TFTP Honey Pot Results
A TFTP honeypot running for over a month captured 20-50 packets daily, revealing that most traffic originated from seven infosecurity companies (including Shodan, Censys, and Palo Alto Networks) conducting routine vulnerability scans rather than malicious activity. The scans followed distinct patterns—such as Palo Alto Networks probing approximately every 24 hours and multiple companies requesting files named "a"—providing insights into how infosec firms conduct automated reconnaissance.
Read Full Article →