PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Tue Jan 22 17:50:31 2019.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Last SeenFirst SeenIP AddressCountryPorts Targeted
Mon Mar 30 15:03:46 2020Sat Jan 26 06:23:07 2019 196.52.43.85 US2082
Mon Mar 30 14:59:49 2020Tue Feb 18 14:28:40 2020 194.26.29.100 RU3134
Mon Mar 30 14:56:45 2020Wed Feb 19 03:43:43 2020 194.26.29.117 RU9980-9981
Mon Mar 30 14:56:03 2020Sun Mar 15 04:23:46 2020 162.243.132.43 US8140
Mon Mar 30 14:54:48 2020Sun Mar 29 13:19:11 2020 162.250.98.200 US6666
Mon Mar 30 14:54:48 2020Mon Mar 30 14:00:04 2020 201.184.229.106 CO5555
Mon Mar 30 14:54:36 2020Tue Jan 22 22:05:21 2019 196.52.43.60 US88
Mon Mar 30 14:50:01 2020Fri Mar 13 17:28:41 2020 194.61.27.247 NL3389
Mon Mar 30 14:47:27 2020Fri Feb 14 03:18:11 2020 185.151.242.185 RU3389
Mon Mar 30 14:45:14 2020Fri Dec 27 03:55:41 2019 184.71.214.234 CA1433
Mon Mar 30 14:42:39 2020Mon Mar 30 14:41:38 2020 185.208.211.222 US8291-8443
Mon Mar 30 14:39:30 2020Mon Mar 30 14:39:00 2020 112.119.136.135 HK5555
Mon Mar 30 14:36:54 2020Thu Feb 14 19:57:37 2019 196.220.34.80 ZA1433
Mon Mar 30 14:32:10 2020Sun Feb 16 08:30:03 2020 195.139.92.40 NO5555
Mon Mar 30 14:31:57 2020Thu Feb 13 14:59:15 2020 162.243.130.252 US7777
Mon Mar 30 14:28:56 2020Thu Mar 12 02:54:33 2020 128.72.174.16 NL23
Mon Mar 30 14:25:07 2020Mon Mar 30 12:31:10 2020 156.155.170.53 MU8000
Mon Mar 30 14:21:21 2020Mon Mar 30 14:21:17 2020 182.240.31.165 CN5555
Mon Mar 30 14:13:20 2020Sat Apr 20 08:39:34 2019 184.105.139.98 US1883
Mon Mar 30 14:13:19 2020Thu Mar 7 20:20:49 2019 198.108.66.227 US9235
Last SeenHitsIP AddressCountryHosting Provider
Tue Mar 10 00:05:32 202011058545.141.85.3RUMediaLand
Sun Mar 8 04:07:32 202089281194.26.69.100NLRU-MEDIA-LAND-2-20191120
Mon Mar 30 14:58:06 202035740195.54.166.70RURU-HOSTWAY-20191220
Thu Jan 23 23:50:33 20201532881.22.45.227RUInformation Technologies LLC
Thu Feb 27 12:30:33 20201201893.174.95.73NLORG-IVI1-RIPE
Thu Feb 27 05:51:38 202011878185.39.10.63CHCO-NETWORKDEDICATED-20131028
Sun Mar 22 21:00:57 20201179780.82.65.62NLORG-IVI1-RIPE
Thu Feb 27 13:00:45 20201034480.82.78.192NLORG-IVI1-RIPE
Mon Mar 30 14:59:49 20209682194.26.29.100RURU-MEDIA-LAND-2-20191120
Thu Mar 26 23:46:33 20209317194.26.69.106NLRU-MEDIA-LAND-2-20191120
Thu Jan 23 23:57:46 20208848194.26.69.105NLRU-MEDIA-LAND-2-20191120
Thu Jan 23 23:59:18 20208759194.26.69.103NLRU-MEDIA-LAND-2-20191120
Wed Mar 18 17:34:47 2020809194.102.53.10NLORG-IVI1-RIPE
Fri Jan 24 00:02:21 2020774745.141.85.4RUMediaLand
Mon Mar 30 15:04:40 20207288194.26.29.107RURU-MEDIA-LAND-2-20191120
Sat Jan 18 17:34:54 20206614194.26.69.101NLRU-MEDIA-LAND-2-20191120
Thu Mar 26 23:37:23 20205835185.156.73.54NLIP Kiktev Nikolay Vladimirovich
Mon Mar 30 15:03:21 20205521185.156.73.52NLIP Kiktev Nikolay Vladimirovich
Sat Feb 22 06:30:28 20204822185.156.73.66NLIP Kiktev Nikolay Vladimirovich
Fri Feb 21 20:02:35 20204763185.156.73.64NLIP Kiktev Nikolay Vladimirovich
Mon Mar 30 15:04:22 20204670194.26.29.117RURU-MEDIA-LAND-2-20191120
Mon Mar 30 14:17:57 20204507185.209.0.32LVSIA "IT Services"
Mon Mar 30 14:41:32 20204434185.175.93.105RUIP CHistyakov Mihail Viktorovich
Thu Mar 26 13:02:01 2020433492.118.37.58EUDonner Oleg Alexeevich
Wed Mar 11 07:14:34 2020426592.118.37.55EUDonner Oleg Alexeevich
Thu Mar 26 22:39:44 20204235185.153.196.80MDRU-RMENGINEERING-20160524
Sun Mar 15 10:34:31 2020422092.118.37.97EUDonner Oleg Alexeevich
Tue Jan 21 15:44:54 2020394645.136.109.87DERU-COMTRADE-20190801
Thu Mar 12 01:36:10 2020394392.118.37.53EUDonner Oleg Alexeevich
Mon Mar 30 14:43:03 2020391192.118.37.83EUDonner Oleg Alexeevich
Wed Mar 25 22:00:30 20203851185.176.27.254BGIP Dunaev Yuriy Vyacheslavovich
Mon Mar 30 14:58:06 20203823195.54.166.5RURU-HOSTWAY-20191220
Mon Mar 30 14:43:03 2020367589.248.172.85NLORG-IVI1-RIPE
Fri Mar 13 10:49:07 2020358992.119.160.52RUInformation Technologies LLC
Mon Mar 30 14:28:25 20203516185.175.93.27RUIP CHistyakov Mihail Viktorovich
Mon Mar 30 13:03:17 2020347592.118.37.99EUDonner Oleg Alexeevich
Fri Mar 13 11:34:59 2020346992.119.160.143RUInformation Technologies LLC
Mon Mar 30 13:22:55 20203447223.71.167.165CNChina Mobile
Wed Dec 11 17:46:02 2019344681.22.45.201RUInformation Technologies LLC
Mon Mar 23 06:34:58 2020344192.118.37.61EUDonner Oleg Alexeevich
Mon Mar 30 13:33:13 2020332389.248.168.202NLORG-IVI1-RIPE
Mon Mar 30 14:12:00 2020329280.82.70.239NLORG-IVI1-RIPE
Mon Mar 30 14:26:31 20203284185.216.140.252NLDEDI-NOVOGARA
Mon Mar 30 14:35:42 2020326194.102.56.181NLORG-IVI1-RIPE
Mon Mar 30 15:03:39 2020322245.141.85.103RUMediaLand
Mon Mar 30 14:58:36 2020321492.118.37.86EUDonner Oleg Alexeevich
Wed Mar 25 06:49:04 2020321380.82.64.127NLORG-IVI1-RIPE
Thu Mar 26 02:14:36 20203149185.156.73.42NLIP Kiktev Nikolay Vladimirovich
Mon Mar 30 15:02:02 20203144185.175.93.104RUIP CHistyakov Mihail Viktorovich
Mon Mar 30 14:54:16 20203061185.176.27.174BGIP Dunaev Yuriy Vyacheslavovich
HitsSIDSignature
30160100205MISC Microsoft SQL Server communication attempt
20067100077MISC MS Terminal Server communication attempt
14125564P2P Napster Client Data communication attempt
77572375BACKDOOR DoomJuice file upload attempt
7355100063BACKDOOR RUX the Tick connection attempt
5490100202MISC VNC communication attempt
4836510POLICY HP JetDirect LCD communication attempt
3481486ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
3470100084MISC HP Web JetAdmin communication attempt
3038402ICMP Destination Unreachable Port Unreachable
2733100090P2P napster communication attempt
2435100082MISC Microsoft PPTP communication attempt
1438562P2P Napster Client Data communication attempt
1194563P2P Napster Client Data communication attempt
8061846POLICY vncviewer Java applet communication attempt
805100028BACKDOOR netbus Connection Cttempt
6572181P2P BitTorrent communication attempt
587100073MISC PCAnywhere communication attempt
460100112DOS Real Audio Server communication attempt
4321408DOS MSDTC communication attempt
428100204MISC Radmin Default install options attempt
389568POLICY HP JetDirect LCD commnication attempt
342100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
306147BACKDOOR GateCrasher Connection attempt
2911641DOS DB2 dos communication attempt
245119BACKDOOR Doly 2.0 Connection attempt
196208BACKDOOR PhaseZero Server Active on Network
1931987MISC xfs communication attempt
186100100FTP Yak! FTP server communication attempt
1742586P2P eDonkey transfer attempt
1641605DOS iParty DOS attempt
152561P2P Napster Client Data communication attempt
1131636MISC Xtramail communication attempt
103152BACKDOOR BackConstruction 2.1 connection attempt
93207BAD-TRAFFIC data in TCP SYN packet
90100044BACKDOOR NetSphere Connection attempt
842587P2P eDonkey communication attempt
681383P2P Fastrack kazaa/morpheus communication attempt
64100038BACKDOOR - Dagger_1.4.0 Connection attempt
64159BACKDOOR NetMetro File List connection attempt
631985BACKDOOR Doly 1.5 Connection attempt
44599RPC portmap listing TCP 32771
401819MISC Alcatel PABX 4400 connection attempt
39565P2P Napster Server Login communication attempt
37505MISC Insecure TIMBUKTU communication attempt
34108BACKDOOR QAZ Worm Client Login access
33163BACKDOOR WinCrash 1.0 communication attempt
33100203MISC Ghostsurf communication attempt
31100040BACKDOOR Infector.1.x Connection attempt
281421SNMP AgentX/tcp request
282124BACKDOOR Remote PC Access connection attempt
213016BACKDOOR Insane Network 4.0 connection established port 63536
21100206PSAD-CUSTOM Kuang2 virus communication attempt
17100064BACKDOOR Asylum 0.1 connection request
17247DDOS mstream client to handler
16282DOS arkiea backup communication attempt
16249DDOS mstream client to handler
15100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
15107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
11100083MISC LDAP communication attempt
91843BACKDOOR trinity connection attempt
7145BACKDOOR GirlFriend Connection attempt
7100207BACKDOOR Subseven connection attempt
6141BACKDOOR HackAttack 1.20 Connection attempt
6100007DDOS Trin00 Attacker to Master connection attempt
6230DDOS shaft client login to handler connection attempt
42182BACKDOOR typot trojan traffic
3153BACKDOOR DonaldDick 1.53 connection attempt
2485ICMP Destination Unreachable Communication Administratively Prohibited
11853BACKDOOR win-trin00 connection attempt
PortHits
23137738
143330392
8024251
808023608
2223089
338920586
8117561
854517035
555514129
808911769
2541110465
4438975
23238092
600017513
222227382
50386123
59005527
125935417
63794293
82913992
33903841
33063530
80003472
80883299
84433083
PortHits
212865
33912843
882783
88882738
90002736
31282671
80812562
508022555
22222549
17232437
92002417
262296
270172272
33882193
95302160
90902134
45672055
33922021
95271887
112111838
33991807
50601804
33931777
33951762
70011748
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify