LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Thu Aug 16 13:15:56 EDT 2018

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today117N/AN/AN/AN/AN/A
ALL Hosts This Month 15 43,592 2,906.13 1,629.42 3,165 6,833 530
ALL Hosts Last Month 31 84,402 2,722.65 1,361.86 2,313 6,520 609
ALL Hosts This Year 227 862,226 3,798.35 1,773.72 3,442 8,184 530
ALL Hosts Since Logging Started 1,283 111,624,716 87,002.90 76,986.49 76,991 518,642 0
ALL Hosts Normalized Since Logging Started 5,877 65,909,837 11,214.88 19,523.03 2,374 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today110N/AN/AN/AN/AN/A
ALL Hosts This Month 15N/A 82.13 29.13 77 165 35
ALL Hosts Last Month 31N/A 80.39 32.30 59 152 21
ALL Hosts This Year 227N/A 97.81 61.90 47 315 18
ALL Hosts Since Logging Started 1,283N/A 138.81 146.00 408 1,076 0
ALL Hosts Normalized Since Logging Started 1,283N/A 138.81 146.00 408 1,076 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today113N/AN/AN/AN/AN/A
ALL Hosts This Month 15N/A 2,252.27 1,307.06 3,060 4,917 379
ALL Hosts Last Month 31N/A 1,968.65 1,091.35 2,240 4,960 456
ALL Hosts This Year 227N/A 2,927.71 1,429.67 2,896 6,473 379
ALL Hosts Since Logging Started 1,283N/A 24,360.66 17,816.47 31,000 98,969 0
ALL Hosts Normalized Since Logging Started 1,283N/A 24,360.66 17,816.47 31,000 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today19N/AN/AN/AN/AN/A
ALL Hosts This Month 15N/A 61.93 34.59 45 139 18
ALL Hosts Last Month 31N/A 100.65 104.78 447 447 6
ALL Hosts This Year 227N/A 92.71 75.59 38 539 6
ALL Hosts Since Logging Started 1,283N/A 240.40 309.21 29 5,697 0
ALL Hosts Normalized Since Logging Started 1,283N/A 240.40 309.21 29 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 13 0 0.00 0.00 0 0 0
blackridge Last Month 25 0 0.00 0.00 0 0 0
blackridge This Year 175 0 0.00 0.00 0 0 0
blackridge Since Logging Started 1,073 150,274 140.05 3,414.99 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 13N/A 0.00 0.00 0 0 0
blackridge Last Month 25N/A 0.00 0.00 0 0 0
blackridge This Year 175N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,073N/A 1.16 6.88 0 70 0
blackridge Normalized Since Logging Started 1,073N/A 1.16 6.88 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 13N/A 0.00 0.00 0 0 0
blackridge Last Month 25N/A 0.00 0.00 0 0 0
blackridge This Year 175N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,073N/A 86.83 2,283.17 0 73,698 0
blackridge Normalized Since Logging Started 1,073N/A 86.83 2,283.17 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 13N/A 0.00 0.00 0 0 0
blackridge Last Month 25N/A 0.00 0.00 0 0 0
blackridge This Year 175N/A 0.00 0.00 0 0 0
blackridge Since Logging Started 1,073N/A 0.54 3.01 0 41 0
blackridge Normalized Since Logging Started 1,073N/A 0.54 3.01 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 15 0 0.00 0.00 0 0 0
erhp Last Month 28 0 0.00 0.00 0 0 0
erhp This Year 215 0 0.00 0.00 0 0 0
erhp Since Logging Started 1,207 303,459 251.42 1,756.76 2 31,241 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 15N/A 0.00 0.00 0 0 0
erhp Last Month 28N/A 0.00 0.00 0 0 0
erhp This Year 215N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,207N/A 9.37 21.75 1 255 0
erhp Normalized Since Logging Started 1,207N/A 9.37 21.75 1 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 15N/A 0.00 0.00 0 0 0
erhp Last Month 28N/A 0.00 0.00 0 0 0
erhp This Year 215N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,207N/A 171.56 1,448.10 10 26,034 0
erhp Normalized Since Logging Started 1,207N/A 171.56 1,448.10 10 26,034 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today10N/AN/AN/AN/AN/A
erhp This Month 15N/A 0.00 0.00 0 0 0
erhp Last Month 28N/A 0.00 0.00 0 0 0
erhp This Year 215N/A 0.00 0.00 0 0 0
erhp Since Logging Started 1,207N/A 9.94 20.08 1 231 0
erhp Normalized Since Logging Started 1,207N/A 9.94 20.08 1 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 14 0 0.00 0.00 0 0 0
erhp2 Last Month 27 0 0.00 0.00 0 0 0
erhp2 This Year 201 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,160 26,970 23.25 180.60 0 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 14N/A 0.00 0.00 0 0 0
erhp2 Last Month 27N/A 0.00 0.00 0 0 0
erhp2 This Year 201N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,160N/A 2.74 16.91 0 380 0
erhp2 Normalized Since Logging Started 1,160N/A 2.74 16.91 0 380 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 14N/A 0.00 0.00 0 0 0
erhp2 Last Month 27N/A 0.00 0.00 0 0 0
erhp2 This Year 201N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,160N/A 16.32 110.34 0 2,661 0
erhp2 Normalized Since Logging Started 1,160N/A 16.32 110.34 0 2,661 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 14N/A 0.00 0.00 0 0 0
erhp2 Last Month 27N/A 0.00 0.00 0 0 0
erhp2 This Year 201N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 1,160N/A 5.79 20.00 0 337 0
erhp2 Normalized Since Logging Started 1,160N/A 5.79 20.00 0 337 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 14 0 0.00 0.00 0 0 0
syrtest Last Month 29 0 0.00 0.00 0 0 0
syrtest This Year 212 0 0.00 0.00 0 0 0
syrtest Since Logging Started 1,170 11,897,488 10,168.79 14,731.62 5,127.5 121,449 0
syrtest Normalized Since Logging Started 1,169 11,897,483 10,177.49 14,734.92 5,132 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 14N/A 0.00 0.00 0 0 0
syrtest Last Month 29N/A 0.00 0.00 0 0 0
syrtest This Year 212N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,171N/A 18.27 31.61 22 375 0
syrtest Normalized Since Logging Started 1,171N/A 18.27 31.61 22 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 14N/A 0.00 0.00 0 0 0
syrtest Last Month 29N/A 0.00 0.00 0 0 0
syrtest This Year 212N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,171N/A 6,362.84 7,957.10 1,780 43,291 0
syrtest Normalized Since Logging Started 1,171N/A 6,362.84 7,957.10 1,780 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today10N/AN/AN/AN/AN/A
syrtest This Month 14N/A 0.00 0.00 0 0 0
syrtest Last Month 29N/A 0.00 0.00 0 0 0
syrtest This Year 212N/A 0.00 0.00 0 0 0
syrtest Since Logging Started 1,171N/A 42.86 96.19 18 1,396 0
syrtest Normalized Since Logging Started 1,171N/A 42.86 96.19 18 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 14 0 0.00 0.00 0 0 0
edu_c Last Month 26 0 0.00 0.00 0 0 0
edu_c This Year 187 0 0.00 0.00 0 0 0
edu_c Since Logging Started 1,109 23,272,208 20,984.86 31,633.66 8,506 235,429 0
edu_c Normalized Since Logging Started 1,106 23,233,262 21,006.57 31,664.20 8,516 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 14N/A 0.00 0.00 0 0 0
edu_c Last Month 26N/A 0.00 0.00 0 0 0
edu_c This Year 187N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,110N/A 17.72 30.21 2 342 0
edu_c Normalized Since Logging Started 1,110N/A 17.72 30.21 2 342 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 14N/A 0.00 0.00 0 0 0
edu_c Last Month 26N/A 0.00 0.00 0 0 0
edu_c This Year 187N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,110N/A 11,733.64 14,320.67 19,629.5 64,863 0
edu_c Normalized Since Logging Started 1,110N/A 11,733.64 14,320.67 19,629.5 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 14N/A 0.00 0.00 0 0 0
edu_c Last Month 26N/A 0.00 0.00 0 0 0
edu_c This Year 187N/A 0.00 0.00 0 0 0
edu_c Since Logging Started 1,110N/A 43.20 95.82 17 1,382 0
edu_c Normalized Since Logging Started 1,110N/A 43.20 95.82 17 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 14 4,102 293.00 326.07 173 1,092 1
shepherd Last Month 24 22,714 946.42 828.25 735 3,359 9
shepherd This Year 180 202,016 1,122.31 979.95 1,031.5 4,645 0
shepherd Since Logging Started 1,199 12,045,938 10,046.65 14,245.42 4,033 116,607 0
shepherd Normalized Since Logging Started 1,198 12,042,037 10,051.78 14,250.26 4,037.5 116,607 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 14N/A 17.07 16.51 18 52 1
shepherd Last Month 24N/A 25.00 13.24 26 63 7
shepherd This Year 180N/A 25.22 26.87 24 148 0
shepherd Since Logging Started 1,199N/A 26.27 35.45 30 400 0
shepherd Normalized Since Logging Started 1,199N/A 26.27 35.45 30 400 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 14N/A 181.50 212.28 319.5 809 1
shepherd Last Month 24N/A 705.25 592.03 197.5 2,336 6
shepherd This Year 180N/A 960.94 852.08 1,117 4,105 0
shepherd Since Logging Started 1,199N/A 6,640.20 8,501.00 24,252 52,383 0
shepherd Normalized Since Logging Started 1,199N/A 6,640.20 8,501.00 24,252 52,383 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 14N/A 19.29 22.41 35.5 90 1
shepherd Last Month 24N/A 49.83 89.53 23.5 348 3
shepherd This Year 180N/A 29.30 53.83 25 354 0
shepherd Since Logging Started 1,199N/A 58.36 137.92 28 2,400 0
shepherd Normalized Since Logging Started 1,199N/A 58.36 137.92 28 2,400 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 15 0 0.00 0.00 0 0 0
AWS Last Month 26 0 0.00 0.00 0 0 0
AWS This Year 207 0 0.00 0.00 0 0 0
AWS Since Logging Started 858 10,326,463 12,035.50 18,087.52 2,174.5 119,665 0
AWS Normalized Since Logging Started 858 10,326,463 12,035.50 18,087.52 2,174.5 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 15N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 207N/A 0.00 0.00 0 0 0
AWS Since Logging Started 858N/A 12.41 18.53 13 91 0
AWS Normalized Since Logging Started 858N/A 12.41 18.53 13 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 15N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 207N/A 0.00 0.00 0 0 0
AWS Since Logging Started 858N/A 6,246.46 8,580.56 708 45,440 0
AWS Normalized Since Logging Started 858N/A 6,246.46 8,580.56 708 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 15N/A 0.00 0.00 0 0 0
AWS Last Month 26N/A 0.00 0.00 0 0 0
AWS This Year 207N/A 0.00 0.00 0 0 0
AWS Since Logging Started 858N/A 27.79 64.51 123 734 0
AWS Normalized Since Logging Started 858N/A 27.79 64.51 123 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2