I'm one of the guys involved on DSHIELD project of this SANS website.
Today, I was reading the hits from my honeypot and I found the following strange validation attemps:
In some cases the bots try to validate with the following usernames:
I look forward to know, what kind of attempts are them... could it be a sheellcode/exploit for some IOT device? or maybe it is a mistake when the validation logs are parsed?
Thanks a lot for your support in advance!
Aug 31st 2017
1 year ago