Using Kojoney Open Source Low Interaction Honeypot to Develop Defensive Strategies and Fingerprint Post-Compromise Behavior

The attached slides were part of my presentation at SecureWorld Philadelphia in May of 2010.  The presentation covered data collected using a customized installation of the Kojoney low interaction SSH honeypot software.  The data was not surprising but we were able to discern interesting trends and devise some effective defensive strategies.

kojoney_secureworld.ppt241 KB