SSH -- Somewhat Secure Host
Faculty of Computing, Health and Science
ECU Security Research Institute
Honeypots are a proven technology for network defence and forensics. This paper focuses on attacks directed to network devices that utilise SSH services. The research uses the SSH honeypot Kippo to gather data about attacks on the SSH service. Kippo uses python and SSL to generate mock SSH services and also provides a filesystem honeypot for attackers to interact with. The preliminary research has found that attacks of this type are manifest, have a variety of profiles and may be launched from a variety of platforms.
Not open access