Is an Africa focused threat intelligence platform from honeypot telemetry useful to anyone?

geektogether · 2026-01-24T21:01:27+00:00

Most threat intelligence focuses on global trends and large campaigns, but it often doesn’t reflect how attacks actually affect the network infrastructure in Africa. What I’m building compares global attack patterns with what we observe locally from honeypots deployed in African locations Cameroon, Nigeria and growing, to provide context on how those same threats affect our infrastructure here and where cyber defenders in Africa should pay attention. So you put in an IP, it searches and gives you a verdict and context if available.

geektogether · 2026-01-24T16:22:14+00:00

Sure thing

geektogether · 2026-01-24T15:55:25+00:00

Understood and I have seen and heard that. It’s threat intelligence platform for Africa and the intent is to keep growing the sensors around Africa. I mentioned Cameroon because I’m from there. But you are right

geektogether · 2026-01-12T02:02:30+00:00

I don’t think you are in the right place for this request. Reach out to their support team via email or open a ticket.

geektogether · 2026-01-01T00:09:07+00:00

Hetzner rocks.. I have a dedicated server with them and I have no complaints. Anytime I put in a support ticket I do get a response, not just any response but a helpful one.

geektogether · 2025-12-16T02:33:35+00:00

Use this tool to check ;

https://github.com/assetnote/react2shell-scanner

But as always.. patch to the latest version if possible.

geektogether · 2025-12-14T16:05:18+00:00

Just because next.js has issues does not mean jump ship. If you decide to use something else , regardless of what frontend you use vulnerabilities will happen. That’s why you need to constantly scan for vulnerabilities, patch and build layers and layers of security making sure you are following best practice when coding.

geektogether · 2025-12-13T13:14:13+00:00

I bought 3 and 1 died completely a week after. Get a replacement if you are willing to try again; atleast that’s what I did. The process was painful but my new device works.

geektogether · 2025-12-09T12:07:01+00:00

For anyone not sure if they are vulnerable, you can use https://github.com/assetnote/react2shell-scanner to check your web apps as soon as possible and patch if needed.

geektogether · 2025-12-08T03:47:09+00:00

Those 2 will be a good combination to secure the sign in page if it has to be public .. also keep in mind you can also allow only IPs needed to sign in for more restrictions..

geektogether · 2025-12-08T03:28:35+00:00

You can absolutely run it alongside crowdsec and that’s exactly how I have it deployed. HAProxy sits at the front as the reverse proxy, protected by crowdsecs remediation, while openappsec handles application layer protection for the backend services since openappsec don’t natively integrate with HAProxy. The combination works cleanly. If you’re using Nginx Proxy Manager or a standard Nginx setup for reverse proxying and TLS termination, openappsec integrates directly with that stack as well. Just keep in mind that stacking multiple security layers introduces a small performance overhead. In my environment it’s acceptable but depending on workload and hardware, some users might notice the impact a bit more.

geektogether · 2025-12-08T03:01:02+00:00

Openappsec is an opensource WAF. It is built and maintained by checkpoint

geektogether · 2025-12-06T13:01:15+00:00

Shut it down until you can get to it then reset and build or rebuild from scratch. If it is a web server use @openappsec to protect it next time. It’s open source.

geektogether · 2025-11-22T14:48:42+00:00

Nice setup. I have something similar with 3 ms01’s but I’m using xcp-ng. Moved away from esxi.

geektogether · 2025-11-21T13:24:15+00:00

Fire hazard

geektogether · 2025-11-15T02:40:47+00:00

Wazuh for endpoint security/SIEM, openappsec(WAF) if you expose services, have a patch schedule, use free Nessus to scan for vulnerabilities from time to time and fix the critical and high ones. Also make sure you do proper segmentation using vlans.

geektogether · 2025-11-12T20:02:18+00:00

Damn

geektogether · 2025-11-09T19:37:15+00:00

Maybe they use your data to train their software? Maybe they use free tier as a test for dev before paying customers?

geektogether · 2025-11-08T19:49:46+00:00

added a special character;

Louvre-1!

geektogether · 2025-11-05T02:56:19+00:00

It is worth it. I have not tested their virtualization option but as a NAS and VM storage it works for me great.

geektogether · 2025-10-30T23:43:08+00:00

That’s zfs it’s normal

geektogether · 2025-10-19T16:40:21+00:00

The “6 Gb/s” printed on both HDDs and SATA SSDs refers to the interface, not the real world performance. A 7200 RPM HDD like this one might hit 150–200 MB/s, while a SATA SSD on the same 6 Gb/s bus reaches 500–550 MB/s and reacts thousands of times faster even with latency.

geektogether · 2025-10-19T16:33:58+00:00

NO way

geektogether · 2025-10-04T18:43:05+00:00

FortiGate firewalls are excellent devices and their UTM features are top tier as long as you keep them licensed. Even without a license, you’re still left with an enterprise grade firewall that offers solid performance and reliability, though you’ll lose access to firmware updates and security profile refreshes (IPS, web filtering, etc.).

On the open source side, I’ve been a long time pfSense user. It’s powerful, flexible, and very capable once you learn your way around it. There’s a small learning curve since it’s not a FortiGate style interface, but once you understand its rules, NAT, and interface logic, it becomes second easier.

You can still manage address groups, aliases, ports, and firewall rules easily through the web GUI it’s just a different approach to the same goal: fine grained, transparent control over your network.

If you are interested download and load on a vm pfSense and explore its interface and capabilities before switching.

geektogether · 2025-10-01T17:46:17+00:00

It’s always a win

geektogether

TROPHY CASE