PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Tue Jan 22 22:50:31 2019.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Top Attackers  |  Top Signatures  |  Top Ports
Last SeenHitsIP AddressCountryHosting Provider
Sat Feb 9 01:09:04 2019335796.4.0.35??
Fri Feb 8 10:41:14 2019280877.72.82.22RUORG-NA225-RIPE
Mon Feb 4 10:18:36 2019169980.211.185.78ITARUBA-NET
Tue Jan 29 12:56:58 2019153294.102.56.235SCQuasi Networks LTD.
Sat Feb 16 15:18:54 201969546.161.27.159NLMEGA HOLDINGS LIMITED
Tue Feb 5 16:49:15 2019690176.119.4.18UAFOP Gubina Lubov Petrivna
Tue Feb 5 16:40:26 2019682176.119.4.77UAFOP Gubina Lubov Petrivna
Tue Jan 29 09:18:33 201961794.102.56.252SCQuasi Networks LTD.
Tue Jan 29 13:31:26 201958789.248.168.107SCQuasi Networks LTD.
Tue Jan 29 15:08:55 201957780.82.64.116SCQuasi Networks LTD.
Fri Feb 15 06:28:09 201956477.72.85.26RUORG-NA225-RIPE
Sat Feb 2 11:31:05 2019530104.168.148.138USHostwinds LLC. (HL-29)
Sat Feb 16 14:52:09 2019510122.228.19.79CNHZZYKJ-WZ
Tue Feb 12 07:32:53 2019467185.153.197.182MDRU-RMENGINEERING-20160524
Sat Feb 16 12:12:10 2019459185.254.122.5LTARTURAS
Sat Feb 16 10:30:25 2019436185.222.210.15VEPRISM BUSINESS SERVICES LTD
Tue Feb 5 16:33:20 2019396176.119.4.73UAFOP Gubina Lubov Petrivna
Wed Feb 13 01:34:07 201938488.108.138.205GBDSL-TISCALI-UK
Sat Feb 16 11:10:08 2019382185.208.208.198NLAccess2.IT Group B.V.
Sat Feb 16 14:24:04 2019380185.208.209.6NLAccess2.IT Group B.V.
Thu Feb 14 10:43:29 2019378194.28.115.243NLNetwork Systems Ltd.
Sat Feb 16 12:49:33 2019363185.211.245.168RUteam-host-ru-highload-network
Sat Feb 16 14:59:38 2019363193.32.160.35EUSTELLAR ADVANCED CONCEPTS LTD
Sat Feb 16 15:18:21 2019361185.211.245.157RUteam-host-ru-highload-network
Fri Jan 25 11:18:18 2019358146.0.77.157NLRIPE Network Coordination Centre (RIPE)
Thu Feb 14 10:18:26 2019345194.28.115.245NLNetwork Systems Ltd.
Tue Feb 5 09:54:18 2019344185.254.123.12LTARTURAS
Sat Feb 16 14:07:39 201934492.63.196.77RUORG-OA984-RIPE
Thu Feb 14 02:59:46 201933531.192.108.68EUORG-GS326-RIPE
Sat Feb 16 15:04:12 201933492.63.196.74RUORG-OA984-RIPE
Sat Feb 16 07:10:09 2019329185.253.157.104RULOFT-INC-LLC-NET
Sat Feb 16 12:59:28 2019311185.176.26.78BGIP Kirichenko Andrey Evgenievich
Tue Feb 5 10:43:55 2019309185.254.123.9LTARTURAS
Sat Feb 16 12:55:33 2019306120.52.152.18CNCU-CDC
Wed Feb 6 03:17:33 2019293185.254.123.23LTARTURAS
Sat Feb 16 14:46:03 2019284185.222.210.45VEPRISM BUSINESS SERVICES LTD
Sat Feb 16 15:00:24 2019277120.52.152.16CNCU-CDC
Sat Feb 16 14:56:23 2019269185.176.26.66BGIP Kirichenko Andrey Evgenievich
Sat Feb 16 14:39:44 2019260110.249.212.46CNUNICOM-HE
Sat Feb 16 12:07:29 2019252185.222.210.108VEPRISM BUSINESS SERVICES LTD
Mon Feb 4 05:47:20 201925114.135.120.19CNCHINANET-NX
Sun Feb 10 09:16:21 201924992.63.196.88RUORG-OA984-RIPE
Sat Feb 16 11:51:19 201924292.63.196.31RUORG-OA984-RIPE
Sat Feb 16 15:05:23 201924092.63.196.13RUORG-OA984-RIPE
Sat Feb 16 14:25:08 201924092.63.196.22RUORG-OA984-RIPE
Sat Feb 16 14:58:52 201923792.63.196.56RUORG-OA984-RIPE
Sat Feb 16 08:38:50 201923692.63.196.38RUORG-OA984-RIPE
Sat Feb 16 13:53:24 201923592.63.196.19RUORG-OA984-RIPE
Sat Feb 16 14:16:14 201923592.63.196.35RUORG-OA984-RIPE
Sat Feb 16 14:28:19 201923592.63.196.61RUORG-OA984-RIPE
HitsSIDSignature
4171100205MISC Microsoft SQL Server communication attempt
3393486ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
1115100077MISC MS Terminal Server communication attempt
634100063BACKDOOR RUX the Tick connection attempt
492564P2P Napster Client Data communication attempt
4872375BACKDOOR DoomJuice file upload attempt
370100202MISC VNC communication attempt
200402ICMP Destination Unreachable Port Unreachable
195100090P2P napster communication attempt
187510POLICY HP JetDirect LCD communication attempt
107100084MISC HP Web JetAdmin communication attempt
93207BAD-TRAFFIC data in TCP SYN packet
85100082MISC Microsoft PPTP communication attempt
62562P2P Napster Client Data communication attempt
53563P2P Napster Client Data communication attempt
46100028BACKDOOR netbus Connection Cttempt
342181P2P BitTorrent communication attempt
331846POLICY vncviewer Java applet communication attempt
20100073MISC PCAnywhere communication attempt
18568POLICY HP JetDirect LCD commnication attempt
18100112DOS Real Audio Server communication attempt
171408DOS MSDTC communication attempt
16100204MISC Radmin Default install options attempt
121641DOS DB2 dos communication attempt
11100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
11147BACKDOOR GateCrasher Connection attempt
9119BACKDOOR Doly 2.0 Connection attempt
82586P2P eDonkey transfer attempt
81636MISC Xtramail communication attempt
61605DOS iParty DOS attempt
5208BACKDOOR PhaseZero Server Active on Network
51987MISC xfs communication attempt
5561P2P Napster Client Data communication attempt
5100100FTP Yak! FTP server communication attempt
32587P2P eDonkey communication attempt
31383P2P Fastrack kazaa/morpheus communication attempt
2100038BACKDOOR - Dagger_1.4.0 Connection attempt
2152BACKDOOR BackConstruction 2.1 connection attempt
11421SNMP AgentX/tcp request
1247DDOS mstream client to handler
1159BACKDOOR NetMetro File List connection attempt
12124BACKDOOR Remote PC Access connection attempt
1282DOS arkiea backup communication attempt
1163BACKDOOR WinCrash 1.0 communication attempt
1100203MISC Ghostsurf communication attempt
1599RPC portmap listing TCP 32771
11843BACKDOOR trinity connection attempt
1565P2P Napster Server Login communication attempt
1100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
1100040BACKDOOR Infector.1.x Connection attempt
PortHits
237261
14334173
85451876
801587
254111526
221503
80801408
33891147
81989
22222641
443581
2323574
5555492
5038391
5900371
60001341
3390245
5431239
6379230
3306220
3391216
8291213
8888196
25189
21187
PortHits
3128186
50802172
8443159
8088148
9090133
3392132
27017131
3388130
2222129
3394129
3399128
3395123
1080121
9000120
3393119
3396116
8081114
5060112
3398112
8000108
3397105
811899
590193
999991
3389088
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify