101 Things to do with Tailscale
#1: Send 5.5 million webhooks to Splunk per month Things One, Two and Three log all events real-time...
Thing 1: Down
After nearly 2 years of running an OpenCanary in Oracle Cloud, it seems they decided to kill the...
Monthly Statistics
Canary, Hits? Starting with the big numbers, the three OpenCanary instances have seen nearly 5.5 million events in...
Mastodon posts from OpenCanary
The OpenCanary instances are now providing daily summaries into Mastodon. Those summaries give information on what connections the...
OpenCanary 3.0: HowTo
Host and Operating System The basis for any OpenCanary installation is the operating system. Linux is preferred, it...
Extending OpenCanary Monitoring
Expect the Unexpected The unexpected can happen when running OpenCanary instances and this demands some adapting. It’s considerably...
OpenCanary: Login Banner Security
In the greater scheme of things, login warning banners exist to fulfil control requirements. They exist to support...
OpenCanary 3.0 – Evolution not Revolution
USA versus Germany versus Switzerland The OpenCanary trio have been running for some time but, looking at the...
Splunk Migration
Too much success with logs Today, it became clear that the virtual host I created for Splunk to...
The Top 50 Credentials as seen by #1, #2 and #3
With over 20 million connection attempts hitting the 3 OpenCanary instances during 2023, a cross-section of the most...
OpenCanary: The Tyranny of the Default
These are the credentials that the three OpenCanary instances have seen. Star Wars-style!
OpenCanary Hacked!
My OpenCanarys run Samba shares in the Internet. Firstly, this was mainly with Canary Tokens left there for...
And Then There Were Three
More OpenCanary Goodness To balance out having two US-hosted honeypots, the appeal of hosting one elsewhere appealed to...
The Race to the Bottom
OpenCanary, One versus One The joy of being a low-cost security researcher saw my Splunk Enterprise licence revert...
OpenCanary and the Mirai Password List
Fighting the Tyranny of the Default (login) As the OpenCanary in the Cloud continues to sit with its...
OpenCanary: One week in Splunk
The OpenCanary has been feeding Splunk via WebHook for over a week now and the statistics are becoming...
Improving OpenCanary Logging
The Loggly solution I’ve been using is basic and limited, basically being able to give an overview of...
Enhancing the OpenCanary: Samba writes and malware submissions
After finding that someone, somewhere was dumping malware .exe files into my OpenCanary, I had a long thing...
OpenCanary in the Cloud: Unintended Consequences
My OpenCanary in the Cloud was not logging SMB requests properly and I finally made time to look...
The Canary in the Cloud
OpenCanary 2.0 in Oracle Cloud continues to flourish. The main reporting mechanism is a webhook into Loggly from...
OpenCanary 2.0: More Ports, More Protocols….
Putting an OpenCanary into the Cloud is a free and fun way to see what the Internet background...
OpenCanary: 197 Days in the Wilderness
In May 2022, I experimented with putting OpenCanary into an Oracle Cloud Ubuntu VM. It was a quick...
OpenCanary in the Cloud
I guess it is not a typical deployment of OpenCanary but as an interesting research topic, one of...