LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Fri Apr 20 20:13:48 EDT 2018

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today11,624N/AN/AN/AN/AN/A
ALL Hosts This Month 19 91,709 4,826.79 1,330.74 4,856 7,300 2,488
ALL Hosts Last Month 31 135,490 4,370.65 1,539.88 4,030 7,729 2,532
ALL Hosts This Year 109 498,029 4,569.07 1,657.54 4,264 8,184 1,964
ALL Hosts Since Logging Started 1,165 111,260,519 95,502.59 75,772.59 87,074 518,642 0
ALL Hosts Normalized Since Logging Started 5,265 65,801,101 12,497.83 20,238.82 4,452 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today187N/AN/AN/AN/AN/A
ALL Hosts This Month 19N/A 100.95 30.30 60 189 60
ALL Hosts Last Month 31N/A 72.61 33.06 53 166 20
ALL Hosts This Year 109N/A 69.32 30.96 53 189 18
ALL Hosts Since Logging Started 1,165N/A 140.29 151.46 41 1,076 0
ALL Hosts Normalized Since Logging Started 1,165N/A 140.29 151.46 41 1,076 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today11439N/AN/AN/AN/AN/A
ALL Hosts This Month 19N/A 3,852.84 1,212.37 4,008 6,272 1,831
ALL Hosts Last Month 31N/A 3,465.00 1,215.42 3,067 6,381 1,818
ALL Hosts This Year 109N/A 3,566.02 1,320.80 3,417 6,473 1,548
ALL Hosts Since Logging Started 1,165N/A 26,591.27 17,184.78 31,473 98,969 0
ALL Hosts Normalized Since Logging Started 1,165N/A 26,591.27 17,184.78 31,473 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today143N/AN/AN/AN/AN/A
ALL Hosts This Month 19N/A 96.05 44.11 40 217 34
ALL Hosts Last Month 31N/A 83.13 52.52 35 224 20
ALL Hosts This Year 109N/A 77.61 50.85 40 285 10
ALL Hosts Since Logging Started 1,165N/A 253.95 320.11 285 5,697 0
ALL Hosts Normalized Since Logging Started 1,165N/A 253.95 320.11 285 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 13 0 0.00 0.00 0 0 0
blackridge Last Month 23 0 0.00 0.00 0 0 0
blackridge This Year 80 0 0.00 0.00 0 0 0
blackridge Since Logging Started 978 150,274 153.65 3,576.72 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 13N/A 0.00 0.00 0 0 0
blackridge Last Month 23N/A 0.00 0.00 0 0 0
blackridge This Year 80N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 978N/A 1.27 7.20 0 70 0
blackridge Normalized Since Logging Started 978N/A 1.27 7.20 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 13N/A 0.00 0.00 0 0 0
blackridge Last Month 23N/A 0.00 0.00 0 0 0
blackridge This Year 80N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 978N/A 95.27 2,391.32 0 73,698 0
blackridge Normalized Since Logging Started 978N/A 95.27 2,391.32 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 13N/A 0.00 0.00 0 0 0
blackridge Last Month 23N/A 0.00 0.00 0 0 0
blackridge This Year 80N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 978N/A 0.59 3.15 0 41 0
blackridge Normalized Since Logging Started 978N/A 0.59 3.15 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 17 0 0.00 0.00 0 0 0
erhp Last Month 30 0 0.00 0.00 0 0 0
erhp This Year 101 0 0.00 0.00 0 0 0
erhp Since Logging Started 1,093 303,459 277.64 1,844.13 4 31,241 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 17N/A 0.00 0.00 0 0 0
erhp Last Month 30N/A 0.00 0.00 0 0 0
erhp This Year 101N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,093N/A 10.35 22.63 1 255 0
erhp Normalized Since Logging Started 1,093N/A 10.35 22.63 1 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 17N/A 0.00 0.00 0 0 0
erhp Last Month 30N/A 0.00 0.00 0 0 0
erhp This Year 101N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,093N/A 189.46 1,520.63 13 26,034 0
erhp Normalized Since Logging Started 1,093N/A 189.46 1,520.63 13 26,034 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 17N/A 0.00 0.00 0 0 0
erhp Last Month 30N/A 0.00 0.00 0 0 0
erhp This Year 101N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,093N/A 10.98 20.83 11 231 0
erhp Normalized Since Logging Started 1,093N/A 10.98 20.83 11 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 16 0 0.00 0.00 0 0 0
erhp2 Last Month 29 0 0.00 0.00 0 0 0
erhp2 This Year 93 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,052 26,970 25.64 189.48 0 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 16N/A 0.00 0.00 0 0 0
erhp2 Last Month 29N/A 0.00 0.00 0 0 0
erhp2 This Year 93N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,052N/A 3.02 17.73 0 380 0
erhp2 Normalized Since Logging Started 1,052N/A 3.02 17.73 0 380 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 16N/A 0.00 0.00 0 0 0
erhp2 Last Month 29N/A 0.00 0.00 0 0 0
erhp2 This Year 93N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,052N/A 17.99 115.73 0 2,661 0
erhp2 Normalized Since Logging Started 1,052N/A 17.99 115.73 0 2,661 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 16N/A 0.00 0.00 0 0 0
erhp2 Last Month 29N/A 0.00 0.00 0 0 0
erhp2 This Year 93N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,052N/A 6.38 20.91 0 337 0
erhp2 Normalized Since Logging Started 1,052N/A 6.38 20.91 0 337 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 19 0 0.00 0.00 0 0 0
syrtest Last Month 30 0 0.00 0.00 0 0 0
syrtest This Year 99 0 0.00 0.00 0 0 0
syrtest Since Logging Started 1,057 11,897,488 11,255.90 15,099.18 6,603 121,449 0
syrtest Normalized Since Logging Started 1,056 11,897,483 11,266.56 15,102.35 6,622 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 19N/A 0.00 0.00 0 0 0
syrtest Last Month 30N/A 0.00 0.00 0 0 0
syrtest This Year 99N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,058N/A 20.22 32.65 3 375 0
syrtest Normalized Since Logging Started 1,058N/A 20.22 32.65 3 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 19N/A 0.00 0.00 0 0 0
syrtest Last Month 30N/A 0.00 0.00 0 0 0
syrtest This Year 99N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,058N/A 7,042.42 8,080.35 20,680.5 43,291 0
syrtest Normalized Since Logging Started 1,058N/A 7,042.42 8,080.35 20,680.5 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 19N/A 0.00 0.00 0 0 0
syrtest Last Month 30N/A 0.00 0.00 0 0 0
syrtest This Year 99N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,058N/A 47.43 100.12 115.5 1,396 0
syrtest Normalized Since Logging Started 1,058N/A 47.43 100.12 115.5 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 17 0 0.00 0.00 0 0 0
edu_c Last Month 24 0 0.00 0.00 0 0 0
edu_c This Year 88 0 0.00 0.00 0 0 0
edu_c Since Logging Started 1,010 23,272,208 23,041.79 32,425.00 11,097.5 235,429 0
edu_c Normalized Since Logging Started 1,007 23,233,262 23,071.76 32,458.33 11,124 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 17N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 88N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,011N/A 19.45 31.12 25 342 0
edu_c Normalized Since Logging Started 1,011N/A 19.45 31.12 25 342 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 17N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 88N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,011N/A 12,882.63 14,503.86 22,353 64,863 0
edu_c Normalized Since Logging Started 1,011N/A 12,882.63 14,503.86 22,353 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 17N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 88N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,011N/A 47.43 99.40 2 1,382 0
edu_c Normalized Since Logging Started 1,011N/A 47.43 99.40 2 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today1566N/AN/AN/AN/AN/A
shepherd This Month 15 28,882 1,925.47 935.58 1,609 4,223 743
shepherd Last Month 26 35,984 1,384.00 882.89 1,301.5 3,530 182
shepherd This Year 88 93,280 1,060.00 985.01 913 4,223 0
shepherd Since Logging Started 1,107 11,937,202 10,783.38 14,582.36 5,378 116,607 0
shepherd Normalized Since Logging Started 1,106 11,933,301 10,789.60 14,587.48 5,397.5 116,607 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today116N/AN/AN/AN/AN/A
shepherd This Month 15N/A 25.27 14.11 24 60 7
shepherd Last Month 26N/A 15.04 9.95 15 40 3
shepherd This Year 88N/A 11.75 11.82 17 60 0
shepherd Since Logging Started 1,107N/A 25.29 35.65 3 400 0
shepherd Normalized Since Logging Started 1,107N/A 25.29 35.65 3 400 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today1553N/AN/AN/AN/AN/A
shepherd This Month 15N/A 1,747.07 787.06 1,926 3,731 681
shepherd Last Month 26N/A 1,246.23 772.32 1,122.5 3,179 170
shepherd This Year 88N/A 958.49 872.52 1,438.5 3,731 0
shepherd Since Logging Started 1,107N/A 7,111.99 8,678.39 2,388 52,383 0
shepherd Normalized Since Logging Started 1,107N/A 7,111.99 8,678.39 2,388 52,383 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today111N/AN/AN/AN/AN/A
shepherd This Month 15N/A 19.07 10.07 19 50 5
shepherd Last Month 26N/A 15.92 17.58 32 82 1
shepherd This Year 88N/A 13.19 22.64 10.5 183 0
shepherd Since Logging Started 1,107N/A 59.50 142.11 27 2,400 0
shepherd Normalized Since Logging Started 1,107N/A 59.50 142.11 27 2,400 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 18 0 0.00 0.00 0 0 0
AWS Last Month 30 0 0.00 0.00 0 0 0
AWS This Year 98 0 0.00 0.00 0 0 0
AWS Since Logging Started 749 10,326,463 13,787.00 18,724.87 5,656 119,665 0
AWS Normalized Since Logging Started 749 10,326,463 13,787.00 18,724.87 5,656 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 18N/A 0.00 0.00 0 0 0
AWS Last Month 30N/A 0.00 0.00 0 0 0
AWS This Year 98N/A 0.00 0.00 0 0 0
AWS Since Logging Started 749N/A 14.21 19.17 17 91 0
AWS Normalized Since Logging Started 749N/A 14.21 19.17 17 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 18N/A 0.00 0.00 0 0 0
AWS Last Month 30N/A 0.00 0.00 0 0 0
AWS This Year 98N/A 0.00 0.00 0 0 0
AWS Since Logging Started 749N/A 7,155.49 8,822.47 16,960 45,440 0
AWS Normalized Since Logging Started 749N/A 7,155.49 8,822.47 16,960 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 18N/A 0.00 0.00 0 0 0
AWS Last Month 30N/A 0.00 0.00 0 0 0
AWS This Year 98N/A 0.00 0.00 0 0 0
AWS Since Logging Started 749N/A 31.84 68.10 18 734 0
AWS Normalized Since Logging Started 749N/A 31.84 68.10 18 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2