The project is distributing a specially set-up VM which will pose as an open proxy which hackers scour the 'net for, and then log all the traffic and attempted attacks that are sent through that proxy. I love the idea of setting a snare for the "bad guys", so that they might show us some of the latest techniques they're using to attack websites in the real world.
Now, I suspect that this will only catch those attacks and attackers who aren't smart enough to dig into the actual proxy to see what it's doing... but it will still provide valuable insight into actual attack patterns that are being used in the real world. This is valuable information!
Project Overview (from the site)
From a counter-intelligence perspective, standard honeypot/honeynet technologies have not bared much fruit in the way of web attack data. Web-based honeypots have not been as successful as OS level or other honeypot applications (such as SMTP) due to the lack of their perceived value. Deploying an attractive honeypot web site is a complicated, time-consuming task. Other than a Script Kiddie probing for an easy defacement or an indiscriminant worm, you just won't get much traffic.
So the question is - How can we increase our traffic, and thus, our chances of obtaining valuable web attack reconnaissance?
This project will use one of the web attacker's most trusted tools against them - the Open Proxy server. Instead of being the target of the attacks, we opt to be used as a conduit of the attack data in order to gather our intelligence. By deploying multiple, specially configured open proxy server (or proxypot), we aim to take a birds-eye look at the types of malicious traffic that traverse these systems. The honeypot systems will conduct real-time analysis on the HTTP traffic to categorize the requests into threat classifications outlined by the Web Security Threat Classification and report all logging data to a centralized location.
This is one of the more worthy causees for the use of your power and bandwidth... If you're interested, go download and run the VM and help gather intelligence, and of course, they have a Twitter update stream @WASCHoneyPots!