When I was first poking around with Tor, I wondered how many of the "Get guns in Europe", "Hard Drugs here", "Credit Card Numbers for sale" and such links were honeypots. Luckily, not being interested in any of those things, I didn't have to find out.
Oh I think I did something similar by chance. I was seeing which websites were associated with some entities, and I found the ones of the Italian defense ministry. In italian defense is "difesa". I found one that had "bifesa" in the link, and when opened told me that I had to be more careful to links I open because it could have been a dangerous website. Flash forward to a year later and it didn't work anymore
"I guess they saw my email address that greeted them. They probably received logs of someone "falling for it", and saw someone was poking around their secret website, and knew who was behind it. They completely panicked."
I doubt it. I think the author of this page is giving himself way too much credit. The only evidence that anyone "panicked" is the author's own statements that they must have. More likely someone put in a WAF rule that 401'd for his IP.
"By running these honeypots, the police create suspicion and paranoia in the community. If you want to buy a DDoS attack, you now have to wonder if the website is real or just a police honeypot logging your IP. They want people to stop trusting these services entirely."
Well, good, right? What "community" is this diabolical suspicion and paranoia being created in? The community kids who want to DDoS some other kids' game servers? OK, again, that's good, right?
"But it really just feels more like feds jerking themselves off on how cool they are."
Pot, kettle.
"Does this video and the honeypot have any real impact? Let's be honest: probably not."
How does the author know? According to Wikipedia, the larger operation has shut down 4 dozen sites offering DDoS services.
Sure, gov't is often clueless and maybe this is effective or maybe it isn't. Maybe it's an experiment. Maybe it's actually intercepted a fair number of potential customers.
If clueless teens are signing up for booters and it's actually LEO who contacts them and says "you know, that's illegal" then that's a good thing.
Stress testing your own site like the article shows isn't criminal intent. There is legitimate market demand to understand if a service you are running can properly withstand and filter out either large mounts of legitimate and illegitimate traffic.
When I was first poking around with Tor, I wondered how many of the "Get guns in Europe", "Hard Drugs here", "Credit Card Numbers for sale" and such links were honeypots. Luckily, not being interested in any of those things, I didn't have to find out.
Oh I think I did something similar by chance. I was seeing which websites were associated with some entities, and I found the ones of the Italian defense ministry. In italian defense is "difesa". I found one that had "bifesa" in the link, and when opened told me that I had to be more careful to links I open because it could have been a dangerous website. Flash forward to a year later and it didn't work anymore
Technically it would classify as a real honeypot site I'd think
"I guess they saw my email address that greeted them. They probably received logs of someone "falling for it", and saw someone was poking around their secret website, and knew who was behind it. They completely panicked."
I doubt it. I think the author of this page is giving himself way too much credit. The only evidence that anyone "panicked" is the author's own statements that they must have. More likely someone put in a WAF rule that 401'd for his IP.
"By running these honeypots, the police create suspicion and paranoia in the community. If you want to buy a DDoS attack, you now have to wonder if the website is real or just a police honeypot logging your IP. They want people to stop trusting these services entirely."
Well, good, right? What "community" is this diabolical suspicion and paranoia being created in? The community kids who want to DDoS some other kids' game servers? OK, again, that's good, right?
"But it really just feels more like feds jerking themselves off on how cool they are."
Pot, kettle.
"Does this video and the honeypot have any real impact? Let's be honest: probably not."
How does the author know? According to Wikipedia, the larger operation has shut down 4 dozen sites offering DDoS services.
Sure, gov't is often clueless and maybe this is effective or maybe it isn't. Maybe it's an experiment. Maybe it's actually intercepted a fair number of potential customers.
If clueless teens are signing up for booters and it's actually LEO who contacts them and says "you know, that's illegal" then that's a good thing.
>More likely someone put in a WAF rule that 401'd for his IP.
Why make this assumption when you could just visit the website yourself and see the same 401?
It wouldn't be a normal tech article if it wasn't confident(ly wrong) dogmatism from yet another internet catgirl.
Stress testing your own site like the article shows isn't criminal intent. There is legitimate market demand to understand if a service you are running can properly withstand and filter out either large mounts of legitimate and illegitimate traffic.
One of those articles that has an interesting anecdote but written with a mundane lulz mentality. If it’s for teenagers, by teenagers. All is well.
I know. This was not a helpful comment. Sorry.