I just wanted to share a bit of fun from my daily research work. I monitor a lot of honeypot data on a global scale, most of which is generated from HoneyPoint, of course. The HITME produces large amounts of data every hour, and it is a ton of fun to play with.
But, I also monitor several Twitter feeds of honeypot data, and I wanted to share a few quick things with you from there.
Below is a topic cloud from the feeds for yesterday. The larger the words, the more numerous their use:
I also rank hashtags by use, and here are a few high hitters, and their number of uses in a day’s worth of data back in July:
58565 #netmenaces
11302 #hit
5959 #blacklisted
5379 #host
2990 #telnet
2813 #badabuse
2660 #infosec
2660 #cybersecurity
2301 #botabuse
2142 #smb
1723 #mssql
1311 #wordpress
1091 #mysql
Do you generate data like this? If so, how do you play with it? Hit me up on Twitter (@lbhuston) and share your process.