Two of my favourite (so far) non-bot script kiddie attacks against my Kippo SSH honeypot.

I've been running a honeypot on a server running Nepenthes, which is apt-get installable on Debian Lenny at time of writing.

Nepenthes works by starting up a bunch of emulated vulnerable services on all the typical ports you'd expect. It then monitors and reports on automated sniffers and malware attacks that think they're delivering payload to a real service.

The server has been running for 24 hours - here are my stats using the Submissions2stat.py log parser by Andrew Waite.