I accidentally made law enforcement shut down their fake honeypot

drekipus

Technically it would classify as a real honeypot site I'd think

bananamogul

"I guess they saw my email address that greeted them. They probably received logs of someone "falling for it", and saw someone was poking around their secret website, and knew who was behind it. They completely panicked." I doubt it. I think the author of this page is giving himself way too much credit. The only evidence that anyone "panicked" is the author's own statements that they must have. More likely someone put in a WAF rule that 401'd for his IP. "By running these honeypots, the police create suspicion and paranoia in the community. If you want to buy a DDoS attack, you now have to wonder if the website is real or just a police honeypot logging your IP. They want people to stop trusting these services entirely." Well, good, right? What "community" is this diabolical suspicion and paranoia being created in? The community kids who want to DDoS some other kids' game servers? OK, again, that's good, right? "But it really just feels more like feds jerking themselves off on how cool they are." Pot, kettle. "Does this video and the honeypot have any real impact? Let's be honest: probably not." How does the author know? According to Wikipedia, the larger operation has shut down 4 dozen sites offering DDoS services. Sure, gov't is often clueless and maybe this is effective or maybe it isn't. Maybe it's an experiment. Maybe it's actually intercepted a fair number of potential customers. If clueless teens are signing up for booters and it's actually LEO who contacts them and says "you know, that's illegal" then that's a good thing.

amarcheschi

Oh I think I did something similar by chance. I was seeing which websites were associated with some entities, and I found the ones of the Italian defense ministry. In italian defense is "difesa". I found one that had "bifesa" in the link, and when opened told me that I had to be more careful to links I open because it could have been a dangerous website. Flash forward to a year later and it didn't work anymore

charcircuit

Stress testing your own site like the article shows isn't criminal intent. There is legitimate market demand to understand if a service you are running can properly withstand and filter out either large mounts of legitimate and illegitimate traffic.

tecoholic

One of those articles that has an interesting anecdote but written with a mundane lulz mentality. If it’s for teenagers, by teenagers. All is well.

technothrasher

When I was first poking around with Tor, I wondered how many of the "Get guns in Europe", "Hard Drugs here", "Credit Card Numbers for sale" and such links were honeypots. Luckily, not being interested in any of those things, I didn't have to find out.

slopinthebag

> Does this video and the honeypot have any real impact? Let's be honest: probably not. It feels like they are just redistributing wealth from the average taxpayer to AI video slop corporations. I feel like this describes roughly 75% of all government initiatives.

sans_souse

Why is this particular phrasing; "fake honeypot" triggering déjà vu for me? And is it fake déjà vu or legit? Genuinely asking if anyone recalls this being in an HN in the last two yearsish.

emmelaich

Is a fake honeypot ... real? Is een nep -honeypot ... echt? Forgive my pedantry.

TurdF3rguson

Why would they have Cloudflare turnstiles? Are they worried about getting DDOS-ed?

killingtime74

Nit. Isn't it a real honeypot, not a fake one?

dlcarrier

I get 401 errors all three time, because I use web browsers that don't leak enough personally identifiable information to prove that I'm not a robot.