The paper is devoted to an analysis of a one-year-long period of operation of a honeynet composed of 6 Dionaea honeypots emulating Windows services. The analysis focused on the frequency of attacks according to the location of individual honeypots (sensors) as well as to the geographical location of attackers. From the statistical processing of the results, it was demonstrated that the most frequently attacking malware was well-known Conficker worm. Moreover, attacking OS were studied with the conclusion that Windows is the most frequent OS. Regarding the geographical location of the attackers, several non-western countries and autonomous systems were indicated as being the most frequent origin of the attacks.