LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Sat Aug 19 12:10:38 EDT 2017

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today11,251N/AN/AN/AN/AN/A
ALL Hosts This Month 18 925,626 51,423.67 37,901.14 35,344.5 150,296 19,491
ALL Hosts Last Month 28 2,778,640 99,237.14 34,963.00 97,017 199,782 43,507
ALL Hosts This Year 202 26,199,397 129,699.99 52,474.33 126,623.5 286,797 19,491
ALL Hosts Since Logging Started 933 108,428,795 116,215.21 70,424.12 106,910 518,642 0
ALL Hosts Normalized Since Logging Started 4,054 63,994,402 15,785.50 21,865.70 8,343.5 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today136N/AN/AN/AN/AN/A
ALL Hosts This Month 18N/A 236.72 204.79 221 771 60
ALL Hosts Last Month 28N/A 344.36 144.56 343 993 145
ALL Hosts This Year 202N/A 314.75 134.88 352.5 993 60
ALL Hosts Since Logging Started 933N/A 154.37 164.72 40 1,076 0
ALL Hosts Normalized Since Logging Started 933N/A 154.37 164.72 40 1,076 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1845N/AN/AN/AN/AN/A
ALL Hosts This Month 18N/A 23,942.56 9,114.70 24,203 43,391 7,770
ALL Hosts Last Month 28N/A 28,024.61 9,907.85 28,592.5 52,241 9,204
ALL Hosts This Year 202N/A 35,442.62 12,342.75 33,179.5 69,448 7,770
ALL Hosts Since Logging Started 933N/A 31,264.71 15,524.45 32,198 98,969 0
ALL Hosts Normalized Since Logging Started 933N/A 31,264.71 15,524.45 32,198 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today166N/AN/AN/AN/AN/A
ALL Hosts This Month 18N/A 248.22 161.87 310.5 721 46
ALL Hosts Last Month 28N/A 379.32 177.89 324 833 101
ALL Hosts This Year 202N/A 287.94 183.60 260 1,313 46
ALL Hosts Since Logging Started 933N/A 293.26 343.72 271 5,697 0
ALL Hosts Normalized Since Logging Started 933N/A 293.26 343.72 271 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 17 0 0.00 0.00 0 0 0
blackridge Last Month 26 0 0.00 0.00 0 0 0
blackridge This Year 189 4,854 25.68 84.91 0 463 0
blackridge Since Logging Started 789 149,707 189.74 3,981.28 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 17N/A 0.00 0.00 0 0 0
blackridge Last Month 26N/A 0.00 0.00 0 0 0
blackridge This Year 189N/A 4.18 13.87 0 70 0
blackridge Since Logging Started 789N/A 1.44 7.80 0 70 0
blackridge Normalized Since Logging Started 789N/A 1.44 7.80 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 17N/A 0.00 0.00 0 0 0
blackridge Last Month 26N/A 0.00 0.00 0 0 0
blackridge This Year 189N/A 4.90 16.81 0 92 0
blackridge Since Logging Started 789N/A 117.83 2,661.88 0 73,698 0
blackridge Normalized Since Logging Started 789N/A 117.83 2,661.88 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 17N/A 0.00 0.00 0 0 0
blackridge Last Month 26N/A 0.00 0.00 0 0 0
blackridge This Year 189N/A 1.40 5.39 0 41 0
blackridge Since Logging Started 789N/A 0.69 3.43 0 41 0
blackridge Normalized Since Logging Started 789N/A 0.69 3.43 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today139N/AN/AN/AN/AN/A
erhp This Month 17 102,074 6,004.35 9,328.77 427 31,241 143
erhp Last Month 24 27,136 1,130.67 3,119.86 285.5 15,553 111
erhp This Year 184 233,980 1,271.63 4,253.98 303 31,241 13
erhp Since Logging Started 871 299,946 344.37 2,060.31 15 31,241 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today16N/AN/AN/AN/AN/A
erhp This Month 17N/A 53.35 47.15 29 176 14
erhp Last Month 24N/A 39.58 12.11 42 57 19
erhp This Year 184N/A 41.90 22.55 46 176 3
erhp Since Logging Started 871N/A 12.20 24.42 14 255 0
erhp Normalized Since Logging Started 871N/A 12.20 24.42 14 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today125N/AN/AN/AN/AN/A
erhp This Month 17N/A 4,894.29 7,795.61 26,034 26,034 36
erhp Last Month 24N/A 765.29 2,591.60 51.5 12,749 39
erhp This Year 184N/A 880.65 3,557.80 36.5 26,034 11
erhp Since Logging Started 871N/A 236.67 1,700.20 2 26,034 0
erhp Normalized Since Logging Started 871N/A 236.67 1,700.20 2 26,034 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today110N/AN/AN/AN/AN/A
erhp This Month 17N/A 46.06 43.03 30 141 3
erhp Last Month 24N/A 21.21 14.92 25 61 5
erhp This Year 184N/A 24.71 25.88 33.5 141 1
erhp Since Logging Started 871N/A 13.42 22.50 18 231 0
erhp Normalized Since Logging Started 871N/A 13.42 22.50 18 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 17 0 0.00 0.00 0 0 0
erhp2 Last Month 25 0 0.00 0.00 0 0 0
erhp2 This Year 184 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 839 26,970 32.15 211.68 1 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 17N/A 0.00 0.00 0 0 0
erhp2 Last Month 25N/A 0.00 0.00 0 0 0
erhp2 This Year 184N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 839N/A 3.79 19.78 1 380 0
erhp2 Normalized Since Logging Started 839N/A 3.79 19.78 1 380 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 17N/A 0.00 0.00 0 0 0
erhp2 Last Month 25N/A 0.00 0.00 0 0 0
erhp2 This Year 184N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 839N/A 22.56 129.19 1 2,661 0
erhp2 Normalized Since Logging Started 839N/A 22.56 129.19 1 2,661 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 17N/A 0.00 0.00 0 0 0
erhp2 Last Month 25N/A 0.00 0.00 0 0 0
erhp2 This Year 184N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 839N/A 8.00 23.14 1 337 0
erhp2 Normalized Since Logging Started 839N/A 8.00 23.14 1 337 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today1502N/AN/AN/AN/AN/A
syrtest This Month 15 198,318 13,221.20 12,743.25 8,431 48,771 1,704
syrtest Last Month 24 415,293 17,303.88 12,288.97 13,131 46,628 4,410
syrtest This Year 180 3,298,133 18,322.96 15,761.31 12,731 93,261 533
syrtest Since Logging Started 841 11,731,035 13,948.91 15,725.93 9,614 121,449 0
syrtest Normalized Since Logging Started 840 11,731,030 13,965.51 15,727.92 9,626 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today18N/AN/AN/AN/AN/A
syrtest This Month 15N/A 48.27 29.74 32 110 22
syrtest Last Month 25N/A 54.08 66.47 41 372 0
syrtest This Year 181N/A 49.10 30.30 48 372 0
syrtest Since Logging Started 842N/A 24.96 34.87 40.5 375 0
syrtest Normalized Since Logging Started 842N/A 24.96 34.87 40.5 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today1490N/AN/AN/AN/AN/A
syrtest This Month 15N/A 10,514.13 9,990.48 20,260 37,940 1,492
syrtest Last Month 25N/A 10,974.64 8,106.95 6,593 31,381 0
syrtest This Year 181N/A 11,762.53 8,554.60 35,388 43,073 0
syrtest Since Logging Started 842N/A 8,708.45 8,149.33 14,584.5 43,291 0
syrtest Normalized Since Logging Started 842N/A 8,708.45 8,149.33 14,584.5 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today111N/AN/AN/AN/AN/A
syrtest This Month 15N/A 73.53 82.93 36 312 4
syrtest Last Month 25N/A 82.16 99.51 51 491 0
syrtest This Year 181N/A 90.75 111.45 37 752 0
syrtest Since Logging Started 842N/A 58.92 108.80 3 1,396 0
syrtest Normalized Since Logging Started 842N/A 58.92 108.80 3 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 15 37,669 2,511.27 7,604.97 0 30,074 0
edu_c Last Month 21 407,035 19,382.62 10,046.49 19,301 42,366 470
edu_c This Year 178 4,589,360 25,782.92 23,676.58 19,819 147,005 0
edu_c Since Logging Started 813 23,272,208 28,625.10 33,857.35 18,277 235,429 0
edu_c Normalized Since Logging Started 810 23,233,262 28,683.04 33,894.35 18,326 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 15N/A 15.60 48.29 0 192 0
edu_c Last Month 22N/A 70.32 81.12 44 342 0
edu_c This Year 179N/A 47.73 37.52 49 342 0
edu_c Since Logging Started 814N/A 24.16 33.00 4 342 0
edu_c Normalized Since Logging Started 814N/A 24.16 33.00 4 342 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 15N/A 2,025.07 5,973.85 0 23,418 0
edu_c Last Month 22N/A 12,615.14 7,161.24 18,358 26,226 0
edu_c This Year 179N/A 15,630.79 12,177.64 24,846 54,136 0
edu_c Since Logging Started 814N/A 16,000.41 14,539.14 16,268.5 64,863 0
edu_c Normalized Since Logging Started 814N/A 16,000.41 14,539.14 16,268.5 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today10N/AN/AN/AN/AN/A
edu_c This Month 15N/A 41.60 113.94 0 426 0
edu_c Last Month 22N/A 132.59 178.32 33 710 0
edu_c This Year 179N/A 73.22 92.95 32 710 0
edu_c Since Logging Started 814N/A 58.91 107.68 291 1,382 0
edu_c Normalized Since Logging Started 814N/A 58.91 107.68 291 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16 193,480 12,092.50 14,520.40 6,243 52,361 1
shepherd Last Month 23 494,260 21,489.57 21,261.14 14,476 82,084 285
shepherd This Year 181 4,413,332 24,383.05 22,832.79 17,885 116,607 0
shepherd Since Logging Started 908 11,046,183 12,165.40 15,389.30 6,876 116,607 0
shepherd Normalized Since Logging Started 907 11,042,282 12,174.51 15,395.33 6,880 116,607 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 51.50 56.46 84 165 1
shepherd Last Month 23N/A 73.04 68.07 57 377 27
shepherd This Year 181N/A 50.03 37.88 51 377 0
shepherd Since Logging Started 908N/A 26.56 38.34 33 400 0
shepherd Normalized Since Logging Started 908N/A 26.56 38.34 33 400 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 9,303.06 11,267.59 10,054 42,104 1
shepherd Last Month 23N/A 13,004.48 12,037.26 3,526 45,459 71
shepherd This Year 181N/A 14,739.60 12,522.93 22,100 52,383 0
shepherd Since Logging Started 908N/A 7,900.43 9,023.96 12,828 52,383 0
shepherd Normalized Since Logging Started 908N/A 7,900.43 9,023.96 12,828 52,383 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today10N/AN/AN/AN/AN/A
shepherd This Month 16N/A 44.75 56.37 17.5 175 1
shepherd Last Month 23N/A 117.00 140.16 59 618 23
shepherd This Year 181N/A 69.88 95.65 28 795 0
shepherd Since Logging Started 908N/A 66.80 153.10 27 2,400 0
shepherd Normalized Since Logging Started 908N/A 66.80 153.10 27 2,400 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 14 0 0.00 0.00 0 0 0
AWS Last Month 21 48,048 2,288.00 5,942.27 0 26,355 0
AWS This Year 174 5,197,525 29,870.83 24,021.34 29,359 113,611 0
AWS Since Logging Started 536 10,326,463 19,265.79 19,606.13 14,134 119,665 0
AWS Normalized Since Logging Started 536 10,326,463 19,265.79 19,606.13 14,134 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 14N/A 0.00 0.00 0 0 0
AWS Last Month 21N/A 8.62 18.01 0 53 0
AWS This Year 174N/A 39.15 23.81 47 91 0
AWS Since Logging Started 536N/A 19.86 20.03 40 91 0
AWS Normalized Since Logging Started 536N/A 19.86 20.03 40 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 14N/A 0.00 0.00 0 0 0
AWS Last Month 21N/A 1,523.57 4,145.35 0 18,735 0
AWS This Year 174N/A 15,030.67 11,047.27 20,524.5 45,440 0
AWS Since Logging Started 536N/A 9,999.00 8,962.97 24,649 45,440 0
AWS Normalized Since Logging Started 536N/A 9,999.00 8,962.97 24,649 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today10N/AN/AN/AN/AN/A
AWS This Month 14N/A 0.00 0.00 0 0 0
AWS Last Month 21N/A 6.57 14.23 0 45 0
AWS This Year 174N/A 42.86 48.26 140.5 283 0
AWS Since Logging Started 536N/A 44.49 76.93 30.5 734 0
AWS Normalized Since Logging Started 536N/A 44.49 76.93 30.5 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2