LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Tue Oct 16 13:14:03 EDT 2018

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today11,591N/AN/AN/AN/AN/A
ALL Hosts This Month 14 57,514 4,108.14 1,233.51 3,734.5 7,453 2,872
ALL Hosts Last Month 30 105,988 3,532.93 1,407.35 3,189 7,236 1,514
ALL Hosts This Year 287 1,082,089 3,770.34 1,763.46 3,361 8,184 530
ALL Hosts Since Logging Started 1,343 111,844,579 83,279.66 77,192.54 72,387 518,642 0
ALL Hosts Normalized Since Logging Started 6,196 65,967,249 10,646.75 19,170.11 1,744 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today136N/AN/AN/AN/AN/A
ALL Hosts This Month 14N/A 64.29 22.78 58 110 28
ALL Hosts Last Month 30N/A 91.97 36.12 34 153 24
ALL Hosts This Year 287N/A 95.46 58.18 46 315 18
ALL Hosts Since Logging Started 1,343N/A 136.47 143.35 41 1,076 0
ALL Hosts Normalized Since Logging Started 1,343N/A 136.47 143.35 41 1,076 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1945N/AN/AN/AN/AN/A
ALL Hosts This Month 14N/A 3,022.79 1,039.25 2,495 5,717 2,034
ALL Hosts Last Month 30N/A 2,583.17 1,062.02 2,303.5 5,234 1,206
ALL Hosts This Year 287N/A 2,888.45 1,417.52 2,824 6,473 322
ALL Hosts Since Logging Started 1,343N/A 23,394.73 17,979.96 30,782 98,969 0
ALL Hosts Normalized Since Logging Started 1,343N/A 23,394.73 17,979.96 30,782 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today129N/AN/AN/AN/AN/A
ALL Hosts This Month 14N/A 85.50 34.37 43.5 153 36
ALL Hosts Last Month 30N/A 95.17 65.94 60.5 355 14
ALL Hosts This Year 287N/A 92.68 72.19 390 539 6
ALL Hosts Since Logging Started 1,343N/A 233.80 304.01 298 5,697 0
ALL Hosts Normalized Since Logging Started 1,343N/A 233.80 304.01 298 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 10 0 0.00 0.00 0 0 0
blackridge Last Month 22 0 0.00 0.00 0 0 0
blackridge This Year 219 0 0.00 0.00 0 0 0
blackridge Since Logging Started 1,117 150,274 134.53 3,347.17 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 10N/A 0.00 0.00 0 0 0
blackridge Last Month 22N/A 0.00 0.00 0 0 0
blackridge This Year 219N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,117N/A 1.11 6.75 0 70 0
blackridge Normalized Since Logging Started 1,117N/A 1.11 6.75 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 10N/A 0.00 0.00 0 0 0
blackridge Last Month 22N/A 0.00 0.00 0 0 0
blackridge This Year 219N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,117N/A 83.41 2,237.81 0 73,698 0
blackridge Normalized Since Logging Started 1,117N/A 83.41 2,237.81 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 10N/A 0.00 0.00 0 0 0
blackridge Last Month 22N/A 0.00 0.00 0 0 0
blackridge This Year 219N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,117N/A 0.52 2.95 0 41 0
blackridge Normalized Since Logging Started 1,117N/A 0.52 2.95 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 14 0 0.00 0.00 0 0 0
erhp Last Month 29 0 0.00 0.00 0 0 0
erhp This Year 272 0 0.00 0.00 0 0 0
erhp Since Logging Started 1,264 303,459 240.08 1,717.48 0 31,241 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 14N/A 0.00 0.00 0 0 0
erhp Last Month 29N/A 0.00 0.00 0 0 0
erhp This Year 272N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,264N/A 8.95 21.34 1 255 0
erhp Normalized Since Logging Started 1,264N/A 8.95 21.34 1 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 14N/A 0.00 0.00 0 0 0
erhp Last Month 29N/A 0.00 0.00 0 0 0
erhp This Year 272N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,264N/A 163.83 1,415.52 1 26,034 0
erhp Normalized Since Logging Started 1,264N/A 163.83 1,415.52 1 26,034 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 14N/A 0.00 0.00 0 0 0
erhp Last Month 29N/A 0.00 0.00 0 0 0
erhp This Year 272N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,264N/A 9.49 19.73 1 231 0
erhp Normalized Since Logging Started 1,264N/A 9.49 19.73 1 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 13 0 0.00 0.00 0 0 0
erhp2 Last Month 26 0 0.00 0.00 0 0 0
erhp2 This Year 254 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,213 26,970 22.23 176.67 0 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 13N/A 0.00 0.00 0 0 0
erhp2 Last Month 26N/A 0.00 0.00 0 0 0
erhp2 This Year 254N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,213N/A 2.62 16.54 0 380 0
erhp2 Normalized Since Logging Started 1,213N/A 2.62 16.54 0 380 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 13N/A 0.00 0.00 0 0 0
erhp2 Last Month 26N/A 0.00 0.00 0 0 0
erhp2 This Year 254N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,213N/A 15.60 107.95 0 2,661 0
erhp2 Normalized Since Logging Started 1,213N/A 15.60 107.95 0 2,661 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 13N/A 0.00 0.00 0 0 0
erhp2 Last Month 26N/A 0.00 0.00 0 0 0
erhp2 This Year 254N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,213N/A 5.53 19.60 0 337 0
erhp2 Normalized Since Logging Started 1,213N/A 5.53 19.60 0 337 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 14 0 0.00 0.00 0 0 0
syrtest Last Month 28 0 0.00 0.00 0 0 0
syrtest This Year 268 0 0.00 0.00 0 0 0
syrtest Since Logging Started 1,226 11,897,488 9,704.31 14,547.00 3,975.5 121,449 0
syrtest Normalized Since Logging Started 1,225 11,897,483 9,712.23 14,550.30 4,042 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 14N/A 0.00 0.00 0 0 0
syrtest Last Month 28N/A 0.00 0.00 0 0 0
syrtest This Year 268N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,227N/A 17.43 31.11 2 375 0
syrtest Normalized Since Logging Started 1,227N/A 17.43 31.11 2 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 14N/A 0.00 0.00 0 0 0
syrtest Last Month 28N/A 0.00 0.00 0 0 0
syrtest This Year 268N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,227N/A 6,072.44 7,886.02 17,079 43,291 0
syrtest Normalized Since Logging Started 1,227N/A 6,072.44 7,886.02 17,079 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 14N/A 0.00 0.00 0 0 0
syrtest Last Month 28N/A 0.00 0.00 0 0 0
syrtest This Year 268N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,227N/A 40.90 94.40 168 1,396 0
syrtest Normalized Since Logging Started 1,227N/A 40.90 94.40 168 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 14 0 0.00 0.00 0 0 0
edu_c Last Month 24 0 0.00 0.00 0 0 0
edu_c This Year 240 0 0.00 0.00 0 0 0
edu_c Since Logging Started 1,162 23,272,208 20,027.72 31,212.43 7,484.5 235,429 0
edu_c Normalized Since Logging Started 1,159 23,233,262 20,045.96 31,241.46 7,519 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 14N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 240N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,163N/A 16.91 29.74 19 342 0
edu_c Normalized Since Logging Started 1,163N/A 16.91 29.74 19 342 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 14N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 240N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,163N/A 11,198.91 14,202.96 18,461 64,863 0
edu_c Normalized Since Logging Started 1,163N/A 11,198.91 14,202.96 18,461 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 14N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 240N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,163N/A 41.23 94.05 154 1,382 0
edu_c Normalized Since Logging Started 1,163N/A 41.23 94.05 154 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today1408N/AN/AN/AN/AN/A
shepherd This Month 14 12,127 866.21 923.44 548 3,862 132
shepherd Last Month 22 25,231 1,146.86 1,230.87 564 4,581 143
shepherd This Year 230 259,428 1,127.95 1,037.87 827 4,645 0
shepherd Since Logging Started 1,249 12,103,350 9,690.43 14,068.09 3,590 116,607 0
shepherd Normalized Since Logging Started 1,248 12,099,449 9,695.07 14,072.77 3,588.5 116,607 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today115N/AN/AN/AN/AN/A
shepherd This Month 14N/A 23.14 12.78 24.5 53 2
shepherd Last Month 22N/A 26.91 13.96 31.5 54 7
shepherd This Year 230N/A 25.21 24.83 27 148 0
shepherd Since Logging Started 1,249N/A 26.23 34.87 30 400 0
shepherd Normalized Since Logging Started 1,249N/A 26.23 34.87 30 400 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today1396N/AN/AN/AN/AN/A
shepherd This Month 14N/A 721.36 790.33 427 3,264 93
shepherd Last Month 22N/A 953.09 1,032.05 381.5 3,743 98
shepherd This Year 230N/A 961.47 896.89 232.5 4,105 0
shepherd Since Logging Started 1,249N/A 6,412.94 8,405.71 2,477 52,383 0
shepherd Normalized Since Logging Started 1,249N/A 6,412.94 8,405.71 2,477 52,383 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today115N/AN/AN/AN/AN/A
shepherd This Month 14N/A 25.07 16.26 22.5 71 1
shepherd Last Month 22N/A 45.23 71.52 26 319 6
shepherd This Year 230N/A 29.94 53.04 24.5 354 0
shepherd Since Logging Started 1,249N/A 57.32 135.60 27 2,400 0
shepherd Normalized Since Logging Started 1,249N/A 57.32 135.60 27 2,400 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 14 0 0.00 0.00 0 0 0
AWS Last Month 27 0 0.00 0.00 0 0 0
AWS This Year 263 0 0.00 0.00 0 0 0
AWS Since Logging Started 914 10,326,463 11,298.10 17,760.77 469 119,665 0
AWS Normalized Since Logging Started 914 10,326,463 11,298.10 17,760.77 469 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 14N/A 0.00 0.00 0 0 0
AWS Last Month 27N/A 0.00 0.00 0 0 0
AWS This Year 263N/A 0.00 0.00 0 0 0
AWS Since Logging Started 914N/A 11.65 18.19 11 91 0
AWS Normalized Since Logging Started 914N/A 11.65 18.19 11 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 14N/A 0.00 0.00 0 0 0
AWS Last Month 27N/A 0.00 0.00 0 0 0
AWS This Year 263N/A 0.00 0.00 0 0 0
AWS Since Logging Started 914N/A 5,863.75 8,447.43 12,148.5 45,440 0
AWS Normalized Since Logging Started 914N/A 5,863.75 8,447.43 12,148.5 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 14N/A 0.00 0.00 0 0 0
AWS Last Month 27N/A 0.00 0.00 0 0 0
AWS This Year 263N/A 0.00 0.00 0 0 0
AWS Since Logging Started 914N/A 26.09 62.85 11 734 0
AWS Normalized Since Logging Started 914N/A 26.09 62.85 11 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2