LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Mon Jun 17 02:27:07 EDT 2019

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12 44,462 3,705.17 630.58 3,700 4,861 2,651
ALL Hosts Last Month 24 83,958 3,498.25 1,138.96 3,716.5 5,589 1,882
ALL Hosts This Year 144 602,963 4,187.24 1,717.52 3,909 10,389 1,220
ALL Hosts Since Logging Started 1,565 112,743,347 72,040.48 76,668.25 51,843 518,642 0
ALL Hosts Normalized Since Logging Started 7,477 66,241,438 8,859.36 17,889.94 522 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 148.42 25.52 147 187 104
ALL Hosts Last Month 24N/A 192.83 30.66 196.5 246 140
ALL Hosts This Year 144N/A 420.93 271.76 348 1,211 32
ALL Hosts Since Logging Started 1,565N/A 160.18 178.43 40 1,211 0
ALL Hosts Normalized Since Logging Started 1,565N/A 160.18 178.43 40 1,211 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 2,553.75 429.44 2,636 3,228 1,809
ALL Hosts Last Month 24N/A 2,609.42 936.98 2,536 4,614 1,401
ALL Hosts This Year 144N/A 3,058.40 1,387.27 2,750.5 8,001 979
ALL Hosts Since Logging Started 1,565N/A 20,493.42 18,127.41 30,191 98,969 0
ALL Hosts Normalized Since Logging Started 1,565N/A 20,493.42 18,127.41 30,191 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 12N/A 1,237.92 323.79 1,277 1,990 691
ALL Hosts Last Month 24N/A 978.29 263.44 1,000.5 1,544 457
ALL Hosts This Year 144N/A 713.78 371.33 430 1,990 48
ALL Hosts Since Logging Started 1,565N/A 272.06 336.50 302 5,697 0
ALL Hosts Normalized Since Logging Started 1,565N/A 272.06 336.50 302 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 14 0 0.00 0.00 0 0 0
blackridge Last Month 24 0 0.00 0.00 0 0 0
blackridge This Year 151 0 0.00 0.00 0 0 0
blackridge Since Logging Started 1,326 150,274 113.33 3,072.47 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 14N/A 0.00 0.00 0 0 0
blackridge Last Month 24N/A 0.00 0.00 0 0 0
blackridge This Year 151N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,326N/A 0.94 6.21 0 70 0
blackridge Normalized Since Logging Started 1,326N/A 0.94 6.21 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 14N/A 0.00 0.00 0 0 0
blackridge Last Month 24N/A 0.00 0.00 0 0 0
blackridge This Year 151N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,326N/A 70.27 2,054.12 0 73,698 0
blackridge Normalized Since Logging Started 1,326N/A 70.27 2,054.12 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 14N/A 0.00 0.00 0 0 0
blackridge Last Month 24N/A 0.00 0.00 0 0 0
blackridge This Year 151N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,326N/A 0.44 2.72 0 41 0
blackridge Normalized Since Logging Started 1,326N/A 0.44 2.72 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 11 0 0.00 0.00 0 0 0
erhp Last Month 25 0 0.00 0.00 0 0 0
erhp This Year 146 0 0.00 0.00 0 0 0
erhp Since Logging Started 1,483 303,459 204.63 1,587.89 0 31,241 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 11N/A 0.00 0.00 0 0 0
erhp Last Month 25N/A 0.00 0.00 0 0 0
erhp This Year 146N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,483N/A 7.63 19.96 0 255 0
erhp Normalized Since Logging Started 1,483N/A 7.63 19.96 0 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 11N/A 0.00 0.00 0 0 0
erhp Last Month 25N/A 0.00 0.00 0 0 0
erhp This Year 146N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,483N/A 139.63 1,308.12 0 26,034 0
erhp Normalized Since Logging Started 1,483N/A 139.63 1,308.12 0 26,034 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 11N/A 0.00 0.00 0 0 0
erhp Last Month 25N/A 0.00 0.00 0 0 0
erhp This Year 146N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,483N/A 8.09 18.52 0 231 0
erhp Normalized Since Logging Started 1,483N/A 8.09 18.52 0 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 14 0 0.00 0.00 0 0 0
erhp2 Last Month 25 0 0.00 0.00 0 0 0
erhp2 This Year 148 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,431 26,970 18.85 162.86 0 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 14N/A 0.00 0.00 0 0 0
erhp2 Last Month 25N/A 0.00 0.00 0 0 0
erhp2 This Year 148N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,431N/A 2.22 15.26 0 380 0
erhp2 Normalized Since Logging Started 1,431N/A 2.22 15.26 0 380 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 12 0 0.00 0.00 0 0 0
syrtest Last Month 24 0 0.00 0.00 0 0 0
syrtest This Year 142 0 0.00 0.00 0 0 0
syrtest Since Logging Started 1,443 11,897,488 8,244.97 13,850.08 729 121,449 0
syrtest Normalized Since Logging Started 1,442 11,897,483 8,250.68 13,853.18 763.5 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 12N/A 0.00 0.00 0 0 0
syrtest Last Month 24N/A 0.00 0.00 0 0 0
syrtest This Year 142N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,444N/A 14.81 29.35 13 375 0
syrtest Normalized Since Logging Started 1,444N/A 14.81 29.35 13 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 12N/A 0.00 0.00 0 0 0
syrtest Last Month 24N/A 0.00 0.00 0 0 0
syrtest This Year 142N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,444N/A 5,159.89 7,586.32 71.5 43,291 0
syrtest Normalized Since Logging Started 1,444N/A 5,159.89 7,586.32 71.5 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 12N/A 0.00 0.00 0 0 0
syrtest Last Month 24N/A 0.00 0.00 0 0 0
syrtest This Year 142N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,444N/A 34.75 88.23 12 1,396 0
syrtest Normalized Since Logging Started 1,444N/A 34.75 88.23 12 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 13 0 0.00 0.00 0 0 0
edu_c Last Month 24 0 0.00 0.00 0 0 0
edu_c This Year 149 0 0.00 0.00 0 0 0
edu_c Since Logging Started 1,378 23,272,208 16,888.39 29,572.39 1,057.5 235,429 0
edu_c Normalized Since Logging Started 1,375 23,233,262 16,896.92 29,595.82 1,002 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 13N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 149N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,379N/A 14.26 28.00 12 342 0
edu_c Normalized Since Logging Started 1,379N/A 14.26 28.00 12 342 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 13N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 149N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,379N/A 9,444.77 13,663.62 13,861 64,863 0
edu_c Normalized Since Logging Started 1,379N/A 9,444.77 13,663.62 13,861 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 13N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 149N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,379N/A 34.77 87.66 11 1,382 0
edu_c Normalized Since Logging Started 1,379N/A 34.77 87.66 11 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 12 10,827 902.25 327.35 979.5 1,386 0
shepherd Last Month 22 28,324 1,287.45 752.73 1,097 3,172 36
shepherd This Year 144 211,874 1,471.35 908.74 1,169.5 4,597 0
shepherd Since Logging Started 1,460 12,377,539 8,477.77 13,347.05 2,283 116,607 0
shepherd Normalized Since Logging Started 1,459 12,373,638 8,480.90 13,351.09 2,280 116,607 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12 0 0.00 0.00 0 0 0
AWS Last Month 24 0 0.00 0.00 0 0 0
AWS This Year 147 0 0.00 0.00 0 0 0
AWS Since Logging Started 1,132 10,326,463 9,122.32 16,569.39 0 119,665 0
AWS Normalized Since Logging Started 1,132 10,326,463 9,122.32 16,569.39 0 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 24N/A 0.00 0.00 0 0 0
AWS This Year 147N/A 0.00 0.00 0 0 0
AWS Since Logging Started 1,132N/A 9.40 16.98 0 91 0
AWS Normalized Since Logging Started 1,132N/A 9.40 16.98 0 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 24N/A 0.00 0.00 0 0 0
AWS This Year 147N/A 0.00 0.00 0 0 0
AWS Since Logging Started 1,132N/A 4,734.51 7,934.94 0 45,440 0
AWS Normalized Since Logging Started 1,132N/A 4,734.51 7,934.94 0 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 12N/A 0.00 0.00 0 0 0
AWS Last Month 24N/A 0.00 0.00 0 0 0
AWS This Year 147N/A 0.00 0.00 0 0 0
AWS Since Logging Started 1,132N/A 21.07 57.41 0 734 0
AWS Normalized Since Logging Started 1,132N/A 21.07 57.41 0 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2