Proxy Detection and the Comparison of Detection Tools with Verified Data
We used a specific method to detect if an attacker was using a proxy. RDP records the attacker’s IP address, the time they attempted to log in, and the credentials they used. Once the attacker connects to our RDP honeypot, it reveals more information about their real location, such as their...