open proxy honeypot

An idea for a rainy day (or bored student!): a web proxy “honeypot.” (Snargled from Grossman.) Now, rather than rolling theirs and instead rolling your own, I suppose it wouldn’t be all that hard to stand it up, but it might be a bit harder trying to attract malicious users. Perhaps dropping the open proxy address to some anon proxy lists, astalavista, and perhaps other places you might eventually get some hits…

Running one’s own open web proxy might drive home the fact that web proxies may give anonymity to the destination, it does absolutely nothing for the privacy of data or anonymity from the point of view of the proxy device.

Oh, and how fuckin’ sweet is it that you can package your wares into a VM and distribute it that way? Copy over the VM, start it up, and bam, all that configuration and setup is pretty much done, just give it an IP!

Posted in web