LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Sun Jun 24 10:13:43 EDT 2018

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1289N/AN/AN/AN/AN/A
ALL Hosts This Month 23 57,503 2,500.13 1,069.53 2,057 5,429 1,125
ALL Hosts Last Month 31 110,050 3,550.00 1,739.19 3,093 7,353 1,020
ALL Hosts This Year 174 716,475 4,117.67 1,741.89 3,832 8,184 1,020
ALL Hosts Since Logging Started 1,230 111,478,965 90,633.30 76,571.31 82,548 518,642 0
ALL Hosts Normalized Since Logging Started 5,603 65,871,937 11,756.55 19,836.40 3,222 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today113N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 109.87 52.66 43 231 38
ALL Hosts Last Month 31N/A 192.81 75.16 224 315 42
ALL Hosts This Year 174N/A 102.33 67.28 45 315 18
ALL Hosts Since Logging Started 1,230N/A 141.21 148.45 40 1,076 0
ALL Hosts Normalized Since Logging Started 1,230N/A 141.21 148.45 40 1,076 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1276N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 1,943.48 869.04 1,857 4,476 914
ALL Hosts Last Month 31N/A 2,755.13 1,431.10 2,566 6,138 757
ALL Hosts This Year 174N/A 3,195.41 1,393.82 2,962.5 6,473 757
ALL Hosts Since Logging Started 1,230N/A 25,322.06 17,569.01 17,125 98,969 0
ALL Hosts Normalized Since Logging Started 1,230N/A 25,322.06 17,569.01 17,125 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today113N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 138.13 137.72 41 539 33
ALL Hosts Last Month 31N/A 119.81 46.83 177 202 27
ALL Hosts This Year 174N/A 94.98 72.28 36.5 539 10
ALL Hosts Since Logging Started 1,230N/A 247.09 313.59 285 5,697 0
ALL Hosts Normalized Since Logging Started 1,230N/A 247.09 313.59 285 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 14 0 0.00 0.00 0 0 0
blackridge Last Month 25 0 0.00 0.00 0 0 0
blackridge This Year 130 0 0.00 0.00 0 0 0
blackridge Since Logging Started 1,028 150,274 146.18 3,488.81 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 14N/A 0.00 0.00 0 0 0
blackridge Last Month 25N/A 0.00 0.00 0 0 0
blackridge This Year 130N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,028N/A 1.21 7.03 0 70 0
blackridge Normalized Since Logging Started 1,028N/A 1.21 7.03 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 14N/A 0.00 0.00 0 0 0
blackridge Last Month 25N/A 0.00 0.00 0 0 0
blackridge This Year 130N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,028N/A 90.64 2,332.53 0 73,698 0
blackridge Normalized Since Logging Started 1,028N/A 90.64 2,332.53 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 14N/A 0.00 0.00 0 0 0
blackridge Last Month 25N/A 0.00 0.00 0 0 0
blackridge This Year 130N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,028N/A 0.57 3.07 0 41 0
blackridge Normalized Since Logging Started 1,028N/A 0.57 3.07 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 23 0 0.00 0.00 0 0 0
erhp Last Month 30 0 0.00 0.00 0 0 0
erhp This Year 165 0 0.00 0.00 0 0 0
erhp Since Logging Started 1,157 303,459 262.28 1,793.52 3 31,241 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 23N/A 0.00 0.00 0 0 0
erhp Last Month 30N/A 0.00 0.00 0 0 0
erhp This Year 165N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,157N/A 9.78 22.12 1 255 0
erhp Normalized Since Logging Started 1,157N/A 9.78 22.12 1 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 23N/A 0.00 0.00 0 0 0
erhp Last Month 30N/A 0.00 0.00 0 0 0
erhp This Year 165N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,157N/A 178.98 1,478.61 11 26,034 0
erhp Normalized Since Logging Started 1,157N/A 178.98 1,478.61 11 26,034 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 23N/A 0.00 0.00 0 0 0
erhp Last Month 30N/A 0.00 0.00 0 0 0
erhp This Year 165N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,157N/A 10.37 20.40 1 231 0
erhp Normalized Since Logging Started 1,157N/A 10.37 20.40 1 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 19 0 0.00 0.00 0 0 0
erhp2 Last Month 30 0 0.00 0.00 0 0 0
erhp2 This Year 153 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,112 26,970 24.25 184.39 0 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 19N/A 0.00 0.00 0 0 0
erhp2 Last Month 30N/A 0.00 0.00 0 0 0
erhp2 This Year 153N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,112N/A 2.86 17.26 0 380 0
erhp2 Normalized Since Logging Started 1,112N/A 2.86 17.26 0 380 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 19N/A 0.00 0.00 0 0 0
erhp2 Last Month 30N/A 0.00 0.00 0 0 0
erhp2 This Year 153N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,112N/A 17.02 112.64 0 2,661 0
erhp2 Normalized Since Logging Started 1,112N/A 17.02 112.64 0 2,661 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 19N/A 0.00 0.00 0 0 0
erhp2 Last Month 30N/A 0.00 0.00 0 0 0
erhp2 This Year 153N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,112N/A 6.04 20.39 0 337 0
erhp2 Normalized Since Logging Started 1,112N/A 6.04 20.39 0 337 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 21 0 0.00 0.00 0 0 0
syrtest Last Month 31 0 0.00 0.00 0 0 0
syrtest This Year 162 0 0.00 0.00 0 0 0
syrtest Since Logging Started 1,120 11,897,488 10,622.76 14,895.86 5,673.5 121,449 0
syrtest Normalized Since Logging Started 1,119 11,897,483 10,632.25 14,899.13 5,676 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 21N/A 0.00 0.00 0 0 0
syrtest Last Month 31N/A 0.00 0.00 0 0 0
syrtest This Year 162N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,121N/A 19.08 32.06 25 375 0
syrtest Normalized Since Logging Started 1,121N/A 19.08 32.06 25 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 21N/A 0.00 0.00 0 0 0
syrtest Last Month 31N/A 0.00 0.00 0 0 0
syrtest This Year 162N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,121N/A 6,646.64 8,015.81 18,801 43,291 0
syrtest Normalized Since Logging Started 1,121N/A 6,646.64 8,015.81 18,801 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 21N/A 0.00 0.00 0 0 0
syrtest Last Month 31N/A 0.00 0.00 0 0 0
syrtest This Year 162N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,121N/A 44.77 97.88 2 1,396 0
syrtest Normalized Since Logging Started 1,121N/A 44.77 97.88 2 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 19 0 0.00 0.00 0 0 0
edu_c Last Month 26 0 0.00 0.00 0 0 0
edu_c This Year 142 0 0.00 0.00 0 0 0
edu_c Since Logging Started 1,064 23,272,208 21,872.38 31,993.73 9,584.5 235,429 0
edu_c Normalized Since Logging Started 1,061 23,233,262 21,897.51 32,025.55 9,589 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 19N/A 0.00 0.00 0 0 0
edu_c Last Month 26N/A 0.00 0.00 0 0 0
edu_c This Year 142N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,065N/A 18.46 30.62 210 342 0
edu_c Normalized Since Logging Started 1,065N/A 18.46 30.62 210 342 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 19N/A 0.00 0.00 0 0 0
edu_c Last Month 26N/A 0.00 0.00 0 0 0
edu_c This Year 142N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,065N/A 12,229.42 14,411.24 208 64,863 0
edu_c Normalized Since Logging Started 1,065N/A 12,229.42 14,411.24 208 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 19N/A 0.00 0.00 0 0 0
edu_c Last Month 26N/A 0.00 0.00 0 0 0
edu_c This Year 142N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,065N/A 45.02 97.41 18 1,382 0
edu_c Normalized Since Logging Started 1,065N/A 45.02 97.41 18 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today1140N/AN/AN/AN/AN/A
shepherd This Month 16 23,068 1,441.75 860.37 1,182.5 3,849 234
shepherd Last Month 23 28,676 1,246.78 790.61 1,184 3,044 89
shepherd This Year 136 164,116 1,206.74 978.90 1,183 4,645 0
shepherd Since Logging Started 1,155 12,008,038 10,396.57 14,397.67 4,452 116,607 0
shepherd Normalized Since Logging Started 1,154 12,004,137 10,402.20 14,402.63 4,453 116,607 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today17N/AN/AN/AN/AN/A
shepherd This Month 16N/A 34.69 16.54 33.5 62 8
shepherd Last Month 23N/A 70.13 38.49 46 148 13
shepherd This Year 136N/A 26.04 29.68 21 148 0
shepherd Since Logging Started 1,155N/A 26.41 36.00 30 400 0
shepherd Normalized Since Logging Started 1,155N/A 26.41 36.00 30 400 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today1126N/AN/AN/AN/AN/A
shepherd This Month 16N/A 1,215.50 730.38 1,777.5 3,352 203
shepherd Last Month 23N/A 1,019.17 684.41 2,304 2,351 64
shepherd This Year 136N/A 1,061.40 859.06 1,774 4,105 0
shepherd Since Logging Started 1,155N/A 6,868.38 8,577.86 235 52,383 0
shepherd Normalized Since Logging Started 1,155N/A 6,868.38 8,577.86 235 52,383 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today19N/AN/AN/AN/AN/A
shepherd This Month 16N/A 70.12 108.65 29.5 354 5
shepherd Last Month 23N/A 48.91 24.51 41 98 13
shepherd This Year 136N/A 26.92 47.64 24.5 354 0
shepherd Since Logging Started 1,155N/A 59.19 139.81 28 2,400 0
shepherd Normalized Since Logging Started 1,155N/A 59.19 139.81 28 2,400 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 20 0 0.00 0.00 0 0 0
AWS Last Month 30 0 0.00 0.00 0 0 0
AWS This Year 159 0 0.00 0.00 0 0 0
AWS Since Logging Started 810 10,326,463 12,748.72 18,369.89 3,568.5 119,665 0
AWS Normalized Since Logging Started 810 10,326,463 12,748.72 18,369.89 3,568.5 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 20N/A 0.00 0.00 0 0 0
AWS Last Month 30N/A 0.00 0.00 0 0 0
AWS This Year 159N/A 0.00 0.00 0 0 0
AWS Since Logging Started 810N/A 13.14 18.81 14 91 0
AWS Normalized Since Logging Started 810N/A 13.14 18.81 14 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 20N/A 0.00 0.00 0 0 0
AWS Last Month 30N/A 0.00 0.00 0 0 0
AWS This Year 159N/A 0.00 0.00 0 0 0
AWS Since Logging Started 810N/A 6,616.62 8,691.36 15,129.5 45,440 0
AWS Normalized Since Logging Started 810N/A 6,616.62 8,691.36 15,129.5 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 20N/A 0.00 0.00 0 0 0
AWS Last Month 30N/A 0.00 0.00 0 0 0
AWS This Year 159N/A 0.00 0.00 0 0 0
AWS Since Logging Started 810N/A 29.44 66.03 14 734 0
AWS Normalized Since Logging Started 810N/A 29.44 66.03 14 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2