SSH honeypot, deployed in the wild, collecting and sharing data

What is a Honeypot?

A honeypot is defined as: a place to which many people are attracted. In this case I'm trying to attract cyber attackers (or hackers).

Or, In computer terminology: a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems

A honeypot "consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers" (technical definition: Wikipedia).

The idea behind a honeypot is to lure an attacker into believing that they're breaking/hacking into a computer network - but it's actually a trap. The honeypot records the attackers activities and logs it for analysis

For a fascinating background on the history of honeypots, I highly recommend reading Clifford Stoll's The Cuckoo's Egg. Basically, Stoll set up a honeypot to catch a hacker that had gained unauthorised access to computers at Lawrence Berkeley National Laboratory (LBNL) during the 1980s.

For further reading on honeypots see:

Image credit: "Honey jar" by Nic McPhee,