[dejl13]

I've setup a dionaea honeypot on a spare Linux VM but not receiving any connections.

Any suggestions on how I can increase the connections to my server?

[voroojax]

You should receive occasionally. If not, something is wrong. for example make sure your VM is not behind NAT!

[dejl13]

You should receive occasionally. If not, something is wrong. for example make sure your VM is not behind NAT!

I'm receiving connections now but no binaries, the VM is not behind a NAT at all. It has a public globally routable IP Address and no incoming or outgoing ports are blocked.

[voroojax]

if your config is correct, you'll receive eventually. but be warned, they are mostly kiddo variants!
Personally I prefer reading dionaea logs instead looking at binaries.

[dejl13]

if your config is correct, you'll receive eventually. but be warned, they are mostly kiddo variants!
Personally I prefer reading dionaea logs instead looking at binaries.

What do you mean by "kiddo variants"? n00b copypasta? ;p

[voroojax]

that's a good interpretation. but I meant Kido(sorry for typo in last post). http://malware.wikia.com/wiki/Kido_(Family)

[dejl13]

that's a good interpretation. but I meant Kido(sorry for typo in last post). http://malware.wikia.com/wiki/Kido_(Family)

Win32.Kido? http://en.wikipedia.org/wiki/Conficker? That's still live??

Still no binaries :\

[EP_X0FF]

Win32.Kido? http://en.wikipedia.org/wiki/Conficker? That's still live??

Windows XP still alive, so it is too.

[Vrtule]

A friend of mine runs several honeypots, including Dionea and most of the received binaries (97+ % IIRC) are Conflickers.

[dejl13]

A friend of mine runs several honeypots, including Dionea and most of the received binaries (97+ % IIRC) are Conflickers.

Sadly still no binaries yet, any suggestions where I can post the IP?