this post was submitted on 28 Apr 2026

76 points (77.9% liked)

Technology

84199 readers

3337 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

I Left Port 22 Open on the Internet for 54 Days. Here's Who Showed Up. (arman-bd.hashnode.dev)

submitted 12 hours ago* (last edited 11 hours ago) by exu@feditown.com to c/technology@lemmy.world

16 comments fedilink hide all child comments

Edit: The post was probably heavily AI written and contains mistakes to that effect, which is unfortunate. The data in general is still interesting though.

all 18 comments

sorted by: hot top controversial new old

[–] null@lemmy.zip 2 points 3 hours ago

I'm kind of disappointed that bigboobz wasn't on the top of the password list.

[–] sommerset@thelemmy.club 1 points 3 hours ago

Honeypot as a Python script in a docker container?
Isn't that not really a true isolation?

[–] Retro_unlimited@lemmy.world 53 points 11 hours ago (2 children)

If they used AI, then I consider they lost all credibility.

[+] magnue@lemmy.world -34 points 10 hours ago (3 children)

Oh so you want them to do all that and gather all the data and do it themselves for free? What a dumb comment.

I've run a honeypot for the last month and the data is near-identical to this. It's definitely credible.

[–] floquant@lemmy.dbzer0.com 27 points 7 hours ago* (last edited 7 hours ago)

Oh so you want them to do all that and gather all the data and do it themselves for free?

Yes, that is what 90% of the internet has been about since it became a thing. Doing everything for profit turns everything into shit.

[–] cecilkorik@piefed.ca 43 points 10 hours ago (1 children)

Near-identical doesn't make it valuable. Plausible but incorrect is still incorrect. AI creates plausible and credible but incorrect data.

The plausibility and credibility is like a honeypot for your confidence. You read it, and understand it, and come to believe it. But it was false all along. You think you learned things. You actually learned nothing.

[–] NotSteve_@lemmy.ca 3 points 8 hours ago (1 children)

I initially disagreed but after actually reading the post, I'm with you. If it was only the article's text that was generated and not the data or graphs then I don't see why the whole thing would be written off. I mean, it's really sad seeing people offload their writing to AI but I still found it interesting.

[–] Glitchvid@lemmy.world 9 points 8 hours ago (1 children)

The Belgian traffic? Almost entirely from a single residential IP — one box that sent over 156,000 login attempts, more than the entire country of Germany. It just sat there, hammering echo "\x6F\x6B" over and over, every single second, for weeks. Relentless.

Had a funny similar thing, there's some weird person/people that randomly probe and attack a specific game's community hosted dedicated servers; and one week this specific IP address out of Virginia was just hammering one of mine, with what amounts to a specific byte sequence, then an incrementing number of the packet (until it wrapped around). Then it stopped. Weird shit.

[–] frongt@lemmy.zip 1 points 56 minutes ago

It's possible it was something misconfigured, a poorly-written script, or a bug in some software causing unexpected behavior. At the scale of the Internet, all of those are very possible.

It could also be the Internet equivalent of a numbers station.

[–] XLE@piefed.social 13 points 10 hours ago

Thanks for the warning OP

[–] kratoz29@lemmy.zip 4 points 8 hours ago (1 children)

and contains mistakes to that effect

What mistakes?

[–] AbidanYre@lemmy.world 9 points 8 hours ago* (last edited 6 hours ago)

At one point it said only 28 IPs came back and those 31 were clever. Or something to that effect.

[–] phoenixz@lemmy.ca 2 points 8 hours ago

So is there a socket container for this? Wi wouldn't mind wasting some hacker assholes time with this

[–] magnue@lemmy.world 5 points 10 hours ago

Weird I did the exact same thing on a VPS. Basically the same data.