LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Fri Jan 19 11:16:38 EST 2018

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1279N/AN/AN/AN/AN/A
ALL Hosts This Month 17 82,996 4,882.12 1,919.09 4,756 7,786 1,964
ALL Hosts Last Month 29 134,971 4,654.17 1,961.82 4,245 8,597 1,885
ALL Hosts This Year 17 82,996 4,882.12 1,919.09 4,756 7,786 1,964
ALL Hosts Since Logging Started 1,073 110,845,486 103,304.27 73,910.72 95,789 518,642 0
ALL Hosts Normalized Since Logging Started 4,804 65,643,707 13,664.39 20,816.08 6,082.5 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today19N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 41.41 10.79 42 64 18
ALL Hosts Last Month 29N/A 43.31 18.35 46 72 13
ALL Hosts This Year 17N/A 41.41 10.79 42 64 18
ALL Hosts Since Logging Started 1,073N/A 145.94 156.27 40 1,076 0
ALL Hosts Normalized Since Logging Started 1,073N/A 145.94 156.27 40 1,076 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1268N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 3,833.12 1,567.25 4,019 6,271 1,548
ALL Hosts Last Month 29N/A 3,448.66 1,366.74 3,068 7,193 1,758
ALL Hosts This Year 17N/A 3,833.12 1,567.25 4,019 6,271 1,548
ALL Hosts Since Logging Started 1,073N/A 28,569.71 16,460.09 31,473 98,969 0
ALL Hosts Normalized Since Logging Started 1,073N/A 28,569.71 16,460.09 31,473 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today143N/AN/AN/AN/AN/A
ALL Hosts This Month 17N/A 38.00 24.18 27 110 10
ALL Hosts Last Month 29N/A 31.83 20.07 33 101 6
ALL Hosts This Year 17N/A 38.00 24.18 27 110 10
ALL Hosts Since Logging Started 1,073N/A 268.44 329.20 277 5,697 0
ALL Hosts Normalized Since Logging Started 1,073N/A 268.44 329.20 277 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 12 0 0.00 0.00 0 0 0
blackridge Last Month 23 0 0.00 0.00 0 0 0
blackridge This Year 12 0 0.00 0.00 0 0 0
blackridge Since Logging Started 910 150,274 165.14 3,707.69 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 12N/A 0.00 0.00 0 0 0
blackridge Last Month 23N/A 0.00 0.00 0 0 0
blackridge This Year 12N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 910N/A 1.37 7.46 0 70 0
blackridge Normalized Since Logging Started 910N/A 1.37 7.46 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 12N/A 0.00 0.00 0 0 0
blackridge Last Month 23N/A 0.00 0.00 0 0 0
blackridge This Year 12N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 910N/A 102.39 2,478.91 0 73,698 0
blackridge Normalized Since Logging Started 910N/A 102.39 2,478.91 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 12N/A 0.00 0.00 0 0 0
blackridge Last Month 23N/A 0.00 0.00 0 0 0
blackridge This Year 12N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 910N/A 0.64 3.26 0 41 0
blackridge Normalized Since Logging Started 910N/A 0.64 3.26 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 16 0 0.00 0.00 0 0 0
erhp Last Month 28 0 0.00 0.00 0 0 0
erhp This Year 16 0 0.00 0.00 0 0 0
erhp Since Logging Started 1,008 303,459 301.05 1,918.47 9 31,241 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 16N/A 0.00 0.00 0 0 0
erhp Last Month 28N/A 0.00 0.00 0 0 0
erhp This Year 16N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,008N/A 11.22 23.36 1 255 0
erhp Normalized Since Logging Started 1,008N/A 11.22 23.36 1 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 16N/A 0.00 0.00 0 0 0
erhp Last Month 28N/A 0.00 0.00 0 0 0
erhp This Year 16N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,008N/A 205.43 1,582.41 82.5 26,034 0
erhp Normalized Since Logging Started 1,008N/A 205.43 1,582.41 82.5 26,034 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 16N/A 0.00 0.00 0 0 0
erhp Last Month 28N/A 0.00 0.00 0 0 0
erhp This Year 16N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,008N/A 11.90 21.44 14 231 0
erhp Normalized Since Logging Started 1,008N/A 11.90 21.44 14 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 15 0 0.00 0.00 0 0 0
erhp2 Last Month 26 0 0.00 0.00 0 0 0
erhp2 This Year 15 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 974 26,970 27.69 196.78 0 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 15N/A 0.00 0.00 0 0 0
erhp2 Last Month 26N/A 0.00 0.00 0 0 0
erhp2 This Year 15N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 974N/A 3.27 18.40 0 380 0
erhp2 Normalized Since Logging Started 974N/A 3.27 18.40 0 380 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 15N/A 0.00 0.00 0 0 0
erhp2 Last Month 26N/A 0.00 0.00 0 0 0
erhp2 This Year 15N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 974N/A 19.43 120.16 0 2,661 0
erhp2 Normalized Since Logging Started 974N/A 19.43 120.16 0 2,661 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 15N/A 0.00 0.00 0 0 0
erhp2 Last Month 26N/A 0.00 0.00 0 0 0
erhp2 This Year 15N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 974N/A 6.89 21.65 0 337 0
erhp2 Normalized Since Logging Started 974N/A 6.89 21.65 0 337 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 15 0 0.00 0.00 0 0 0
syrtest Last Month 25 0 0.00 0.00 0 0 0
syrtest This Year 15 0 0.00 0.00 0 0 0
syrtest Since Logging Started 973 11,897,488 12,227.63 15,355.30 7,292 121,449 0
syrtest Normalized Since Logging Started 972 11,897,483 12,240.21 15,358.19 7,301.5 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 15N/A 0.00 0.00 0 0 0
syrtest Last Month 25N/A 0.00 0.00 0 0 0
syrtest This Year 15N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 974N/A 21.96 33.47 36 375 0
syrtest Normalized Since Logging Started 974N/A 21.96 33.47 36 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 15N/A 0.00 0.00 0 0 0
syrtest Last Month 25N/A 0.00 0.00 0 0 0
syrtest This Year 15N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 974N/A 7,649.78 8,141.06 11,554.5 43,291 0
syrtest Normalized Since Logging Started 974N/A 7,649.78 8,141.06 11,554.5 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 15N/A 0.00 0.00 0 0 0
syrtest Last Month 25N/A 0.00 0.00 0 0 0
syrtest This Year 15N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 974N/A 51.52 103.33 136.5 1,396 0
syrtest Normalized Since Logging Started 974N/A 51.52 103.33 136.5 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 13 0 0.00 0.00 0 0 0
edu_c Last Month 22 0 0.00 0.00 0 0 0
edu_c This Year 13 0 0.00 0.00 0 0 0
edu_c Since Logging Started 935 23,272,208 24,890.06 33,010.79 14,419 235,429 0
edu_c Normalized Since Logging Started 932 23,233,262 24,928.39 33,046.05 14,445.5 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 13N/A 0.00 0.00 0 0 0
edu_c Last Month 22N/A 0.00 0.00 0 0 0
edu_c This Year 13N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 936N/A 21.01 31.83 3 342 0
edu_c Normalized Since Logging Started 936N/A 21.01 31.83 3 342 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 13N/A 0.00 0.00 0 0 0
edu_c Last Month 22N/A 0.00 0.00 0 0 0
edu_c This Year 13N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 936N/A 13,914.89 14,589.52 24,832.5 64,863 0
edu_c Normalized Since Logging Started 936N/A 13,914.89 14,589.52 24,832.5 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 13N/A 0.00 0.00 0 0 0
edu_c Last Month 22N/A 0.00 0.00 0 0 0
edu_c This Year 13N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 936N/A 51.23 102.36 22 1,382 0
edu_c Normalized Since Logging Started 936N/A 51.23 102.36 22 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 15 0 0.00 0.00 0 0 0
shepherd Last Month 22 34,300 1,559.09 996.49 1,461.5 4,480 196
shepherd This Year 15 0 0.00 0.00 0 0 0
shepherd Since Logging Started 1,034 11,843,922 11,454.47 14,858.18 6,201 116,607 0
shepherd Normalized Since Logging Started 1,033 11,840,021 11,461.78 14,863.51 6,212 116,607 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 15N/A 0.00 0.00 0 0 0
shepherd Last Month 22N/A 10.14 5.78 18.5 22 1
shepherd This Year 15N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 1,034N/A 26.07 36.63 30 400 0
shepherd Normalized Since Logging Started 1,034N/A 26.07 36.63 30 400 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 15N/A 0.00 0.00 0 0 0
shepherd Last Month 22N/A 1,381.41 846.80 1,722.5 3,830 196
shepherd This Year 15N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 1,034N/A 7,532.52 8,826.16 13,565 52,383 0
shepherd Normalized Since Logging Started 1,034N/A 7,532.52 8,826.16 13,565 52,383 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 15N/A 0.00 0.00 0 0 0
shepherd Last Month 22N/A 9.05 10.56 2 49 1
shepherd This Year 15N/A 0.00 0.00 0 0 0
shepherd Since Logging Started 1,034N/A 62.58 146.42 149.5 2,400 0
shepherd Normalized Since Logging Started 1,034N/A 62.58 146.42 149.5 2,400 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17 0 0.00 0.00 0 0 0
AWS Last Month 25 0 0.00 0.00 0 0 0
AWS This Year 17 0 0.00 0.00 0 0 0
AWS Since Logging Started 668 10,326,463 15,458.78 19,164.88 8,500 119,665 0
AWS Normalized Since Logging Started 668 10,326,463 15,458.78 19,164.88 8,500 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 25N/A 0.00 0.00 0 0 0
AWS This Year 17N/A 0.00 0.00 0 0 0
AWS Since Logging Started 668N/A 15.93 19.61 25.5 91 0
AWS Normalized Since Logging Started 668N/A 15.93 19.61 25.5 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 25N/A 0.00 0.00 0 0 0
AWS This Year 17N/A 0.00 0.00 0 0 0
AWS Since Logging Started 668N/A 8,023.15 8,961.74 10,692.5 45,440 0
AWS Normalized Since Logging Started 668N/A 8,023.15 8,961.74 10,692.5 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 17N/A 0.00 0.00 0 0 0
AWS Last Month 25N/A 0.00 0.00 0 0 0
AWS This Year 17N/A 0.00 0.00 0 0 0
AWS Since Logging Started 668N/A 35.70 71.15 22 734 0
AWS Normalized Since Logging Started 668N/A 35.70 71.15 22 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2