Australian Digital Forensics Conference
Document Type
Conference Proceeding
Publisher
SRI Security Research Institute, Edith Cowan University, Perth, Western Australia
Abstract
This is an investigation of the activity detected on three honeypots that utilise the Kippo SSH honeypot system on VPS servers all on the same C class address. The systems ran on identical software bases and hardware configurations. The results are over the period 21st March 2013 until Tuesday 04 June 2013. The initial analysis covered in this paper examines behaviours and patterns detected of the attacking entities. The attack patterns were not consistent and there was large disparity in numbers and magnitude of attacks on all hosts. Some of these issues are explored in the paper.
DOI
10.4225/75/57b3dbc8fb877
Comments
11th Australian Digital Forensics Conference. Held on the 2nd-4th December, 2013 at Edith Cowan University, Perth, Western Australia