DecoyPulse Honeypots
10
Total Honeypots
9
Active
22
Triggered (30d)
3
Internal Triggers
9
External Triggers
99.9%
Avg Uptime
0
False Positives
6
Unique Attackers
Honeypot Status
DP-SSH-01
SSH Server
DP-RDP-01
RDP Terminal
DP-SMB-01
SMB File Share
DP-HTTP-01
Web Admin Panel
DP-SQL-01
MSSQL Database
DP-FTP-01
FTP Server
DP-LDAP-01
LDAP Directory
DP-SMTP-01
SMTP Mail Relay
DP-CRED-01
Credential Lure
DP-FILE-01
Canary Documents
Trigger Activity Log
25 events (last 30 days)| ID | Time | Honeypot | Action | Source IP | Source Type | User Context | Severity | Alert Raised |
|---|---|---|---|---|---|---|---|---|
DPT-0022 |
1d ago | DP-CRED-01 | Directory traversal attempt on web honeypot | 103.98.216.146 |
External | — | Medium | Yes |
DPT-0006 |
1d ago | DP-FILE-01 | SQL authentication probe detected | 10.2.148.101 |
Internal | j.smith | Critical | Yes |
DPT-0021 |
1d ago | DP-HTTP-01 | HTTP admin panel login attempted | 91.76.195.122 |
External | — | Medium | Yes |
DPT-0011 |
2d ago | DP-HTTP-01 | LDAP bind with service account | 194.120.62.37 |
External | — | High | Yes |
DPT-0013 |
3d ago | DP-RDP-01 | RDP brute force from internal IP | 10.2.58.154 |
Internal | a.wilson | Critical | Yes |
DPT-0009 |
4d ago | DP-FILE-01 | Canary document opened from workstation | 10.1.145.126 |
Internal | system | Critical | Yes |
DPT-0003 |
5d ago | DP-RDP-01 | Port scan followed by connection attempt | 45.105.148.104 |
External | — | High | Yes |
DPT-0005 |
5d ago | DP-CRED-01 | Directory traversal attempt on web honeypot | 185.85.220.68 |
External | — | High | Yes |
DPT-0001 |
7d ago | DP-RDP-01 | Port scan followed by connection attempt | 10.1.239.132 |
Internal | r.davies | Critical | Yes |
DPT-0020 |
8d ago | DP-RDP-01 | Multiple protocol probes from single source | 194.149.62.168 |
External | — | Medium | Yes |
DPT-0008 |
9d ago | DP-SMB-01 | SMB share enumeration attempt | 10.1.33.224 |
Internal | m.taylor | Critical | Yes |
DPT-0014 |
13d ago | DP-LDAP-01 | FTP anonymous login attempt | 103.22.216.171 |
External | — | Medium | Yes |
DPT-0019 |
16d ago | DP-FILE-01 | Port scan followed by connection attempt | 10.2.141.226 |
Internal | e.evans | Critical | Yes |
DPT-0012 |
18d ago | DP-FTP-01 | Multiple protocol probes from single source | 10.2.155.40 |
Internal | k.brown | Critical | Yes |
DPT-0004 |
18d ago | DP-RDP-01 | SQL authentication probe detected | 10.3.90.226 |
Internal | system | Critical | Yes |
DPT-0018 |
19d ago | DP-HTTP-01 | SQL authentication probe detected | 91.24.195.25 |
External | — | High | Yes |
DPT-0010 |
20d ago | DP-FTP-01 | Automated tool fingerprint detected | 45.158.148.87 |
External | — | Medium | Yes |
DPT-0015 |
21d ago | DP-SQL-01 | Automated tool fingerprint detected | 91.228.195.216 |
External | — | Medium | Yes |
DPT-0002 |
21d ago | DP-FILE-01 | HTTP admin panel login attempted | 103.63.216.66 |
External | — | Medium | Yes |
DPT-0016 |
22d ago | DP-SMB-01 | RDP brute force from internal IP | 45.187.148.85 |
External | — | High | Yes |
DPT-0007 |
23d ago | DP-FTP-01 | Canary document opened from workstation | 91.123.195.38 |
External | — | Medium | Yes |
DPT-0023 |
24d ago | DP-SMB-01 | SSH login attempt with user "admin" | 10.0.91.150 |
Internal | n.clark | Critical | Yes |
DPT-0017 |
26d ago | DP-LDAP-01 | Canary document opened from workstation | 194.113.62.110 |
External | — | High | Yes |
DPT-0025 |
26d ago | DP-HTTP-01 | Port scan followed by connection attempt | 10.1.190.113 |
Internal | p.thomas | Critical | Yes |
DPT-0024 |
27d ago | DP-CRED-01 | SQL authentication probe detected | 10.1.78.208 |
Internal | r.davies | Critical | Yes |
Zero False Positive Detection
DecoyPulse honeypots have zero false positive rate because no legitimate user or service should ever interact with them. Any trigger is inherently suspicious and warrants investigation. Internal triggers are especially critical as they may indicate lateral movement or insider threat activity.