SSH – Somewhat Secure Host
Honeypots are a proven technology for network defence and forensics. This paper focuses on attacks directed to network devices that utilise SSH services. The research uses the SSH honeypot Kippo to gather data about attacks on the SSH service. Kippo uses python and SSL to generate mock SSH services and also provides a filesystem honeypot for attackers to interact with. The preliminary research has found that attacks of this type are manifest, have a variety of profiles and may be launched from a variety of platforms.
Keywordskippo ssh honeypot python cyber attack
Unable to display preview. Download preview PDF.
- Andersson, K., Szewczyk, P.: Insecurity By Obscurity Continues: Are ADSL Router Manuals Putting End-Users At Risk. In: Williams, T., Valli, C. (eds.) The 9th Australian Information Security Management Conference, Citigate Hotel, Perth, Western Australia, Secau - Security Research Centre, Edith Cowan University, Perth, Western Australia 19-24 (2011)Google Scholar
- Szewczyk, P.: ADSL Router Forensics Part 2: Acquiring Evidence. In: The 7th Australian Digital Forensics Conference, Kings Hotel, Perth, Western Australia, Secau - Security Research Centre, School of Computer and Security Science, Edith Cowan University, Perth, Western Australia (2009)Google Scholar
- Szewczyk, P.: Analysis of Data Remaining on Second Hand ADSL Routers. Journal of Digital Forensics, Security and Law 6(3), 17–30 (2011)Google Scholar