PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Mon Aug 3 00:30:15 2020.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Last SeenFirst SeenIP AddressCountryPorts Targeted
Fri Oct 15 22:25:02 2021Fri Oct 15 02:05:53 2021 45.146.166.118 RU14652
Fri Oct 15 22:25:02 2021Sat Jul 31 06:15:32 2021 185.191.34.90 RU63021
Fri Oct 15 22:24:25 2021Sat Oct 9 18:36:03 2021 195.54.160.110 RU14982
Fri Oct 15 22:24:25 2021Sun Sep 5 05:14:27 2021 94.232.46.40 RU56511
Fri Oct 15 22:24:18 2021Mon Aug 30 02:22:41 2021 185.191.34.120 RU6152
Fri Oct 15 22:24:18 2021Fri Aug 27 13:32:46 2021 94.232.45.4 RU13821
Fri Oct 15 22:24:15 2021Fri Oct 15 12:55:07 2021 205.185.120.31 US5555
Fri Oct 15 22:23:38 2021Thu Jul 22 13:44:38 2021 94.232.46.153 RU151
Fri Oct 15 22:23:38 2021Sat Sep 18 07:56:30 2021 167.94.138.30 US8010
Fri Oct 15 22:23:24 2021Fri Mar 5 06:20:53 2021 45.143.200.46 BG1403
Fri Oct 15 22:23:24 2021Fri Sep 17 17:57:33 2021 46.161.27.234 NL12451
Fri Oct 15 22:23:24 2021Tue Aug 24 16:54:09 2021 106.13.19.210 CN2376
Fri Oct 15 22:23:16 2021Mon Jul 19 10:35:28 2021 209.141.45.226 US23
Fri Oct 15 22:23:02 2021Sun Aug 15 09:52:06 2021 80.82.65.247 NL33919
Fri Oct 15 22:22:46 2021Mon Feb 8 14:59:06 2021 185.56.80.46 SC8089
Fri Oct 15 22:22:25 2021Thu Jul 1 18:13:39 2021 193.163.125.119 GB64508
Fri Oct 15 22:22:25 2021Fri Jun 18 22:55:13 2021 89.248.165.247 NL400
Fri Oct 15 22:22:10 2021Wed Jul 7 22:07:16 2021 193.27.228.101 RU5752
Fri Oct 15 22:22:03 2021Fri Oct 15 02:49:22 2021 45.146.166.124 RU11699
Fri Oct 15 22:22:02 2021Sat Sep 18 16:02:08 2021 167.94.138.17 US5672
Last SeenHitsIP AddressCountryHosting Provider
Fri Oct 15 22:22:25 20219536589.248.165.247NLORG-IVI1-RIPE
Fri Oct 15 22:25:02 202163896185.191.34.90RUIT Resheniya LLC
Fri Oct 15 22:18:08 20214446089.248.165.48NLORG-IVI1-RIPE
Fri Oct 15 16:39:20 20213905745.143.203.3EUTOV VAIZ PARTNER
Fri Oct 15 21:20:30 202137075185.156.73.63NLIP Kiktev Nikolay Vladimirovich
Sat Mar 13 06:18:50 202130613194.147.140.83SCLeading Mechanical Industry PJS
Thu Jan 7 21:53:03 202129919193.27.229.94RUStarcrecium Limited
Thu Jan 7 21:48:45 202129705193.27.229.93RUStarcrecium Limited
Thu May 20 17:40:41 20212647345.155.205.31RUStarcrecium Limited
Thu Sep 16 17:12:23 20212443589.248.165.94NLORG-IVI1-RIPE
Fri Oct 15 21:58:58 20211978445.143.200.6BGKorotkij Denis Aleksandrovich
Mon May 10 15:00:49 20211942745.155.205.34RUStarcrecium Limited
Mon Sep 6 02:40:35 20211911445.155.204.193RUStarcrecium Limited
Fri Oct 15 22:24:18 20211809294.232.45.4RUDmitriy Panchenko
Fri Jul 30 19:14:11 202117306185.191.34.246RUStarcrecium Limited
Fri Oct 15 21:42:55 20211663192.63.197.74UAIP Kiktev Nikolay Vladimirovich
Wed Jan 27 06:13:48 20211644445.146.166.126RUStarcrecium Limited
Wed Jan 27 11:44:19 20211633345.146.166.127RUStarcrecium Limited
Wed Jan 27 14:42:19 20211626545.134.26.169RUStarcrecium Limited
Wed Jan 27 15:26:51 20211601145.146.165.128RUStarcrecium Limited
Fri Oct 8 04:01:37 202115221185.156.73.109NLIP Kiktev Nikolay Vladimirovich
Wed Jan 27 19:16:56 20211490445.146.166.162RUStarcrecium Limited
Thu Oct 7 09:41:03 20211454694.232.45.44RUDmitriy Panchenko
Fri Oct 8 01:36:12 202114222185.156.73.111NLIP Kiktev Nikolay Vladimirovich
Fri Oct 15 22:22:10 202114186193.27.228.101RUIT Resheniya LLC
Tue Jul 13 04:20:00 20211310992.63.197.101UAIP Kiktev Nikolay Vladimirovich
Sun Jul 11 22:01:54 202112921185.156.73.114NLIP Kiktev Nikolay Vladimirovich
Thu Jan 7 18:19:49 20211273645.129.33.41EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:56:59 20211264845.129.33.24EUMaximilian Kutzner trading as HostSlick
Tue Aug 31 11:37:18 202112409185.156.73.104NLIP Kiktev Nikolay Vladimirovich
Tue Jan 12 05:46:38 20211240845.129.33.12EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:23:56 20211238745.129.33.13EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:24:24 20211218545.129.33.9EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:19:15 20211214845.129.33.10EUMaximilian Kutzner trading as HostSlick
Fri Oct 15 21:39:31 202112140185.156.73.107NLIP Kiktev Nikolay Vladimirovich
Tue Jan 12 06:17:19 20211204445.129.33.8EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:26:21 20211193845.129.33.15EUMaximilian Kutzner trading as HostSlick
Wed Jan 13 02:19:21 20211170545.129.33.60EUMaximilian Kutzner trading as HostSlick
Thu Aug 27 21:38:23 202011487194.26.29.104RURU-MEDIA-LAND-2-20191120
Thu Mar 18 07:06:33 202111322194.26.27.101RURU-MEDIA-LAND-2-20191120
Thu Aug 27 21:34:35 202011304194.26.29.102RURU-MEDIA-LAND-2-20191120
Fri Jul 16 12:07:39 20211125589.248.165.7NLORG-IVI1-RIPE
Mon Mar 22 03:12:44 202111222135.181.219.37NLRIPE Network Coordination Centre (RIPE)
Thu Apr 15 14:24:59 202111058195.54.160.155RUStarcrecium Limited
Fri Oct 15 22:23:24 20211104145.143.200.46BGKorotkij Denis Aleksandrovich
Wed Jan 20 08:02:09 20211087151.77.86.185DESD-LIM-113A-10G-HG
Fri Oct 15 11:25:26 20211082692.63.197.55UAIP Kiktev Nikolay Vladimirovich
Tue Apr 20 06:54:08 20211081845.155.205.32RUStarcrecium Limited
Mon Jul 26 14:24:41 20211063092.63.197.103UAIP Kiktev Nikolay Vladimirovich
Wed Mar 10 10:24:58 20211061794.102.51.17NLORG-IVI1-RIPE
HitsSIDSignature
63768100205MISC Microsoft SQL Server communication attempt
40727100077MISC MS Terminal Server communication attempt
246662375BACKDOOR DoomJuice file upload attempt
23863564P2P Napster Client Data communication attempt
11268510POLICY HP JetDirect LCD communication attempt
9651100202MISC VNC communication attempt
7799100090P2P napster communication attempt
7531100084MISC HP Web JetAdmin communication attempt
5572100082MISC Microsoft PPTP communication attempt
5017562P2P Napster Client Data communication attempt
3034563P2P Napster Client Data communication attempt
23781846POLICY vncviewer Java applet communication attempt
2005100063BACKDOOR RUX the Tick connection attempt
1947100028BACKDOOR netbus Connection Cttempt
1825100204MISC Radmin Default install options attempt
17422181P2P BitTorrent communication attempt
1360100073MISC PCAnywhere communication attempt
1139568POLICY HP JetDirect LCD commnication attempt
10671408DOS MSDTC communication attempt
1028561P2P Napster Client Data communication attempt
968100112DOS Real Audio Server communication attempt
892100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
8731641DOS DB2 dos communication attempt
806147BACKDOOR GateCrasher Connection attempt
707119BACKDOOR Doly 2.0 Connection attempt
6471605DOS iParty DOS attempt
5862586P2P eDonkey transfer attempt
568100100FTP Yak! FTP server communication attempt
4501987MISC xfs communication attempt
442208BACKDOOR PhaseZero Server Active on Network
367152BACKDOOR BackConstruction 2.1 connection attempt
275100044BACKDOOR NetSphere Connection attempt
2622587P2P eDonkey communication attempt
254100038BACKDOOR - Dagger_1.4.0 Connection attempt
2421636MISC Xtramail communication attempt
230565P2P Napster Server Login communication attempt
2191985BACKDOOR Doly 1.5 Connection attempt
1921383P2P Fastrack kazaa/morpheus communication attempt
185159BACKDOOR NetMetro File List connection attempt
136505MISC Insecure TIMBUKTU communication attempt
134100040BACKDOOR Infector.1.x Connection attempt
1201421SNMP AgentX/tcp request
117100203MISC Ghostsurf communication attempt
116599RPC portmap listing TCP 32771
1161819MISC Alcatel PABX 4400 connection attempt
113108BACKDOOR QAZ Worm Client Login access
108163BACKDOOR WinCrash 1.0 communication attempt
98282DOS arkiea backup communication attempt
962124BACKDOOR Remote PC Access connection attempt
96207BAD-TRAFFIC data in TCP SYN packet
82100083MISC LDAP communication attempt
58247DDOS mstream client to handler
57100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
57100064BACKDOOR Asylum 0.1 connection request
53107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
53100206PSAD-CUSTOM Kuang2 virus communication attempt
46153BACKDOOR DonaldDick 1.53 connection attempt
461843BACKDOOR trinity connection attempt
43249DDOS mstream client to handler
41145BACKDOOR GirlFriend Connection attempt
35100207BACKDOOR Subseven connection attempt
34100007DDOS Trin00 Attacker to Master connection attempt
33141BACKDOOR HackAttack 1.20 Connection attempt
193016BACKDOOR Insane Network 4.0 connection established port 63536
8230DDOS shaft client login to handler connection attempt
3613SCAN myscan
12182BACKDOOR typot trojan traffic
PortHits
23202919
2278828
637970901
143364762
808063146
8059256
44349610
844346062
338941425
8128041
555523869
237520317
237616313
808914629
854513735
503812952
829111568
808110352
23239968
59009747
92009307
104438636
33908503
88887809
508027792
PortHits
33067761
80007534
217395
112117317
31287285
87286882
54326660
80886398
90006302
270176291
33915978
17235574
265150
33885120
95305098
600015093
22225053
77775017
70014832
50604829
99994773
33924710
81814530
30004406
50004356
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify