Title

SSH -- Somewhat Secure Host

Document Type

Conference Proceeding

Publisher

Springer

Faculty

Faculty of Computing, Health and Science

School

ECU Security Research Institute

RAS ID

14083

Comments

This article was originally published as: Valli, C. (2012). SSH -- Somewhat Secure Host. Proceedings of 4th International Symposium on Cyberspace Safety and Security CSS 2012. (pp. 227-235). Melbourne, Australia. Springer. Original article available here

Abstract

Honeypots are a proven technology for network defence and forensics. This paper focuses on attacks directed to network devices that utilise SSH services. The research uses the SSH honeypot Kippo to gather data about attacks on the SSH service. Kippo uses python and SSL to generate mock SSH services and also provides a filesystem honeypot for attackers to interact with. The preliminary research has found that attacks of this type are manifest, have a variety of profiles and may be launched from a variety of platforms.

Share

 
COinS