PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Tue Jan 22 22:50:31 2019.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Top Attackers  |  Top Signatures  |  Top Ports
Last SeenHitsIP AddressCountryHosting Provider
Fri Mar 29 21:36:38 201918125194.147.34.12RUORG-LB141-RIPE
Fri Mar 22 05:32:15 20196095176.57.71.239NLON-LINE DATA LTD
Thu Jun 20 10:03:12 20195969185.143.221.187NLinformtech-select
Tue Jun 25 00:12:53 20195087185.176.26.101BGIP Kirichenko Andrey Evgenievich
Mon Jun 24 23:11:05 20195060185.176.26.100BGIP Kirichenko Andrey Evgenievich
Sat Feb 9 01:09:04 2019335796.4.0.35??
Fri Mar 1 11:20:52 2019297446.161.27.159NLMEGA HOLDINGS LIMITED
Fri Feb 8 10:41:14 2019280877.72.82.22RUORG-NA225-RIPE
Wed Jun 19 17:36:55 20192658185.176.27.118BGIP Dunaev Yuriy Vyacheslavovich
Mon May 27 02:00:28 2019251980.82.64.116NLORG-IVI1-RIPE
Thu Jun 27 11:50:25 20192275185.208.209.6NLAccess2.IT Group B.V.
Thu Jun 27 11:25:35 20192252185.208.208.198NLAccess2.IT Group B.V.
Wed Jun 19 00:31:29 20191866185.176.27.6BGIP Dunaev Yuriy Vyacheslavovich
Wed Jun 26 03:17:22 2019182881.22.45.230RUInformation Technologies LLC
Thu Jun 27 06:02:12 20191825185.176.26.105BGIP Kirichenko Andrey Evgenievich
Thu Jun 27 07:10:52 2019181889.248.174.3NLORG-IVI1-RIPE
Tue Jun 25 22:48:19 2019173481.22.45.231RUInformation Technologies LLC
Fri Jun 7 13:48:56 2019173481.22.45.229RUInformation Technologies LLC
Fri Jun 7 13:52:06 2019173281.22.45.232RUInformation Technologies LLC
Fri Jun 7 14:13:44 2019170681.22.45.228RUInformation Technologies LLC
Mon Feb 4 10:18:36 2019169980.211.185.78ITARUBA-NET
Sun Jun 16 03:43:29 20191693185.176.27.246BGIP Dunaev Yuriy Vyacheslavovich
Thu Jun 27 07:36:50 20191688122.228.19.79CNHZZYKJ-WZ
Fri Jun 7 14:16:29 2019163481.22.45.191RUInformation Technologies LLC
Thu Jun 27 09:09:59 20191617185.153.196.80MDRU-RMENGINEERING-20160524
Thu Jun 27 06:53:17 20191607110.249.212.46CNUNICOM-HE
Fri Jun 7 14:00:39 2019159081.22.45.192RUInformation Technologies LLC
Fri Jun 7 14:01:50 2019157981.22.45.193RUInformation Technologies LLC
Tue Jan 29 12:56:58 2019153294.102.56.235SCQuasi Networks LTD.
Sat Jun 22 06:29:40 2019149581.22.45.219RUInformation Technologies LLC
Thu Jun 27 08:16:41 2019146481.22.45.239RUInformation Technologies LLC
Thu Apr 11 08:30:07 2019145892.63.196.17RUORG-OA984-RIPE
Sat Jun 8 21:57:24 2019144881.22.45.76RUInformation Technologies LLC
Tue May 28 14:19:10 20191444207.244.86.225USLeaseweb USA, Inc. (LU)
Thu Jun 27 10:41:51 2019141192.118.37.86EUDonner Oleg Alexeevich
Sun Jun 23 01:17:22 20191403185.176.27.42BGIP Dunaev Yuriy Vyacheslavovich
Thu Jun 27 10:13:39 2019138489.248.162.168NLORG-IVI1-RIPE
Wed Jun 26 17:27:43 2019137689.248.174.193NLORG-IVI1-RIPE
Thu Jun 27 10:03:30 20191310185.176.26.78BGIP Kirichenko Andrey Evgenievich
Sat Apr 27 23:42:22 20191307185.176.26.66BGIP Kirichenko Andrey Evgenievich
Tue Jun 25 19:01:25 2019128389.248.168.51NLORG-IVI1-RIPE
Wed Jun 26 02:10:45 20191280185.176.27.2BGIP Dunaev Yuriy Vyacheslavovich
Wed Jun 26 04:07:00 20191174185.176.27.186BGIP Dunaev Yuriy Vyacheslavovich
Wed Jun 26 09:06:19 201911525.39.221.54NLHOSTKEY-NET
Thu Jun 27 10:45:05 20191145185.176.26.18BGIP Kirichenko Andrey Evgenievich
Wed Jun 26 02:05:05 20191143185.216.140.6NLDEDI-NOVOGARA
Tue Jun 18 05:13:09 20191142185.176.27.242BGIP Dunaev Yuriy Vyacheslavovich
Wed May 15 11:54:18 20191100207.244.86.222USLeaseweb USA, Inc. (LU)
Fri Apr 5 06:41:49 20191065185.211.245.168RUteam-host-ru-highload-network
Tue Jun 25 21:48:07 20191058120.52.152.17CNCU-CDC
HitsSIDSignature
7033100077MISC MS Terminal Server communication attempt
5932100205MISC Microsoft SQL Server communication attempt
4915100063BACKDOOR RUX the Tick connection attempt
4110564P2P Napster Client Data communication attempt
3404486ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
2347100202MISC VNC communication attempt
23242375BACKDOOR DoomJuice file upload attempt
1924510POLICY HP JetDirect LCD communication attempt
1168100090P2P napster communication attempt
725100084MISC HP Web JetAdmin communication attempt
596100082MISC Microsoft PPTP communication attempt
448562P2P Napster Client Data communication attempt
443402ICMP Destination Unreachable Port Unreachable
364563P2P Napster Client Data communication attempt
3081846POLICY vncviewer Java applet communication attempt
258100028BACKDOOR netbus Connection Cttempt
2532181P2P BitTorrent communication attempt
178100073MISC PCAnywhere communication attempt
172100204MISC Radmin Default install options attempt
158100112DOS Real Audio Server communication attempt
1441408DOS MSDTC communication attempt
124568POLICY HP JetDirect LCD commnication attempt
101100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
93207BAD-TRAFFIC data in TCP SYN packet
89147BACKDOOR GateCrasher Connection attempt
791641DOS DB2 dos communication attempt
69119BACKDOOR Doly 2.0 Connection attempt
57208BACKDOOR PhaseZero Server Active on Network
492586P2P eDonkey transfer attempt
431987MISC xfs communication attempt
42561P2P Napster Client Data communication attempt
42100100FTP Yak! FTP server communication attempt
391605DOS iParty DOS attempt
351636MISC Xtramail communication attempt
292587P2P eDonkey communication attempt
28100044BACKDOOR NetSphere Connection attempt
271383P2P Fastrack kazaa/morpheus communication attempt
17505MISC Insecure TIMBUKTU communication attempt
16152BACKDOOR BackConstruction 2.1 connection attempt
14100038BACKDOOR - Dagger_1.4.0 Connection attempt
101421SNMP AgentX/tcp request
103016BACKDOOR Insane Network 4.0 connection established port 63536
10100064BACKDOOR Asylum 0.1 connection request
101985BACKDOOR Doly 1.5 Connection attempt
9599RPC portmap listing TCP 32771
8565P2P Napster Server Login communication attempt
8159BACKDOOR NetMetro File List connection attempt
82124BACKDOOR Remote PC Access connection attempt
6108BACKDOOR QAZ Worm Client Login access
61819MISC Alcatel PABX 4400 connection attempt
6100203MISC Ghostsurf communication attempt
5100040BACKDOOR Infector.1.x Connection attempt
5163BACKDOOR WinCrash 1.0 communication attempt
5100207BACKDOOR Subseven connection attempt
4100206PSAD-CUSTOM Kuang2 virus communication attempt
4100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
4282DOS arkiea backup communication attempt
3107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
21843BACKDOOR trinity connection attempt
2247DDOS mstream client to handler
1249DDOS mstream client to handler
1141BACKDOOR HackAttack 1.20 Connection attempt
1145BACKDOOR GirlFriend Connection attempt
1100083MISC LDAP communication attempt
1100007DDOS Trin00 Attacker to Master connection attempt
12182BACKDOOR typot trojan traffic
PortHits
2353968
254119371
229084
808821
80808455
33897224
816075
14336044
85455149
222224931
55554110
23233350
80893339
600012905
4432889
59002358
50382117
33061497
33901276
508021270
63791265
88881169
31281143
211072
251041
PortHits
3391995
8443958
2222910
9001907
9000893
9527884
5431882
8291857
8088781
3388756
3392753
27017752
8000726
7001691
8081670
3399657
1080651
3393645
9090644
3395637
5060628
3394624
8118604
1723598
9200597
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify