LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Sun Oct 22 18:11:20 EDT 2017

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today19,561N/AN/AN/AN/AN/A
ALL Hosts This Month 21 745,191 35,485.29 17,269.11 34,071 69,346 2,171
ALL Hosts Last Month 30 942,671 31,422.37 14,558.31 29,834 62,753 9,269
ALL Hosts This Year 266 28,263,080 106,252.18 62,323.24 105,514 286,797 2,171
ALL Hosts Since Logging Started 997 110,492,478 110,824.95 71,275.43 100,968 518,642 0
ALL Hosts Normalized Since Logging Started 4,431 65,495,843 14,781.28 21,298.62 7,340 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1203N/AN/AN/AN/AN/A
ALL Hosts This Month 21N/A 141.71 57.91 166 252 43
ALL Hosts Last Month 30N/A 110.33 35.04 138.5 224 54
ALL Hosts This Year 266N/A 268.94 144.70 340 993 43
ALL Hosts Since Logging Started 997N/A 152.44 159.93 398 1,076 0
ALL Hosts Normalized Since Logging Started 997N/A 152.44 159.93 398 1,076 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today15678N/AN/AN/AN/AN/A
ALL Hosts This Month 21N/A 20,753.48 9,671.67 28,409 37,092 443
ALL Hosts Last Month 30N/A 19,277.07 8,564.56 24,774.5 38,261 6,812
ALL Hosts This Year 266N/A 31,518.55 13,549.54 31,402.5 69,448 443
ALL Hosts Since Logging Started 997N/A 30,485.96 15,476.69 31,473 98,969 0
ALL Hosts Normalized Since Logging Started 997N/A 30,485.96 15,476.69 31,473 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1108N/AN/AN/AN/AN/A
ALL Hosts This Month 21N/A 160.76 98.12 205 432 31
ALL Hosts Last Month 30N/A 181.97 162.36 346.5 860 38
ALL Hosts This Year 266N/A 257.67 180.66 260 1,313 30
ALL Hosts Since Logging Started 997N/A 284.85 335.70 271 5,697 0
ALL Hosts Normalized Since Logging Started 997N/A 284.85 335.70 271 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 20 0 0.00 0.00 0 0 0
blackridge Last Month 30 567 18.90 45.06 0 168 0
blackridge This Year 252 5,421 21.51 75.66 0 463 0
blackridge Since Logging Started 852 150,274 176.38 3,831.56 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 20N/A 0.00 0.00 0 0 0
blackridge Last Month 30N/A 3.70 8.55 0 29 0
blackridge This Year 252N/A 3.58 12.45 0 70 0
blackridge Since Logging Started 852N/A 1.46 7.70 0 70 0
blackridge Normalized Since Logging Started 852N/A 1.46 7.70 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 20N/A 0.00 0.00 0 0 0
blackridge Last Month 30N/A 6.73 15.18 0 47 0
blackridge This Year 252N/A 4.48 15.58 0 92 0
blackridge Since Logging Started 852N/A 109.36 2,561.75 0 73,698 0
blackridge Normalized Since Logging Started 852N/A 109.36 2,561.75 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 20N/A 0.00 0.00 0 0 0
blackridge Last Month 30N/A 1.33 3.32 0 15 0
blackridge This Year 252N/A 1.21 4.83 0 41 0
blackridge Since Logging Started 852N/A 0.68 3.36 0 41 0
blackridge Normalized Since Logging Started 852N/A 0.68 3.36 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 20 0 0.00 0.00 0 0 0
erhp Last Month 30 1,046 34.87 66.94 0 193 0
erhp This Year 247 237,493 961.51 3,709.96 254 31,241 0
erhp Since Logging Started 934 303,459 324.90 1,991.08 13 31,241 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 20N/A 0.00 0.00 0 0 0
erhp Last Month 30N/A 7.77 15.46 0 49 0
erhp This Year 247N/A 33.99 25.40 40 176 0
erhp Since Logging Started 934N/A 12.11 24.04 11 255 0
erhp Normalized Since Logging Started 934N/A 12.11 24.04 11 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 20N/A 0.00 0.00 0 0 0
erhp Last Month 30N/A 10.97 20.17 0 58 0
erhp This Year 247N/A 659.81 3,093.86 35 26,034 0
erhp Since Logging Started 934N/A 221.71 1,642.81 19 26,034 0
erhp Normalized Since Logging Started 934N/A 221.71 1,642.81 19 26,034 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 20N/A 0.00 0.00 0 0 0
erhp Last Month 30N/A 2.97 6.37 0 25 0
erhp This Year 247N/A 19.65 24.49 24 141 0
erhp Since Logging Started 934N/A 12.84 21.99 17 231 0
erhp Normalized Since Logging Started 934N/A 12.84 21.99 17 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 20 0 0.00 0.00 0 0 0
erhp2 Last Month 30 0 0.00 0.00 0 0 0
erhp2 This Year 247 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 902 26,970 29.90 204.32 0 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 20N/A 0.00 0.00 0 0 0
erhp2 Last Month 30N/A 0.00 0.00 0 0 0
erhp2 This Year 247N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 902N/A 3.53 19.10 0 380 0
erhp2 Normalized Since Logging Started 902N/A 3.53 19.10 0 380 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 20N/A 0.00 0.00 0 0 0
erhp2 Last Month 30N/A 0.00 0.00 0 0 0
erhp2 This Year 247N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 902N/A 20.98 124.73 0 2,661 0
erhp2 Normalized Since Logging Started 902N/A 20.98 124.73 0 2,661 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 20N/A 0.00 0.00 0 0 0
erhp2 Last Month 30N/A 0.00 0.00 0 0 0
erhp2 This Year 247N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 902N/A 7.44 22.41 0 337 0
erhp2 Normalized Since Logging Started 902N/A 7.44 22.41 0 337 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 20 0 0.00 0.00 0 0 0
syrtest Last Month 30 7,078 235.93 551.80 0 2,340 0
syrtest This Year 243 3,464,586 14,257.56 15,585.85 10,313 93,261 0
syrtest Since Logging Started 904 11,897,488 13,160.94 15,540.24 8,576 121,449 0
syrtest Normalized Since Logging Started 903 11,897,483 13,175.51 15,542.67 8,642 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 20N/A 0.00 0.00 0 0 0
syrtest Last Month 30N/A 1.50 4.27 0 22 0
syrtest This Year 244N/A 37.94 32.84 42 372 0
syrtest Since Logging Started 905N/A 23.63 34.14 4 375 0
syrtest Normalized Since Logging Started 905N/A 23.63 34.14 4 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 20N/A 0.00 0.00 0 0 0
syrtest Last Month 30N/A 219.40 503.86 0 2,112 0
syrtest This Year 244N/A 9,210.60 8,909.05 12,462 43,073 0
syrtest Since Logging Started 905N/A 8,233.02 8,156.48 2,672 43,291 0
syrtest Normalized Since Logging Started 905N/A 8,233.02 8,156.48 2,672 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 20N/A 0.00 0.00 0 0 0
syrtest Last Month 30N/A 1.10 3.42 0 18 0
syrtest This Year 244N/A 69.67 104.20 29 752 0
syrtest Since Logging Started 905N/A 55.45 106.18 28 1,396 0
syrtest Normalized Since Logging Started 905N/A 55.45 106.18 28 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 20 0 0.00 0.00 0 0 0
edu_c Last Month 30 0 0.00 0.00 0 0 0
edu_c This Year 240 4,589,360 19,122.33 23,305.14 11,097.5 147,005 0
edu_c Since Logging Started 875 23,272,208 26,596.81 33,452.08 16,480 235,429 0
edu_c Normalized Since Logging Started 872 23,233,262 26,643.65 33,488.52 16,538 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 20N/A 0.00 0.00 0 0 0
edu_c Last Month 30N/A 0.00 0.00 0 0 0
edu_c This Year 241N/A 35.45 38.48 39 342 0
edu_c Since Logging Started 876N/A 22.45 32.41 34 342 0
edu_c Normalized Since Logging Started 876N/A 22.45 32.41 34 342 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 20N/A 0.00 0.00 0 0 0
edu_c Last Month 30N/A 0.00 0.00 0 0 0
edu_c This Year 241N/A 11,609.59 12,523.13 18,909 54,136 0
edu_c Since Logging Started 876N/A 14,867.96 14,603.52 27,269 64,863 0
edu_c Normalized Since Logging Started 876N/A 14,867.96 14,603.52 27,269 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 20N/A 0.00 0.00 0 0 0
edu_c Last Month 30N/A 0.00 0.00 0 0 0
edu_c This Year 241N/A 54.38 86.26 189 710 0
edu_c Since Logging Started 876N/A 54.74 104.90 253.5 1,382 0
edu_c Normalized Since Logging Started 876N/A 54.74 104.90 253.5 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today1318N/AN/AN/AN/AN/A
shepherd This Month 20 282,340 14,117.00 11,454.40 15,557 33,819 85
shepherd Last Month 30 381,588 12,719.60 8,784.75 11,260.5 30,176 127
shepherd This Year 244 5,147,270 21,095.37 21,014.83 14,915 116,607 0
shepherd Since Logging Started 971 11,780,121 12,131.95 15,082.15 6,965 116,607 0
shepherd Normalized Since Logging Started 970 11,776,220 12,140.43 15,087.61 6,971 116,607 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today153N/AN/AN/AN/AN/A
shepherd This Month 20N/A 44.50 24.16 33 97 10
shepherd Last Month 30N/A 30.60 12.81 30.5 65 11
shepherd This Year 244N/A 45.93 34.73 43 377 0
shepherd Since Logging Started 971N/A 27.06 37.43 32 400 0
shepherd Normalized Since Logging Started 971N/A 27.06 37.43 32 400 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today181N/AN/AN/AN/AN/A
shepherd This Month 20N/A 10,270.10 8,657.45 25,030.5 25,893 35
shepherd Last Month 30N/A 10,073.40 7,055.66 2,554.5 23,335 76
shepherd This Year 244N/A 13,229.58 11,717.59 22,830.5 52,383 0
shepherd Since Logging Started 971N/A 7,964.72 8,934.83 25 52,383 0
shepherd Normalized Since Logging Started 971N/A 7,964.72 8,934.83 25 52,383 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today138N/AN/AN/AN/AN/A
shepherd This Month 20N/A 60.10 63.45 137 246 8
shepherd Last Month 30N/A 60.60 138.78 27 793 4
shepherd This Year 244N/A 65.95 97.98 32 795 0
shepherd Since Logging Started 971N/A 66.01 150.41 28 2,400 0
shepherd Normalized Since Logging Started 971N/A 66.01 150.41 28 2,400 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 20 0 0.00 0.00 0 0 0
AWS Last Month 30 0 0.00 0.00 0 0 0
AWS This Year 237 5,197,525 21,930.49 24,449.42 14,513 113,611 0
AWS Since Logging Started 599 10,326,463 17,239.50 19,465.43 11,905 119,665 0
AWS Normalized Since Logging Started 599 10,326,463 17,239.50 19,465.43 11,905 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 20N/A 0.00 0.00 0 0 0
AWS Last Month 30N/A 0.00 0.00 0 0 0
AWS This Year 237N/A 28.74 26.75 30 91 0
AWS Since Logging Started 599N/A 17.77 19.91 34 91 0
AWS Normalized Since Logging Started 599N/A 17.77 19.91 34 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 20N/A 0.00 0.00 0 0 0
AWS Last Month 30N/A 0.00 0.00 0 0 0
AWS This Year 237N/A 11,035.18 11,562.51 15,715 45,440 0
AWS Since Logging Started 599N/A 8,947.35 9,016.38 2,171 45,440 0
AWS Normalized Since Logging Started 599N/A 8,947.35 9,016.38 2,171 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 20N/A 0.00 0.00 0 0 0
AWS Last Month 30N/A 0.00 0.00 0 0 0
AWS This Year 237N/A 31.46 45.48 15 283 0
AWS Since Logging Started 599N/A 39.81 74.04 27 734 0
AWS Normalized Since Logging Started 599N/A 39.81 74.04 27 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2