The attached slides were part of my presentation at SecureWorld Philadelphia in May of 2010.  The presentation covered data collected using a customized installation of the Kojoney low interaction SSH honeypot software.  The data was not surprising but we were able to discern interesting trends and devise some effective defensive strategies.

Slides