![](https://toce.ch/storage/2024/03/Tailscale1-jpg.webp)
101 Things to do with Tailscale
#1: Send 5.5 million webhooks to Splunk per month Things One, Two and Three log all events real-time...
![](https://toce.ch/storage/2024/03/Armada-crashed-jpg.webp)
Thing 1: Down
After nearly 2 years of running an OpenCanary in Oracle Cloud, it seems they decided to kill the...
![](https://toce.ch/storage/2024/02/OC-30day-breakdown-1024x849.png)
Monthly Statistics
Canary, Hits? Starting with the big numbers, the three OpenCanary instances have seen nearly 5.5 million events in...
![](https://toce.ch/storage/2023/12/social-media-1024x682.webp)
Mastodon posts from OpenCanary
The OpenCanary instances are now providing daily summaries into Mastodon. Those summaries give information on what connections the...
![](https://toce.ch/storage/2023/12/BuildHoneypot.png)
OpenCanary 3.0: HowTo
Host and Operating System The basis for any OpenCanary installation is the operating system. Linux is preferred, it...
![](https://toce.ch/storage/2023/12/HackerHoodieCode.png)
Extending OpenCanary Monitoring
Expect the Unexpected The unexpected can happen when running OpenCanary instances and this demands some adapting. It’s considerably...
![](https://toce.ch/storage/2023/11/OC2.0_Login_Banner.png)
OpenCanary: Login Banner Security
In the greater scheme of things, login warning banners exist to fulfil control requirements. They exist to support...
![](https://toce.ch/storage/2023/11/OC3.0_Clean_Comparison-1024x509.png)
OpenCanary 3.0 – Evolution not Revolution
USA versus Germany versus Switzerland The OpenCanary trio have been running for some time but, looking at the...
![](https://toce.ch/storage/2023/10/matrix-world-1024x640.webp)
Splunk Migration
Too much success with logs Today, it became clear that the virtual host I created for Splunk to...
![](https://toce.ch/storage/2023/09/Top50Creds-1024x720.png)
The Top 50 Credentials as seen by #1, #2 and #3
With over 20 million connection attempts hitting the 3 OpenCanary instances during 2023, a cross-section of the most...
![](https://toce.ch/storage/2023/09/opencanary-starwars-1024x540.png)
OpenCanary: The Tyranny of the Default
These are the credentials that the three OpenCanary instances have seen. Star Wars-style!
![](https://toce.ch/storage/2023/09/malware-stolen.png)
OpenCanary Hacked!
My OpenCanarys run Samba shares in the Internet. Firstly, this was mainly with Canary Tokens left there for...
![](https://toce.ch/storage/2023/05/3xheader-1024x937.png)
And Then There Were Three
More OpenCanary Goodness To balance out having two US-hosted honeypots, the appeal of hosting one elsewhere appealed to...
![](https://toce.ch/storage/2023/04/R2B-1-1024x520.png)
The Race to the Bottom
OpenCanary, One versus One The joy of being a low-cost security researcher saw my Splunk Enterprise licence revert...
![](https://toce.ch/storage/2023/03/CommonCredsNice.png)
OpenCanary and the Mirai Password List
Fighting the Tyranny of the Default (login) As the OpenCanary in the Cloud continues to sit with its...
![](https://toce.ch/storage/2023/02/OC-popular-protocols.png)
OpenCanary: One week in Splunk
The OpenCanary has been feeding Splunk via WebHook for over a week now and the statistics are becoming...
![](https://toce.ch/storage/2023/02/DALL·E-opencanary-1024x1024.png)
Improving OpenCanary Logging
The Loggly solution I’ve been using is basic and limited, basically being able to give an overview of...
![](https://toce.ch/storage/2023/01/malware-jpg.webp)
Enhancing the OpenCanary: Samba writes and malware submissions
After finding that someone, somewhere was dumping malware .exe files into my OpenCanary, I had a long thing...
OpenCanary in the Cloud: Unintended Consequences
My OpenCanary in the Cloud was not logging SMB requests properly and I finally made time to look...
![](https://toce.ch/storage/2023/01/Loggly-OCI-7-day-with-username-1024x449.png)
The Canary in the Cloud
OpenCanary 2.0 in Oracle Cloud continues to flourish. The main reporting mechanism is a webhook into Loggly from...
![](https://toce.ch/storage/2022/12/OpenCanary-1024x1024.png)
OpenCanary 2.0: More Ports, More Protocols….
Putting an OpenCanary into the Cloud is a free and fun way to see what the Internet background...
![](https://toce.ch/storage/2022/12/opencanary-passwords-1024x444.jpg)
OpenCanary: 197 Days in the Wilderness
In May 2022, I experimented with putting OpenCanary into an Oracle Cloud Ubuntu VM. It was a quick...
![](https://toce.ch/storage/2022/05/opencanary-1024x1024.png)
OpenCanary in the Cloud
I guess it is not a typical deployment of OpenCanary but as an interesting research topic, one of...