LongTail Log Analysis

Assorted Statistics

Analysis does not include today's numbers. Numbers rounded to two decimal places

Created on Sun Jun 25 13:16:50 EDT 2017

Normalized data is data that consists of only full days of attacks, AND to servers that are NOT protected by firewalls or other kinds of intrusion protection systems.

Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
All Hosts Combined
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1132,550N/AN/AN/AN/AN/A
ALL Hosts This Month 22 2,375,740 107,988.18 28,282.39 102,042.5 171,405 46,288
ALL Hosts Last Month 29 3,891,563 134,191.83 49,494.72 137,822 272,178 48,161
ALL Hosts This Year 150 21,678,471 144,523.14 45,499.55 140,197.5 286,797 46,288
ALL Hosts Since Logging Started 881 103,907,869 117,943.10 71,170.04 108,336 518,642 0
ALL Hosts Normalized Since Logging Started 3,813 61,337,700 16,086.47 22,190.40 8,506 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1133N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 345.64 54.43 354.5 444 220
ALL Hosts Last Month 29N/A 358.31 38.06 360 431 280
ALL Hosts This Year 150N/A 317.81 117.78 359.5 597 66
ALL Hosts Since Logging Started 881N/A 145.42 159.67 41 1,076 0
ALL Hosts Normalized Since Logging Started 881N/A 145.42 159.67 41 1,076 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today126250N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 30,374.55 7,184.39 29,422 44,672 10,993
ALL Hosts Last Month 29N/A 30,179.97 7,560.63 29,674 53,452 16,549
ALL Hosts This Year 150N/A 38,316.41 11,645.19 35,103.5 69,448 10,993
ALL Hosts Since Logging Started 881N/A 31,507.41 15,741.61 32,963 98,969 0
ALL Hosts Normalized Since Logging Started 881N/A 31,507.41 15,741.61 32,963 98,969 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
ALL Hosts So Far Today1213N/AN/AN/AN/AN/A
ALL Hosts This Month 22N/A 409.18 181.60 392 900 154
ALL Hosts Last Month 29N/A 216.00 100.65 192 579 97
ALL Hosts This Year 150N/A 273.92 184.32 249 1,313 56
ALL Hosts Since Logging Started 881N/A 291.19 351.03 267 5,697 0
ALL Hosts Normalized Since Logging Started 881N/A 291.19 351.03 267 5,697 0
 
Hosts protected by BlackRidge Technologies
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
blackridge Educational Site, Protected By a BlackRidge Technology Eclipse Gateway
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 17 0 0.00 0.00 0 0 0
blackridge Last Month 26 0 0.00 0.00 0 0 0
blackridge This Year 142 4,854 34.18 96.47 0 463 0
blackridge Since Logging Started 742 149,707 201.76 4,105.14 0 108,999 0
blackridge Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 17N/A 0.00 0.00 0 0 0
blackridge Last Month 26N/A 0.00 0.00 0 0 0
blackridge This Year 142N/A 5.56 15.76 0 70 0
blackridge Since Logging Started 742N/A 1.53 8.04 0 70 0
blackridge Normalized Since Logging Started 742N/A 1.53 8.04 0 70 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 17N/A 0.00 0.00 0 0 0
blackridge Last Month 26N/A 0.00 0.00 0 0 0
blackridge This Year 142N/A 6.53 19.11 0 92 0
blackridge Since Logging Started 742N/A 125.30 2,744.72 0 73,698 0
blackridge Normalized Since Logging Started 742N/A 125.30 2,744.72 0 73,698 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
blackridge So Far Today10N/AN/AN/AN/AN/A
blackridge This Month 17N/A 0.00 0.00 0 0 0
blackridge Last Month 26N/A 0.00 0.00 0 0 0
blackridge This Year 142N/A 1.86 6.15 0 41 0
blackridge Since Logging Started 742N/A 0.73 3.53 0 41 0
blackridge Normalized Since Logging Started 742N/A 0.73 3.53 0 41 0
 
Hosts protected by an Intrusion Protection System
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today140N/AN/AN/AN/AN/A
erhp This Month 17 48,043 2,826.06 7,473.18 322 29,904 177
erhp Last Month 22 8,591 390.50 289.17 300 1,349 210
erhp This Year 138 103,610 750.80 2,939.60 310.5 29,904 13
erhp Since Logging Started 825 169,576 205.55 1,306.74 11 29,904 0
erhp Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today18N/AN/AN/AN/AN/A
erhp This Month 17N/A 41.00 7.75 40 53 29
erhp Last Month 22N/A 48.27 7.23 48 61 35
erhp This Year 138N/A 40.90 18.12 48 86 3
erhp Since Logging Started 825N/A 10.37 22.55 1 255 0
erhp Normalized Since Logging Started 825N/A 10.37 22.55 1 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today123N/AN/AN/AN/AN/A
erhp This Month 17N/A 2,169.35 6,226.50 46 24,730 29
erhp Last Month 22N/A 127.09 271.92 35.5 1,005 30
erhp This Year 138N/A 436.14 2,452.30 35 24,730 11
erhp Since Logging Started 825N/A 126.41 1,066.16 19 24,730 0
erhp Normalized Since Logging Started 825N/A 126.41 1,066.16 19 24,730 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp So Far Today14N/AN/AN/AN/AN/A
erhp This Month 17N/A 22.59 17.12 34 77 5
erhp Last Month 22N/A 16.36 18.43 6 84 6
erhp This Year 138N/A 22.78 23.41 35.5 122 1
erhp Since Logging Started 825N/A 12.47 21.50 17 231 0
erhp Normalized Since Logging Started 825N/A 12.47 21.50 17 231 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
erhp2 Educational Site, Protected By a Juniper SRX 3600
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 17 0 0.00 0.00 0 0 0
erhp2 Last Month 23 0 0.00 0.00 0 0 0
erhp2 This Year 137 0 0.00 0.00 0 0 0
erhp2 Since Logging Started 792 26,970 34.05 217.72 1 5,357 0
erhp2 Normalized Since Logging Started 0.00 0.00
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 17N/A 0.00 0.00 0 0 0
erhp2 Last Month 23N/A 0.00 0.00 0 0 0
erhp2 This Year 137N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 792N/A 4.02 20.34 1 380 0
erhp2 Normalized Since Logging Started 792N/A 4.02 20.34 1 380 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 17N/A 0.00 0.00 0 0 0
erhp2 Last Month 23N/A 0.00 0.00 0 0 0
erhp2 This Year 137N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 792N/A 23.90 132.85 1 2,661 0
erhp2 Normalized Since Logging Started 792N/A 23.90 132.85 1 2,661 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
erhp2 So Far Today10N/AN/AN/AN/AN/A
erhp2 This Month 17N/A 0.00 0.00 0 0 0
erhp2 Last Month 23N/A 0.00 0.00 0 0 0
erhp2 This Year 137N/A 0.00 0.00 0 0 0
erhp2 Since Logging Started 792N/A 8.47 23.73 1 337 0
erhp2 Normalized Since Logging Started 792N/A 8.47 23.73 1 337 0
 
Educational Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
syrtest Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today118,422N/AN/AN/AN/AN/A
syrtest This Month 18 346,593 19,255.17 8,973.78 16,208.5 36,881 9,304
syrtest Last Month 22 450,990 20,499.55 15,338.72 15,978.5 60,583 2,072
syrtest This Year 137 2,603,850 19,006.20 16,614.30 12,916 93,261 533
syrtest Since Logging Started 798 11,036,752 13,830.52 15,875.99 9,280 121,449 0
syrtest Normalized Since Logging Started 797 11,036,747 13,847.86 15,878.39 9,287 121,449 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today119N/AN/AN/AN/AN/A
syrtest This Month 18N/A 47.17 9.70 47.5 62 25
syrtest Last Month 22N/A 53.95 8.18 52 72 42
syrtest This Year 137N/A 48.64 17.26 51 90 14
syrtest Since Logging Started 798N/A 23.55 32.99 42.5 375 0
syrtest Normalized Since Logging Started 798N/A 23.55 32.99 42.5 375 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today111030N/AN/AN/AN/AN/A
syrtest This Month 18N/A 12,917.89 6,663.08 23,423.5 24,551 4,555
syrtest Last Month 22N/A 12,572.32 7,640.03 22,732 24,237 1,650
syrtest This Year 137N/A 12,098.96 8,494.75 34,081 43,073 357
syrtest Since Logging Started 798N/A 8,597.81 8,106.09 28,052 43,291 0
syrtest Normalized Since Logging Started 798N/A 8,597.81 8,106.09 28,052 43,291 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
syrtest So Far Today140N/AN/AN/AN/AN/A
syrtest This Month 18N/A 141.78 133.62 152.5 515 6
syrtest Last Month 22N/A 71.36 43.19 42 198 10
syrtest This Year 137N/A 95.65 117.09 33 752 6
syrtest Since Logging Started 798N/A 58.01 109.67 29 1,396 0
syrtest Normalized Since Logging Started 798N/A 58.01 109.67 29 1,396 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edub Second Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23 0 0.00 0.00 0 0 0
edub Last Month 31 80,170 2,586.13 5,514.63 0 22,038 0
edub This Year 236 1,254,067 5,313.84 8,432.76 3,326.5 102,009 0
edub Since Logging Started 524 4,738,036 9,042.05 14,056.96 3,922.5 102,009 0
edub Normalized Since Logging Started 521 4,737,755 9,093.58 14,080.91 3,957 102,009 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 3.77 6.04 0 18 0
edub This Year 236N/A 6.67 6.53 4 45 0
edub Since Logging Started 524N/A 20.44 38.91 3 351 0
edub Normalized Since Logging Started 524N/A 20.44 38.91 3 351 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 1,577.10 3,238.20 0 11,721 0
edub This Year 236N/A 3,726.85 5,617.55 3,357 69,500 0
edub Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
edub Normalized Since Logging Started 524N/A 5,998.72 8,669.17 15,493 69,500 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edub So Far Today10N/AN/AN/AN/AN/A
edub This Month 23N/A 0.00 0.00 0 0 0
edub Last Month 31N/A 23.48 69.95 0 360 0
edub This Year 236N/A 52.99 135.44 21 752 0
edub Since Logging Started 524N/A 48.99 110.45 28 797 0
edub Normalized Since Logging Started 524N/A 48.99 110.45 28 797 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
edu_c Third Educational Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today137,203N/AN/AN/AN/AN/A
edu_c This Month 17 368,461 21,674.18 10,042.66 19,978 48,112 9,033
edu_c Last Month 26 695,467 26,748.73 13,603.19 25,177.5 60,409 3,894
edu_c This Year 138 3,991,086 28,920.91 24,525.28 21,993 147,005 615
edu_c Since Logging Started 773 22,673,934 29,332.39 34,374.24 18,636 235,429 0
edu_c Normalized Since Logging Started 770 22,634,988 29,396.09 34,413.28 18,659.5 235,429 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today130N/AN/AN/AN/AN/A
edu_c This Month 17N/A 45.65 8.72 47 65 31
edu_c Last Month 26N/A 55.15 10.68 52 90 42
edu_c This Year 138N/A 47.70 18.06 50 90 9
edu_c Since Logging Started 773N/A 22.90 29.11 4 255 0
edu_c Normalized Since Logging Started 773N/A 22.90 29.11 4 255 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today122230N/AN/AN/AN/AN/A
edu_c This Month 17N/A 14,408.53 6,529.66 20,970 29,581 4,645
edu_c Last Month 26N/A 16,887.92 6,184.09 20,538.5 27,542 3,466
edu_c This Year 138N/A 17,422.78 12,188.82 28,462.5 54,136 208
edu_c Since Logging Started 773N/A 16,339.93 14,662.74 30,214 64,863 0
edu_c Normalized Since Logging Started 773N/A 16,339.93 14,662.74 30,214 64,863 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
edu_c So Far Today136N/AN/AN/AN/AN/A
edu_c This Month 17N/A 70.59 53.44 46 242 36
edu_c Last Month 26N/A 59.77 41.79 36 174 12
edu_c This Year 138N/A 66.31 60.31 33.5 323 4
edu_c Since Logging Started 773N/A 56.92 104.01 299 1,382 0
edu_c Normalized Since Logging Started 773N/A 56.92 104.01 299 1,382 0
 
Residential Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
shepherd Residential Site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today11,266N/AN/AN/AN/AN/A
shepherd This Month 17 268,173 15,774.88 13,036.52 8,276 45,635 1,008
shepherd Last Month 24 509,161 21,215.04 14,350.19 15,677.5 52,402 4,570
shepherd This Year 138 3,699,119 26,805.21 23,404.78 21,539.5 116,607 0
shepherd Since Logging Started 865 10,331,970 11,944.47 15,159.68 6,767 116,607 0
shepherd Normalized Since Logging Started 864 10,328,069 11,953.78 15,165.98 6,770.5 116,607 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today117N/AN/AN/AN/AN/A
shepherd This Month 17N/A 54.71 9.74 54 82 39
shepherd Last Month 24N/A 59.04 8.24 58 74 41
shepherd This Year 138N/A 45.83 24.27 52 91 0
shepherd Since Logging Started 865N/A 24.73 35.74 31 400 0
shepherd Normalized Since Logging Started 865N/A 24.73 35.74 31 400 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today11197N/AN/AN/AN/AN/A
shepherd This Month 17N/A 11,437.12 9,266.93 3,320 33,461 673
shepherd Last Month 24N/A 14,279.21 7,943.21 24,645.5 28,030 3,556
shepherd This Year 138N/A 15,938.14 12,546.99 22,050.5 52,383 0
shepherd Since Logging Started 865N/A 7,751.66 8,847.46 25,405 52,383 0
shepherd Normalized Since Logging Started 865N/A 7,751.66 8,847.46 25,405 52,383 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
shepherd So Far Today1153N/AN/AN/AN/AN/A
shepherd This Month 17N/A 126.76 172.29 52 795 43
shepherd Last Month 24N/A 79.67 67.74 26 227 14
shepherd This Year 138N/A 64.43 87.67 124.5 795 0
shepherd Since Logging Started 865N/A 65.78 154.64 254 2,400 0
shepherd Normalized Since Logging Started 865N/A 65.78 154.64 254 2,400 0
 
Cloud Provider Sites
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
AWS AWS Amazon Web Services cloud site
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today12,479N/AN/AN/AN/AN/A
AWS This Month 16 308,183 19,261.44 14,871.61 17,219 53,663 4,685
AWS Last Month 25 777,037 31,081.48 26,152.50 24,602 113,611 4,426
AWS This Year 135 5,094,966 37,740.49 21,341.16 36,998 113,611 1,783
AWS Since Logging Started 497 10,223,904 20,571.24 19,694.98 14,981 119,665 0
AWS Normalized Since Logging Started 497 10,223,904 20,571.24 19,694.98 14,981 119,665 0
IP Address Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today115N/AN/AN/AN/AN/A
AWS This Month 16N/A 48.56 9.50 48.5 65 29
AWS Last Month 25N/A 52.96 8.54 52 69 36
AWS This Year 135N/A 47.96 17.27 51 91 11
AWS Since Logging Started 497N/A 20.74 19.97 47 91 0
AWS Normalized Since Logging Started 497N/A 20.74 19.97 47 91 0
Password Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today11142N/AN/AN/AN/AN/A
AWS This Month 16N/A 10,713.81 7,132.02 14,037.5 25,550 2,525
AWS Last Month 25N/A 15,120.52 10,361.29 3,405 45,440 3,405
AWS This Year 135N/A 18,959.25 9,139.55 22,167 45,440 1,426
AWS Since Logging Started 497N/A 10,671.28 8,893.47 262 45,440 0
AWS Normalized Since Logging Started 497N/A 10,671.28 8,893.47 262 45,440 0
Username Count
Time
Frame
Number
of Days
Count Average
Per Day
Std. Dev. Median Max Min
AWS So Far Today113N/AN/AN/AN/AN/A
AWS This Month 16N/A 61.50 38.60 46.5 165 8
AWS Last Month 25N/A 55.84 57.90 34 283 12
AWS This Year 135N/A 52.33 49.15 33 283 2
AWS Since Logging Started 497N/A 47.19 78.94 32 734 0
AWS Normalized Since Logging Started 497N/A 47.19 78.94 32 734 0
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_v Host Cloud_v, offline on Feb 23rd, 2015.
Time
Frame
Number
of Days
Total
SSH attempts
Average
Per Day
Std. Dev.MedianMaxMin
cloud_c Host Cloud_c, offline on Feb 23rd, 2015.

Total SSH attempts for all hosts may be LARGER than the sum of SSH attempts of each host. This is because each host's attacks are counted before totalling all the SSH attacks, and if attacks are ongoing, then more attacks will have come in between counting for a host and counting all the SSH attacks.


LongTail Copyright 2015 by Eric Wedaa, under GPLV2