PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Tue Jan 22 17:50:31 2019.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Start TimeIP AddressPorts Targeted
Thu, Sep 19 09:57:23 PM92.118.37.70 3389
Thu, Sep 19 09:47:20 PM31.179.189.46 1433
Thu, Sep 19 09:37:28 PM103.89.91.177 3389
Thu, Sep 19 09:32:36 PM92.119.160.103 5908
Thu, Sep 19 09:23:58 PM124.193.179.134 5555
Thu, Sep 19 09:18:58 PM198.108.66.120 3389
Thu, Sep 19 09:10:27 PM222.92.171.198 3389
Thu, Sep 19 09:05:53 PM89.159.74.93 5555
Thu, Sep 19 09:01:25 PM71.6.146.185 5555
Thu, Sep 19 08:47:43 PM185.200.118.83 1723
Thu, Sep 19 08:43:33 PM81.22.45.70 3389
Thu, Sep 19 08:42:14 PM110.23.112.12 22222
Thu, Sep 19 08:40:54 PM222.106.164.240 8888
Thu, Sep 19 08:39:39 PM196.52.43.60 5800
Thu, Sep 19 08:36:49 PM109.207.79.48 3389
Thu, Sep 19 08:36:42 PM183.88.225.4 3389
Thu, Sep 19 09:38:47 PM185.153.198.196 3399
Thu, Sep 19 08:35:16 PM185.137.233.215 9100
Thu, Sep 19 09:20:29 PM92.119.160.52 57585
Thu, Sep 19 08:30:05 PM109.252.93.79 22222
Last SeenHitsIP AddressCountryHosting Provider
Thu Sep 19 21:50:23 2019277892.119.160.80RUInformation Technologies LLC
Sat Sep 7 00:39:47 20192294185.143.221.187NLinformtech-select
Thu Sep 19 21:55:03 20191907185.209.0.18LVSIA "IT Services"
Thu Sep 19 21:34:20 2019140181.22.45.76RUInformation Technologies LLC
Thu Sep 19 03:15:08 2019112581.22.45.254RUInformation Technologies LLC
Wed Sep 18 02:04:18 2019992185.209.0.32LVSIA "IT Services"
Thu Sep 19 21:29:22 2019812185.209.0.17LVSIA "IT Services"
Thu Sep 19 20:32:56 2019772185.175.93.105RUIP CHistyakov Mihail Viktorovich
Thu Sep 19 21:14:55 2019746185.209.0.2LVSIA "IT Services"
Thu Sep 19 20:30:24 2019732185.209.0.33LVSIA "IT Services"
Thu Sep 19 21:27:44 2019711185.209.0.58LVSIA "IT Services"
Thu Sep 19 21:20:29 201964892.119.160.52RUInformation Technologies LLC
Thu Sep 19 21:15:31 2019644122.228.19.80CNHZZYKJ-WZ
Thu Sep 19 19:44:14 201964192.119.160.143RUInformation Technologies LLC
Thu Sep 19 21:32:36 201961492.119.160.103RUInformation Technologies LLC
Thu Sep 19 21:59:25 201958989.248.172.85NLORG-IVI1-RIPE
Thu Sep 19 21:32:18 201955989.248.160.193NLORG-IVI1-RIPE
Thu Sep 19 19:35:06 201955994.102.56.181NLORG-IVI1-RIPE
Thu Sep 19 21:53:13 2019558185.216.140.252NLDEDI-NOVOGARA
Tue Aug 27 09:16:41 2019546108.62.202.220USUbiquity Server Solutions Seattle (NTGL-5)
Thu Sep 19 21:23:58 201954689.248.168.202NLORG-IVI1-RIPE
Thu Sep 19 20:54:00 201954380.82.70.239NLORG-IVI1-RIPE
Thu Sep 19 19:57:03 201953680.82.64.127NLORG-IVI1-RIPE
Thu Sep 19 21:58:54 201945689.248.162.168NLORG-IVI1-RIPE
Wed Sep 18 21:12:29 2019427185.153.196.80MDRU-RMENGINEERING-20160524
Thu Sep 19 21:21:12 201941289.248.162.247NLORG-IVI1-RIPE
Thu Sep 19 20:32:31 2019407185.175.93.18RUIP CHistyakov Mihail Viktorovich
Thu Sep 19 20:42:01 201940581.22.45.239RUInformation Technologies LLC
Thu Sep 19 20:35:40 2019395185.175.93.14RUIP CHistyakov Mihail Viktorovich
Thu Sep 19 21:30:10 2019390185.175.93.104RUIP CHistyakov Mihail Viktorovich
Sat Sep 14 20:38:18 2019389185.216.140.27NLDEDI-NOVOGARA
Thu Sep 19 21:38:47 2019384185.153.198.196MDRU-RMENGINEERING-20160524
Thu Sep 19 21:02:50 201937781.22.45.219RUInformation Technologies LLC
Sun Sep 15 08:52:29 201937392.118.37.86EUDonner Oleg Alexeevich
Thu Sep 19 21:55:51 201934581.22.45.252RUInformation Technologies LLC
Thu Sep 19 21:57:48 2019335185.209.0.83LVSIA "IT Services"
Thu Sep 19 18:30:03 201933137.49.231.104NLCLOUD STAR HOSTING SERVICES
Thu Sep 19 19:39:04 201932881.22.45.202RUInformation Technologies LLC
Fri Aug 23 08:13:39 201932846.161.27.87NLMEGA HOLDINGS LIMITED
Mon Sep 2 23:45:17 201932689.248.172.196NLORG-IVI1-RIPE
Thu Sep 19 21:34:14 201932581.22.45.148RUInformation Technologies LLC
Thu Sep 19 20:57:52 2019325185.209.0.16LVSIA "IT Services"
Thu Sep 19 18:40:12 201932481.22.45.150RUInformation Technologies LLC
Thu Sep 19 17:20:46 201930989.248.168.225NLORG-IVI1-RIPE
Thu Sep 19 20:14:08 201930680.82.65.74NLORG-IVI1-RIPE
Thu Sep 5 01:12:15 2019298185.175.93.19RUIP CHistyakov Mihail Viktorovich
Thu Sep 19 17:25:26 201929593.174.93.68NLORG-IVI1-RIPE
Fri Sep 6 05:04:03 201929489.248.174.201NLORG-IVI1-RIPE
Thu Sep 19 17:14:40 201929180.82.65.40NLORG-IVI1-RIPE
Thu Sep 19 19:30:38 201929192.53.65.52RUSELECTEL-NET
HitsSIDSignature
11199100077MISC MS Terminal Server communication attempt
7733100205MISC Microsoft SQL Server communication attempt
7050100063BACKDOOR RUX the Tick connection attempt
6574564P2P Napster Client Data communication attempt
36662375BACKDOOR DoomJuice file upload attempt
3625100202MISC VNC communication attempt
3470486ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
2808510POLICY HP JetDirect LCD communication attempt
1597100090P2P napster communication attempt
1308100082MISC Microsoft PPTP communication attempt
1217100084MISC HP Web JetAdmin communication attempt
671562P2P Napster Client Data communication attempt
628402ICMP Destination Unreachable Port Unreachable
547563P2P Napster Client Data communication attempt
4421846POLICY vncviewer Java applet communication attempt
390100028BACKDOOR netbus Connection Cttempt
3422181P2P BitTorrent communication attempt
274100073MISC PCAnywhere communication attempt
252100204MISC Radmin Default install options attempt
248100112DOS Real Audio Server communication attempt
2131408DOS MSDTC communication attempt
196568POLICY HP JetDirect LCD commnication attempt
156100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
135147BACKDOOR GateCrasher Connection attempt
1251641DOS DB2 dos communication attempt
108119BACKDOOR Doly 2.0 Connection attempt
93207BAD-TRAFFIC data in TCP SYN packet
831987MISC xfs communication attempt
79208BACKDOOR PhaseZero Server Active on Network
78100100FTP Yak! FTP server communication attempt
752586P2P eDonkey transfer attempt
621605DOS iParty DOS attempt
62561P2P Napster Client Data communication attempt
452587P2P eDonkey communication attempt
421636MISC Xtramail communication attempt
37100044BACKDOOR NetSphere Connection attempt
351383P2P Fastrack kazaa/morpheus communication attempt
33152BACKDOOR BackConstruction 2.1 connection attempt
21100038BACKDOOR - Dagger_1.4.0 Connection attempt
211985BACKDOOR Doly 1.5 Connection attempt
20505MISC Insecure TIMBUKTU communication attempt
19159BACKDOOR NetMetro File List connection attempt
17565P2P Napster Server Login communication attempt
142124BACKDOOR Remote PC Access connection attempt
141421SNMP AgentX/tcp request
13100064BACKDOOR Asylum 0.1 connection request
12599RPC portmap listing TCP 32771
12108BACKDOOR QAZ Worm Client Login access
111819MISC Alcatel PABX 4400 connection attempt
113016BACKDOOR Insane Network 4.0 connection established port 63536
10100203MISC Ghostsurf communication attempt
10100040BACKDOOR Infector.1.x Connection attempt
9163BACKDOOR WinCrash 1.0 communication attempt
5100207BACKDOOR Subseven connection attempt
5100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
5282DOS arkiea backup communication attempt
4100083MISC LDAP communication attempt
4100206PSAD-CUSTOM Kuang2 virus communication attempt
31843BACKDOOR trinity connection attempt
3107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
2141BACKDOOR HackAttack 1.20 Connection attempt
22182BACKDOOR typot trojan traffic
2247DDOS mstream client to handler
2249DDOS mstream client to handler
2145BACKDOOR GirlFriend Connection attempt
2230DDOS shaft client login to handler connection attempt
1100007DDOS Trin00 Attacker to Master connection attempt
11853BACKDOOR win-trin00 connection attempt
1153BACKDOOR DonaldDick 1.53 connection attempt
PortHits
2383609
2216026
808013962
8013341
338911530
2541110463
819991
85458129
14337902
80897752
222227077
55556576
23235903
600015670
4434541
59003656
50383531
508022303
33062281
82912151
80882003
63791989
33901951
95271712
88881598
PortHits
211598
84431579
31281558
90001546
251498
33911488
22221451
54311445
17231310
80001218
80811128
33881117
270171107
33921090
90011068
92001027
90901009
7001989
88980
1080957
34567953
11211948
3393948
3399946
3395945
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify