Ever wonder what monitoring a honeypot might be like? The folks over at SIG^2 have a Web site online where the handlers who monitor their honeypot post a daily diary. If you read the diary starting on November 2 you can gain some insight into what they've seen and how they work to bait intruders further. Their honeypot was compromised on that date and they've posted an analysis of the intrusion, which occured using Secure Shell (SSH) where they'd set of intentionally weak password.

If you're interested you can follow the ongoing diary using their
RSS feed. They've also published a document, " Survey on Microsoft Windows XP on Service Pack 2 Usage & Experience."