{"id":245,"date":"2018-11-20T13:10:17","date_gmt":"2018-11-20T11:10:17","guid":{"rendered":"https:\/\/fortgale.com\/news\/?p=245"},"modified":"2026-06-08T22:42:48","modified_gmt":"2026-06-08T22:42:48","slug":"fortpot-network-attacks","status":"publish","type":"post","link":"https:\/\/fortgale.com\/blog\/emerging-threats\/fortpot-network-attacks\/","title":{"rendered":"FortPot \u2014 attacks from the network"},"content":{"rendered":"<p style=\"text-align: justify\">We are pleased to inaugurate the launch of the <strong>FORTPOT<\/strong> project, a component of our strategy that focuses attention on threat actors. We have decided to begin by examining threats present on the internet and what impacts exposed systems. <strong>Botnets<\/strong>, automated scanning, <strong>brute force<\/strong> attacks, <strong>exploits<\/strong>, and assessment activities are among the attacks observable when a system\u2014such as a router, server, NAS, or video surveillance system\u2014is exposed on a public Internet IP address.<\/p>\n<p style=\"text-align: justify\">With this post we also inaugurate a series of threat analyses based on the use of <strong>our <em>Honeypot<\/em> network,<\/strong> with nodes deployed across different geographic regions and Internet Service Providers.<\/p>\n<h2 style=\"text-align: justify\">What is a Honeypot?<\/h2>\n<p style=\"text-align: justify\">A <strong><em>Honeypot<\/em> is a decoy<\/strong> used to attract the attention of threat actors who, believing they have found a vulnerable system, proceed with a cyberattack and a series of post-compromise activities.<\/p>\n<p style=\"text-align: justify\">Analyzing attacker behavior during the <strong><em>Discovery<\/em><\/strong>, <strong><em>Exploitation<\/em><\/strong>, and <strong><em>Post-Exploitation<\/em><\/strong> phases enables analysts to obtain significant quantity and quality of data.<\/p>\n<p style=\"text-align: justify\">For further information: <a href=\"https:\/\/en.wikipedia.org\/wiki\/Honeypot\">https:\/\/en.wikipedia.org\/wiki\/Honeypot<\/a><\/p>\n<h2 style=\"text-align: justify\">FORTPOT \u2013 Initial Findings<\/h2>\n<p style=\"text-align: justify\">Our <strong><em>Honeypot<\/em> infrastructure<\/strong> currently generates over 300 000 security events per day for each individual node.<\/p>\n<p style=\"text-align: justify\">The <em>ThreatMap<\/em> below highlights the primary attack sources over the last 48 hours. The majority of attacks consist of <em><strong>Brute Force<\/strong><\/em> attempts and SMB service exploits (DoublePulsar). Through <a href=\"https:\/\/fortgale.com\/en\/cyber-threat-intelligence\/\">Cyber Threat Intelligence<\/a> collection and analysis, we track these patterns to identify emerging attack vectors and actor infrastructure.<\/p>\n<p style=\"text-align: justify\">Data collected in the coming weeks will be shared in detail under the new &#8220;FORTPOT&#8221; category.<\/p>\n<p style=\"text-align: justify\"><img decoding=\"async\" src=\"https:\/\/fortgale.com\/news\/wp-content\/uploads\/sites\/2\/2018\/11\/threatmap-1024x456.png\" alt=\"\" width=\"750\" height=\"334\" class=\"alignnone size-large wp-image-248\" loading=\"lazy\" \/><\/p>\n<p style=\"text-align: justify\">Honeypot-based threat monitoring provides defenders with actionable intelligence on reconnaissance patterns, exploitation techniques, and post-compromise behavior observed across geographically distributed sensor networks.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Insights from FortPot honeynet sensors: scanning waves, exploitation attempts on exposed services, automated brute-force trends and ASN-level intelligence.<\/p>\n","protected":false},"author":1,"featured_media":248,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[28,57,58,84,118,150,171,3189,191,212,3116,355,357],"class_list":["post-245","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-emerging-threats","tag-analysis","tag-botnet","tag-brute-force","tag-cowrie","tag-dionaea","tag-fortpot","tag-honeypot","tag-internet-scanning","tag-italy","tag-malware","tag-threat-intelligence","tag-threat-map","tag-threatmap"],"_links":{"self":[{"href":"https:\/\/fortgale.com\/blog\/wp-json\/wp\/v2\/posts\/245","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fortgale.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fortgale.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fortgale.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fortgale.com\/blog\/wp-json\/wp\/v2\/comments?post=245"}],"version-history":[{"count":1,"href":"https:\/\/fortgale.com\/blog\/wp-json\/wp\/v2\/posts\/245\/revisions"}],"predecessor-version":[{"id":9864,"href":"https:\/\/fortgale.com\/blog\/wp-json\/wp\/v2\/posts\/245\/revisions\/9864"}],"wp:attachment":[{"href":"https:\/\/fortgale.com\/blog\/wp-json\/wp\/v2\/media?parent=245"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fortgale.com\/blog\/wp-json\/wp\/v2\/categories?post=245"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fortgale.com\/blog\/wp-json\/wp\/v2\/tags?post=245"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}