LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Tue Mar 26 05:19:20 EDT 2019

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23 103,184 4,486.26 1,627.89 3,921 8,780 2,306
ALL Hosts Last Month 25 111,293 4,451.72 1,639.80 4,065 8,704 1,338
ALL Hosts This Year 79 377,576 4,779.44 1,848.69 4,685 10,389 1,306
ALL Hosts Since Logging Started 1,500 112,517,960 75,011.97 76,942.05 58,239 518,642 0
ALL Hosts Normalized Since Logging Started 7,060 66,156,468 9,370.60 18,282.47 794 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 743.35 178.29 721 1,211 481
ALL Hosts Last Month 25N/A 670.08 216.22 601 1,104 187
ALL Hosts This Year 79N/A 517.59 288.91 514 1,211 37
ALL Hosts Since Logging Started 1,500N/A 153.98 175.17 41 1,211 0
ALL Hosts Normalized Since Logging Started 1,500N/A 153.98 175.17 41 1,211 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 3,244.48 1,240.40 2,780 6,633 1,728
ALL Hosts Last Month 25N/A 2,989.28 1,438.75 2,492 6,415 1,083
ALL Hosts This Year 79N/A 3,490.90 1,545.20 3,437 8,001 1,083
ALL Hosts Since Logging Started 1,500N/A 21,271.71 18,116.87 16,836 98,969 0
ALL Hosts Normalized Since Logging Started 1,500N/A 21,271.71 18,116.87 16,836 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today10N/AN/AN/AN/AN/A
ALL Hosts This Month 23N/A 571.35 170.24 592 832 276
ALL Hosts Last Month 25N/A 720.12 304.73 510 1,340 184
ALL Hosts This Year 79N/A 541.96 268.08 461 1,340 68
ALL Hosts Since Logging Started 1,500N/A 243.87 304.96 302.5 5,697 0
ALL Hosts Normalized Since Logging Started 1,500N/A 243.87 304.96 302.5 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 22 0 0.00 0.00 0 0 0
blackridge Last Month 25 0 0.00 0.00 0 0 0
blackridge This Year 77 0 0.00 0.00 0 0 0
blackridge Since Logging Started 1,252 150,274 120.03 3,161.84 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 22N/A 0.00 0.00 0 0 0
blackridge Last Month 25N/A 0.00 0.00 0 0 0
blackridge This Year 77N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,252N/A 0.99 6.39 0 70 0
blackridge Normalized Since Logging Started 1,252N/A 0.99 6.39 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 22N/A 0.00 0.00 0 0 0
blackridge Last Month 25N/A 0.00 0.00 0 0 0
blackridge This Year 77N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,252N/A 74.42 2,113.88 0 73,698 0
blackridge Normalized Since Logging Started 1,252N/A 74.42 2,113.88 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 22N/A 0.00 0.00 0 0 0
blackridge Last Month 25N/A 0.00 0.00 0 0 0
blackridge This Year 77N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,252N/A 0.46 2.79 0 41 0
blackridge Normalized Since Logging Started 1,252N/A 0.46 2.79 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 23 0 0.00 0.00 0 0 0
erhp Last Month 24 0 0.00 0.00 0 0 0
erhp This Year 76 0 0.00 0.00 0 0 0
erhp Since Logging Started 1,413 303,459 214.76 1,626.08 0 31,241 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 23N/A 0.00 0.00 0 0 0
erhp Last Month 24N/A 0.00 0.00 0 0 0
erhp This Year 76N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,413N/A 8.00 20.37 0 255 0
erhp Normalized Since Logging Started 1,413N/A 8.00 20.37 0 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 23N/A 0.00 0.00 0 0 0
erhp Last Month 24N/A 0.00 0.00 0 0 0
erhp This Year 76N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,413N/A 146.55 1,339.76 0 26,034 0
erhp Normalized Since Logging Started 1,413N/A 146.55 1,339.76 0 26,034 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 23N/A 0.00 0.00 0 0 0
erhp Last Month 24N/A 0.00 0.00 0 0 0
erhp This Year 76N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,413N/A 8.49 18.89 0 231 0
erhp Normalized Since Logging Started 1,413N/A 8.49 18.89 0 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 22 0 0.00 0.00 0 0 0
erhp2 Last Month 26 0 0.00 0.00 0 0 0
erhp2 This Year 75 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,358 26,970 19.86 167.12 0 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 22N/A 0.00 0.00 0 0 0
erhp2 Last Month 26N/A 0.00 0.00 0 0 0
erhp2 This Year 75N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,358N/A 2.34 15.66 0 380 0
erhp2 Normalized Since Logging Started 1,358N/A 2.34 15.66 0 380 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 22N/A 0.00 0.00 0 0 0
erhp2 Last Month 26N/A 0.00 0.00 0 0 0
erhp2 This Year 75N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,358N/A 13.94 102.14 0 2,661 0
erhp2 Normalized Since Logging Started 1,358N/A 13.94 102.14 0 2,661 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 22N/A 0.00 0.00 0 0 0
erhp2 Last Month 26N/A 0.00 0.00 0 0 0
erhp2 This Year 75N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,358N/A 4.94 18.60 0 337 0
erhp2 Normalized Since Logging Started 1,358N/A 4.94 18.60 0 337 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 23 0 0.00 0.00 0 0 0
syrtest Last Month 25 0 0.00 0.00 0 0 0
syrtest This Year 74 0 0.00 0.00 0 0 0
syrtest Since Logging Started 1,375 11,897,488 8,652.72 14,063.54 1,534 121,449 0
syrtest Normalized Since Logging Started 1,374 11,897,483 8,659.01 14,066.72 1,539 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 23N/A 0.00 0.00 0 0 0
syrtest Last Month 25N/A 0.00 0.00 0 0 0
syrtest This Year 74N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,376N/A 15.54 29.88 15 375 0
syrtest Normalized Since Logging Started 1,376N/A 15.54 29.88 15 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 23N/A 0.00 0.00 0 0 0
syrtest Last Month 25N/A 0.00 0.00 0 0 0
syrtest This Year 74N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,376N/A 5,414.89 7,682.16 14,375.5 43,291 0
syrtest Normalized Since Logging Started 1,376N/A 5,414.89 7,682.16 14,375.5 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 23N/A 0.00 0.00 0 0 0
syrtest Last Month 25N/A 0.00 0.00 0 0 0
syrtest This Year 74N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,376N/A 36.47 90.04 132.5 1,396 0
syrtest Normalized Since Logging Started 1,376N/A 36.47 90.04 132.5 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 24 0 0.00 0.00 0 0 0
edu_c Last Month 24 0 0.00 0.00 0 0 0
edu_c This Year 76 0 0.00 0.00 0 0 0
edu_c Since Logging Started 1,305 23,272,208 17,833.11 30,109.78 2,840 235,429 0
edu_c Normalized Since Logging Started 1,302 23,233,262 17,844.29 30,134.99 2,835.5 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 24N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 76N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,306N/A 15.06 28.56 13.5 342 0
edu_c Normalized Since Logging Started 1,306N/A 15.06 28.56 13.5 342 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 24N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 76N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,306N/A 9,972.69 13,851.54 8,303.5 64,863 0
edu_c Normalized Since Logging Started 1,306N/A 9,972.69 13,851.54 8,303.5 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 24N/A 0.00 0.00 0 0 0
edu_c Last Month 24N/A 0.00 0.00 0 0 0
edu_c This Year 76N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,306N/A 36.72 89.68 128.5 1,382 0
edu_c Normalized Since Logging Started 1,306N/A 36.72 89.68 128.5 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 21 34,078 1,622.76 842.42 1,264 3,683 801
shepherd Last Month 26 44,224 1,700.92 1,108.10 1,310 4,597 561
shepherd This Year 78 126,904 1,626.97 993.92 1,227 4,597 305
shepherd Since Logging Started 1,394 12,292,569 8,818.20 13,564.20 2,537 116,607 0
shepherd Normalized Since Logging Started 1,393 12,288,668 8,821.73 13,568.42 2,535 116,607 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 21N/A 230.19 75.31 244 363 38
shepherd Last Month 26N/A 246.69 137.36 232 570 52
shepherd This Year 78N/A 175.69 121.83 262.5 570 9
shepherd Since Logging Started 1,394N/A 34.69 56.12 3 570 0
shepherd Normalized Since Logging Started 1,394N/A 34.69 56.12 3 570 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 21N/A 1,369.14 711.75 2,191 3,130 603
shepherd Last Month 26N/A 1,359.38 994.37 2,235 4,000 399
shepherd This Year 78N/A 1,366.95 863.58 2,141 4,000 298
shepherd Since Logging Started 1,394N/A 5,862.31 8,123.77 14,235 52,383 0
shepherd Normalized Since Logging Started 1,394N/A 5,862.31 8,123.77 14,235 52,383 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 21N/A 196.33 71.78 200 306 30
shepherd Last Month 26N/A 288.19 153.01 267.5 670 91
shepherd This Year 78N/A 202.78 125.73 235 670 7
shepherd Since Logging Started 1,394N/A 64.53 136.55 27 2,400 0
shepherd Normalized Since Logging Started 1,394N/A 64.53 136.55 27 2,400 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 23 0 0.00 0.00 0 0 0
AWS Last Month 27 0 0.00 0.00 0 0 0
AWS This Year 76 0 0.00 0.00 0 0 0
AWS Since Logging Started 1,061 10,326,463 9,732.76 16,940.35 0 119,665 0
AWS Normalized Since Logging Started 1,061 10,326,463 9,732.76 16,940.35 0 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 23N/A 0.00 0.00 0 0 0
AWS Last Month 27N/A 0.00 0.00 0 0 0
AWS This Year 76N/A 0.00 0.00 0 0 0
AWS Since Logging Started 1,061N/A 10.03 17.36 0 91 0
AWS Normalized Since Logging Started 1,061N/A 10.03 17.36 0 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 23N/A 0.00 0.00 0 0 0
AWS Last Month 27N/A 0.00 0.00 0 0 0
AWS This Year 76N/A 0.00 0.00 0 0 0
AWS Since Logging Started 1,061N/A 5,051.33 8,097.91 0 45,440 0
AWS Normalized Since Logging Started 1,061N/A 5,051.33 8,097.91 0 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 23N/A 0.00 0.00 0 0 0
AWS Last Month 27N/A 0.00 0.00 0 0 0
AWS This Year 76N/A 0.00 0.00 0 0 0
AWS Since Logging Started 1,061N/A 22.48 59.03 0 734 0
AWS Normalized Since Logging Started 1,061N/A 22.48 59.03 0 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2