LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Thu Dec 13 09:14:42 EST 2018

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1528N/AN/AN/AN/AN/A
ALL Hosts This Month 11 40,165 3,651.36 756.27 3,793 4,689 2,228
ALL Hosts Last Month 30 99,055 3,301.83 1,357.11 2,911 8,138 960
ALL Hosts This Year 345 1,284,661 3,723.66 1,719.37 3,313 8,184 530
ALL Hosts Since Logging Started 1,401 112,047,151 79,976.55 77,231.64 66,543 518,642 0
ALL Hosts Normalized Since Logging Started 6,501 66,010,031 10,153.83 18,846.77 1,238 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today132N/AN/AN/AN/AN/A
ALL Hosts This Month 11N/A 173.91 168.60 332 513 15
ALL Hosts Last Month 30N/A 39.80 18.46 38.5 81 7
ALL Hosts This Year 345N/A 91.01 65.67 45 513 7
ALL Hosts Since Logging Started 1,401N/A 133.68 142.21 41 1,076 0
ALL Hosts Normalized Since Logging Started 1,401N/A 133.68 142.21 41 1,076 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1359N/AN/AN/AN/AN/A
ALL Hosts This Month 11N/A 2,518.82 464.73 2,564 3,309 1,810
ALL Hosts Last Month 30N/A 2,354.47 978.28 2,070 5,750 917
ALL Hosts This Year 345N/A 2,824.91 1,376.16 2,713 6,473 322
ALL Hosts Since Logging Started 1,401N/A 22,530.14 18,090.16 30,353 98,969 0
ALL Hosts Normalized Since Logging Started 1,401N/A 22,530.14 18,090.16 30,353 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today136N/AN/AN/AN/AN/A
ALL Hosts This Month 11N/A 212.82 240.89 36 767 12
ALL Hosts Last Month 30N/A 54.37 61.90 152.5 302 3
ALL Hosts This Year 345N/A 91.82 85.22 38 767 3
ALL Hosts Since Logging Started 1,401N/A 227.74 300.27 30 5,697 0
ALL Hosts Normalized Since Logging Started 1,401N/A 227.74 300.27 30 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 9 0 0.00 0.00 0 0 0
blackridge Last Month 22 0 0.00 0.00 0 0 0
blackridge This Year 264 0 0.00 0.00 0 0 0
blackridge Since Logging Started 1,162 150,274 129.32 3,281.82 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 9N/A 0.00 0.00 0 0 0
blackridge Last Month 22N/A 0.00 0.00 0 0 0
blackridge This Year 264N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,162N/A 1.07 6.62 0 70 0
blackridge Normalized Since Logging Started 1,162N/A 1.07 6.62 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 9N/A 0.00 0.00 0 0 0
blackridge Last Month 22N/A 0.00 0.00 0 0 0
blackridge This Year 264N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,162N/A 80.18 2,194.11 0 73,698 0
blackridge Normalized Since Logging Started 1,162N/A 80.18 2,194.11 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 9N/A 0.00 0.00 0 0 0
blackridge Last Month 22N/A 0.00 0.00 0 0 0
blackridge This Year 264N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,162N/A 0.50 2.90 0 41 0
blackridge Normalized Since Logging Started 1,162N/A 0.50 2.90 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 12 0 0.00 0.00 0 0 0
erhp Last Month 28 0 0.00 0.00 0 0 0
erhp This Year 327 0 0.00 0.00 0 0 0
erhp Since Logging Started 1,319 303,459 230.07 1,681.98 0 31,241 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 12N/A 0.00 0.00 0 0 0
erhp Last Month 28N/A 0.00 0.00 0 0 0
erhp This Year 327N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,319N/A 8.57 20.97 0 255 0
erhp Normalized Since Logging Started 1,319N/A 8.57 20.97 0 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 12N/A 0.00 0.00 0 0 0
erhp Last Month 28N/A 0.00 0.00 0 0 0
erhp This Year 327N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,319N/A 156.99 1,386.08 0 26,034 0
erhp Normalized Since Logging Started 1,319N/A 156.99 1,386.08 0 26,034 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 12N/A 0.00 0.00 0 0 0
erhp Last Month 28N/A 0.00 0.00 0 0 0
erhp This Year 327N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,319N/A 9.10 19.41 0 231 0
erhp Normalized Since Logging Started 1,319N/A 9.10 19.41 0 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 9 0 0.00 0.00 0 0 0
erhp2 Last Month 28 0 0.00 0.00 0 0 0
erhp2 This Year 305 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,264 26,970 21.34 173.13 0 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 9N/A 0.00 0.00 0 0 0
erhp2 Last Month 28N/A 0.00 0.00 0 0 0
erhp2 This Year 305N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,264N/A 2.52 16.21 0 380 0
erhp2 Normalized Since Logging Started 1,264N/A 2.52 16.21 0 380 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 9N/A 0.00 0.00 0 0 0
erhp2 Last Month 28N/A 0.00 0.00 0 0 0
erhp2 This Year 305N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,264N/A 14.97 105.79 0 2,661 0
erhp2 Normalized Since Logging Started 1,264N/A 14.97 105.79 0 2,661 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 9N/A 0.00 0.00 0 0 0
erhp2 Last Month 28N/A 0.00 0.00 0 0 0
erhp2 This Year 305N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,264N/A 5.31 19.23 0 337 0
erhp2 Normalized Since Logging Started 1,264N/A 5.31 19.23 0 337 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 10 0 0.00 0.00 0 0 0
syrtest Last Month 29 0 0.00 0.00 0 0 0
syrtest This Year 324 0 0.00 0.00 0 0 0
syrtest Since Logging Started 1,282 11,897,488 9,280.41 14,363.34 2,846 121,449 0
syrtest Normalized Since Logging Started 1,281 11,897,483 9,287.65 14,366.61 2,847 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 10N/A 0.00 0.00 0 0 0
syrtest Last Month 29N/A 0.00 0.00 0 0 0
syrtest This Year 324N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,283N/A 16.67 30.63 18 375 0
syrtest Normalized Since Logging Started 1,283N/A 16.67 30.63 18 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 10N/A 0.00 0.00 0 0 0
syrtest Last Month 29N/A 0.00 0.00 0 0 0
syrtest This Year 324N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,283N/A 5,807.39 7,811.15 16,031 43,291 0
syrtest Normalized Since Logging Started 1,283N/A 5,807.39 7,811.15 16,031 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 10N/A 0.00 0.00 0 0 0
syrtest Last Month 29N/A 0.00 0.00 0 0 0
syrtest This Year 324N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,283N/A 39.12 92.69 16 1,396 0
syrtest Normalized Since Logging Started 1,283N/A 39.12 92.69 16 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 9 0 0.00 0.00 0 0 0
edu_c Last Month 24 0 0.00 0.00 0 0 0
edu_c This Year 287 0 0.00 0.00 0 0 0
edu_c Since Logging Started 1,209 23,272,208 19,249.14 30,843.63 6,157 235,429 0
edu_c Normalized Since Logging Started 1,206 23,233,262 19,264.73 30,871.37 6,161.5 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 9N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 287N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,210N/A 16.25 29.34 160.5 342 0
edu_c Normalized Since Logging Started 1,210N/A 16.25 29.34 160.5 342 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 9N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 287N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,210N/A 10,763.91 14,091.52 17,242 64,863 0
edu_c Normalized Since Logging Started 1,210N/A 10,763.91 14,091.52 17,242 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 9N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 287N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,210N/A 39.63 92.55 148 1,382 0
edu_c Normalized Since Logging Started 1,210N/A 39.63 92.55 148 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today1152N/AN/AN/AN/AN/A
shepherd This Month 8 8,076 1,009.50 499.67 1,120 1,556 86
shepherd Last Month 28 24,310 868.21 1,003.37 648 5,432 12
shepherd This Year 279 302,210 1,083.19 1,044.05 805 5,432 0
shepherd Since Logging Started 1,298 12,146,132 9,357.57 13,903.43 3,148 116,607 0
shepherd Normalized Since Logging Started 1,297 12,142,231 9,361.78 13,907.96 3,129 116,607 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today19N/AN/AN/AN/AN/A
shepherd This Month 8N/A 63.12 62.96 15 201 5
shepherd Last Month 28N/A 12.82 7.64 21 29 1
shepherd This Year 279N/A 24.54 26.48 26 201 0
shepherd Since Logging Started 1,298N/A 26.04 34.81 3 400 0
shepherd Normalized Since Logging Started 1,298N/A 26.04 34.81 3 400 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today1149N/AN/AN/AN/AN/A
shepherd This Month 8N/A 915.25 459.13 988 1,472 68
shepherd Last Month 28N/A 773.75 808.72 340.5 4,211 12
shepherd This Year 279N/A 928.78 893.69 244 4,260 0
shepherd Since Logging Started 1,298N/A 6,200.12 8,316.92 1,366.5 52,383 0
shepherd Normalized Since Logging Started 1,298N/A 6,200.12 8,316.92 1,366.5 52,383 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today115N/AN/AN/AN/AN/A
shepherd This Month 8N/A 95.75 108.25 20 341 5
shepherd Last Month 28N/A 12.00 8.46 21 39 1
shepherd This Year 279N/A 29.25 53.26 24 354 0
shepherd Since Logging Started 1,298N/A 56.14 133.56 27 2,400 0
shepherd Normalized Since Logging Started 1,298N/A 56.14 133.56 27 2,400 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 10 0 0.00 0.00 0 0 0
AWS Last Month 27 0 0.00 0.00 0 0 0
AWS This Year 316 0 0.00 0.00 0 0 0
AWS Since Logging Started 967 10,326,463 10,678.87 17,457.62 9 119,665 0
AWS Normalized Since Logging Started 967 10,326,463 10,678.87 17,457.62 9 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 10N/A 0.00 0.00 0 0 0
AWS Last Month 27N/A 0.00 0.00 0 0 0
AWS This Year 316N/A 0.00 0.00 0 0 0
AWS Since Logging Started 967N/A 11.01 17.89 10 91 0
AWS Normalized Since Logging Started 967N/A 11.01 17.89 10 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 10N/A 0.00 0.00 0 0 0
AWS Last Month 27N/A 0.00 0.00 0 0 0
AWS This Year 316N/A 0.00 0.00 0 0 0
AWS Since Logging Started 967N/A 5,542.36 8,320.41 10,868 45,440 0
AWS Normalized Since Logging Started 967N/A 5,542.36 8,320.41 10,868 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 10N/A 0.00 0.00 0 0 0
AWS Last Month 27N/A 0.00 0.00 0 0 0
AWS This Year 316N/A 0.00 0.00 0 0 0
AWS Since Logging Started 967N/A 24.66 61.40 10 734 0
AWS Normalized Since Logging Started 967N/A 24.66 61.40 10 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2