Author: M.McNamara (21 Mar 16 12:06pm)
I have a large number of servers that consistently get malicious files installed, and once we catch them with our scanner they are removed and placed inside quarantine directory.
What I would LIKE to do, is to actually just instead, replace that file, with a honeypot file, and that way when they continue to attempt to login or SPAM via that file, their IP is logged ...
I've got multiple sites setup, but does anybody have any suggestions on the best way to do something like this, or if there is any other service similar to this out there?
Thanks!
-- just trying to contribute as much data as I can instead of just letting it go into the abyss --
|