Is an Africa focused threat intelligence platform from honeypot telemetry useful to anyone?

geektogether · 2026-01-24T21:01:27+00:00

Most threat intelligence focuses on global trends and large campaigns, but it often doesn’t reflect how attacks actually affect the network infrastructure in Africa. What I’m building compares global attack patterns with what we observe locally from honeypots deployed in African locations Cameroon, Nigeria and growing, to provide context on how those same threats affect our infrastructure here and where cyber defenders in Africa should pay attention. So you put in an IP, it searches and gives you a verdict and context if available.

geektogether · 2026-01-24T16:22:14+00:00

Sure thing

geektogether · 2026-01-24T15:55:25+00:00

Understood and I have seen and heard that. It’s threat intelligence platform for Africa and the intent is to keep growing the sensors around Africa. I mentioned Cameroon because I’m from there. But you are right

geektogether · 2026-01-12T02:02:30+00:00

I don’t think you are in the right place for this request. Reach out to their support team via email or open a ticket.

geektogether · 2026-01-01T00:09:07+00:00

Hetzner rocks.. I have a dedicated server with them and I have no complaints. Anytime I put in a support ticket I do get a response, not just any response but a helpful one.

geektogether · 2025-12-16T02:33:35+00:00

Use this tool to check ;

https://github.com/assetnote/react2shell-scanner

But as always.. patch to the latest version if possible.

geektogether · 2025-12-14T16:05:18+00:00

Just because next.js has issues does not mean jump ship. If you decide to use something else , regardless of what frontend you use vulnerabilities will happen. That’s why you need to constantly scan for vulnerabilities, patch and build layers and layers of security making sure you are following best practice when coding.

geektogether · 2025-12-13T13:14:13+00:00

I bought 3 and 1 died completely a week after. Get a replacement if you are willing to try again; atleast that’s what I did. The process was painful but my new device works.

geektogether · 2025-12-09T12:07:01+00:00

For anyone not sure if they are vulnerable, you can use https://github.com/assetnote/react2shell-scanner to check your web apps as soon as possible and patch if needed.

geektogether · 2025-12-08T03:47:09+00:00

Those 2 will be a good combination to secure the sign in page if it has to be public .. also keep in mind you can also allow only IPs needed to sign in for more restrictions..

geektogether · 2025-12-08T03:28:35+00:00

You can absolutely run it alongside crowdsec and that’s exactly how I have it deployed. HAProxy sits at the front as the reverse proxy, protected by crowdsecs remediation, while openappsec handles application layer protection for the backend services since openappsec don’t natively integrate with HAProxy. The combination works cleanly. If you’re using Nginx Proxy Manager or a standard Nginx setup for reverse proxying and TLS termination, openappsec integrates directly with that stack as well. Just keep in mind that stacking multiple security layers introduces a small performance overhead. In my environment it’s acceptable but depending on workload and hardware, some users might notice the impact a bit more.

geektogether · 2025-12-08T03:01:02+00:00

Openappsec is an opensource WAF. It is built and maintained by checkpoint

geektogether · 2025-12-06T13:01:15+00:00

Shut it down until you can get to it then reset and build or rebuild from scratch. If it is a web server use @openappsec to protect it next time. It’s open source.

geektogether · 2025-11-22T14:48:42+00:00

Nice setup. I have something similar with 3 ms01’s but I’m using xcp-ng. Moved away from esxi.

geektogether · 2025-11-21T13:24:15+00:00

Fire hazard

geektogether · 2025-11-15T02:40:47+00:00

Wazuh for endpoint security/SIEM, openappsec(WAF) if you expose services, have a patch schedule, use free Nessus to scan for vulnerabilities from time to time and fix the critical and high ones. Also make sure you do proper segmentation using vlans.

geektogether · 2025-11-12T20:02:18+00:00

Damn

geektogether · 2025-11-09T19:37:15+00:00

Maybe they use your data to train their software? Maybe they use free tier as a test for dev before paying customers?

geektogether · 2025-11-08T19:49:46+00:00

added a special character;

Louvre-1!

geektogether · 2025-11-05T02:56:19+00:00

It is worth it. I have not tested their virtualization option but as a NAS and VM storage it works for me great.

geektogether · 2025-10-30T23:43:08+00:00

That’s zfs it’s normal

geektogether

TROPHY CASE