Due recent breaches that have occurred using weak remote access application pass

Question

Due recent breaches that have occurred using weak remote access application passwords. I would like to setup my own honey pot on a windows machine to study their malicious intents. This is pretty easy I will install RDP, VNC and other such like applications and put a weak password.

The second objective of the study

I want to build a list of weak passwords that attackers use, how can I get the passwords ?

I you would like to know how you would do it. I understand that are linux distros for honeypots. But I prefer using a Windows Machine because I have a VPS that I don't use and is running Windows, changing the OS is impossible.

Thanks

Explanation / Answer

You don't need to set up a honeypot to accomplish either of these. I can tell you exactly what their intentions are once they've compromised a machine. Depending on who gets lucky enough to brute force your credentials first, you can bet they will do one or more of the following :

Finding a list of weak passwords that are being used should be relatively trivial. There is a lot of risk in setting up a honeypot, and from what I gather about what you're hoping to accomplish, not a lot of gain. As the owner of the VPS you are ultimately responsible for the activities that occur on it, so if someone with malicious intents compromises your box because you set up a honeypot and didn't take the proper precautions to contain the damage, you will ultimately be responsible.

In addition, I would also think that setting up a VPS for the purposes of a honeypot would violate the TOS that you agreed to when procuring the VPS.

Related Questions

Navigate

• Browse (All)
• Browse D
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.