cyber deception, resilience, and turning attacker behavior into defensive advantage.

Kat Fitzgerald ( @rnbwkat ) a Chicago-based security engineer known for blending technical depth with humor and storytelling. With extensive experience running honeypots across global environments, she brings unique insights into attacker behavior, cyber deception strategies, and real-world operational challenges.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://pretalx.com/bsidesluxembourg-2026/schedule/

📲 Want to navigate the event easily? Check out the full schedule on Hacker Tracker:
https://hackertracker.app/schedule?conf=BSIDESLUX2026

# BSidesLuxembourg2026 #CyberSecurity #Honeypots #ThreatIntelligence #BlueTeam #SecurityResearch

Update from the MIRE/C³ lab 🧪

The neutral 404 handler now catches all trapped errors. I’ve also added a 5–15 second delay before the page is served.

Why? Because scanners hate waiting.

On top of that, the response now includes a small set of AI-targeted “cease and desist” instructions. The hope is that both humans and automated tooling decide to move along (I doubt that…)

Try it yourself:
https://cfdemo.mire.cc/cfdemo.html

#CyberSecurity #Honeypots #IDontThinkSo #MIREC3