Still, this leaves you wondering how someone with such little knowledge of even the most basic Linux commands could ssh in there in the first place. Any idea ?
Or a disguised-kiddie which gets very cleverly in but then does very stupid things in order to get caught and get a couple of things:
1. Get others involved by leaving fake tracks.
2. Distract attention.
3. Make you think your honey pot is doing right while some other heavy duty scripts are running on the 'right' direction.
There are tons of brute force ssh bots. All they do is try every password in their password list. If you want to see one, search for brute force ssh bot on YouTube and watch script kiddies teach other script kiddies how to use them.
