Abstract
This paper is an investigation focusing on activities detected by SSH honeypots that utilised kippo honeypot software. The honeypots were located across a variety of geographical locations and operational platforms. The honeynet has suffered prolonged, persistent and attack from a /24 network which appears to be of Chinese geographical origin. In addition to these attacks, other attackers have been successful in compromising real hosts in a wide range of other countries that were subsequently involved in attacking the honeypot machines in the honeynet.
Document Type
Conference Proceeding
Date of Publication
2015
Publisher
Association of Digital Forensics, Security and Law
School
School of Science
RAS ID
19455
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.
Comments
Valli, C., Rabadia, P., & Woodard, A. (2015). A Profile of Prolonged, Persistent SSH Attack on a Kippo Based Honeynet. Annual Conference on Digital Forensics, Security and Law. 23 - 32 Available here