Update on the APNIC Honeynet Network | APNIC Blog>
AP NIC Blog – Adli Wahid
APNIC is now operating a Community Honeynet Network (CHN) with more than 200 points of data collection, mostly in the Asia Pacific region but with nodes in Central and South America, the USA, and Europe.
Many security researchers, including Computer Security Incident Response Teams (CSIRTs), deploy honeypots to learn about tools, tactics, and the attackers’ infrastructure.
As well as systems that detect intrusions and attacks, honeynets have backend infrastructure to process logs, aggregate and store data, and present information about the threats seen.
DASH collates threats seen in the honeynet by the origin-AS of APNIC Members, so Members can easily see if any of their IP addresses have hit our honeypots, suggesting they have probably been exposed to one of the current risks active in the Internet.
Collaborating with organizations like the Shadowserver Foundation, we advocate for sharing this data beyond our regional scope, reaching areas like South America, Africa and Europe.
2023 saw the inaugural FIRST Pacific Symposium, where resources from across the globe were brought to the region to engage with the CERT and CSIRT community.
Link: https://blog.apnic.net/2024/02/05/update-on-the-apnic-honeynet-network/