PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Mon Aug 3 00:30:15 2020.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Last SeenFirst SeenIP AddressCountryPorts Targeted
Wed Dec 1 04:24:46 2021Wed Dec 1 04:04:06 2021 2.57.122.25 NL3000-12443
Wed Dec 1 04:24:24 2021Tue Sep 21 02:34:10 2021 27.115.124.43 CN443
Wed Dec 1 04:24:16 2021Thu Nov 18 16:02:10 2021 139.196.205.243 AU2375
Wed Dec 1 04:24:16 2021Wed Sep 15 17:12:44 2021 27.115.124.106 CN443
Wed Dec 1 04:24:08 2021Fri Oct 15 01:57:15 2021 45.134.26.232 RU20680
Wed Dec 1 04:24:00 2021Mon Aug 3 03:25:39 2020 208.100.26.228 US3269
Wed Dec 1 04:24:00 2021Tue Apr 6 21:47:54 2021 193.27.228.61 RU5651
Wed Dec 1 04:23:45 2021Fri Oct 15 02:05:53 2021 45.146.166.118 RU24701
Wed Dec 1 04:23:45 2021Fri May 14 12:47:24 2021 89.248.165.59 NL5599
Wed Dec 1 04:23:37 2021Fri Aug 21 04:17:43 2020 162.142.125.20 US50805
Wed Dec 1 04:23:37 2021Fri Oct 15 02:41:01 2021 45.146.166.121 RU23700
Wed Dec 1 04:23:14 2021Thu Jul 22 05:31:14 2021 209.141.49.233 US2000
Wed Dec 1 04:23:13 2021Fri Jun 18 22:55:13 2021 89.248.165.247 NL26904
Wed Dec 1 04:22:21 2021Sun Nov 7 09:23:43 2021 89.248.165.248 NL8080
Wed Dec 1 04:22:21 2021Mon Nov 29 12:32:57 2021 45.155.205.166 RU8181
Wed Dec 1 04:22:05 2021Sun Aug 15 09:52:06 2021 80.82.65.247 NL57373
Wed Dec 1 04:22:05 2021Sat Apr 10 12:54:35 2021 89.248.165.201 NL3399
Wed Dec 1 04:21:28 2021Thu Aug 5 06:30:25 2021 89.248.165.89 NL35048
Wed Dec 1 04:21:20 2021Tue Aug 4 09:29:24 2020 192.35.168.20 US2323
Wed Dec 1 04:20:57 2021Mon Jun 21 18:39:04 2021 47.102.148.26 AU2376
Last SeenHitsIP AddressCountryHosting Provider
Wed Dec 1 04:23:13 202114132089.248.165.247NLORG-IVI1-RIPE
Tue Nov 16 08:33:56 202187142185.156.73.17NLOOO SibirInvest
Fri Nov 5 11:37:52 202181348185.191.34.90RUIT Resheniya LLC
Wed Dec 1 01:15:59 20214891789.248.165.48NLORG-IVI1-RIPE
Tue Nov 30 23:57:30 20214033894.232.45.4RUDmitriy Panchenko
Sat Nov 27 05:45:07 20213981945.143.203.3EUTOV VAIZ PARTNER
Sat Nov 27 07:22:29 202137590185.156.73.63NLOOO SibirInvest
Sat Mar 13 06:18:50 202130613194.147.140.83SCLeading Mechanical Industry PJS
Thu Jan 7 21:53:03 202129919193.27.229.94RUStarcrecium Limited
Thu Jan 7 21:48:45 202129705193.27.229.93RUStarcrecium Limited
Thu May 20 17:40:41 20212647345.155.205.31RUStarcrecium Limited
Mon Oct 25 17:15:44 20212444689.248.165.94NLORG-IVI1-RIPE
Sat Nov 27 13:25:28 20212149045.143.200.6BGKorotkij Denis Aleksandrovich
Mon May 10 15:00:49 20211942745.155.205.34RUStarcrecium Limited
Mon Sep 6 02:40:35 20211911445.155.204.193RUStarcrecium Limited
Sat Nov 27 12:34:34 20211826492.63.197.74UAOOO SibirInvest
Fri Jul 30 19:14:11 202117306185.191.34.246RUStarcrecium Limited
Wed Jan 27 06:13:48 20211644445.146.166.126RUStarcrecium Limited
Wed Jan 27 11:44:19 20211633345.146.166.127RUStarcrecium Limited
Wed Jan 27 14:42:19 20211626545.134.26.169RUStarcrecium Limited
Wed Jan 27 15:26:51 20211601145.146.165.128RUStarcrecium Limited
Wed Oct 27 08:51:03 202115975193.27.228.101RUIT Resheniya LLC
Mon Nov 29 15:48:58 202115454185.156.73.109NLOOO SibirInvest
Wed Jan 27 19:16:56 20211490445.146.166.162RUStarcrecium Limited
Thu Oct 7 09:41:03 20211454694.232.45.44RUDmitriy Panchenko
Fri Oct 8 01:36:12 202114222185.156.73.111NLIP Kiktev Nikolay Vladimirovich
Wed Dec 1 03:49:24 20211402092.63.197.55UAOOO SibirInvest
Sun Nov 21 00:44:55 20211363294.232.46.40RUDmitriy Panchenko
Tue Jul 13 04:20:00 20211310992.63.197.101UAIP Kiktev Nikolay Vladimirovich
Sat Nov 27 09:23:58 20211299045.143.200.46BGKorotkij Denis Aleksandrovich
Sun Jul 11 22:01:54 202112921185.156.73.114NLIP Kiktev Nikolay Vladimirovich
Thu Jan 7 18:19:49 20211273645.129.33.41EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:56:59 20211264845.129.33.24EUMaximilian Kutzner trading as HostSlick
Tue Nov 23 10:37:08 202112632185.156.73.107NLOOO SibirInvest
Mon Nov 29 21:28:30 20211262489.248.165.119NLORG-IVI1-RIPE
Tue Aug 31 11:37:18 202112409185.156.73.104NLIP Kiktev Nikolay Vladimirovich
Tue Jan 12 05:46:38 20211240845.129.33.12EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:23:56 20211238745.129.33.13EUMaximilian Kutzner trading as HostSlick
Wed Dec 1 04:08:07 20211232545.145.67.74RUIT Resheniya LLC
Tue Nov 30 18:55:59 20211224089.248.165.210NLORG-IVI1-RIPE
Tue Jan 12 06:24:24 20211218545.129.33.9EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:19:15 20211214845.129.33.10EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:17:19 20211204445.129.33.8EUMaximilian Kutzner trading as HostSlick
Wed Dec 1 04:22:21 20211196089.248.165.248NLORG-IVI1-RIPE
Tue Jan 12 05:26:21 20211193845.129.33.15EUMaximilian Kutzner trading as HostSlick
Wed Jan 13 02:19:21 20211170545.129.33.60EUMaximilian Kutzner trading as HostSlick
Thu Aug 27 21:38:23 202011487194.26.29.104RURU-MEDIA-LAND-2-20191120
Sat Nov 20 03:16:24 20211136889.248.165.7NLORG-IVI1-RIPE
Thu Mar 18 07:06:33 202111322194.26.27.101RURU-MEDIA-LAND-2-20191120
Thu Aug 27 21:34:35 202011304194.26.29.102RURU-MEDIA-LAND-2-20191120
HitsSIDSignature
67298100205MISC Microsoft SQL Server communication attempt
44407100077MISC MS Terminal Server communication attempt
273812375BACKDOOR DoomJuice file upload attempt
27008564P2P Napster Client Data communication attempt
12504510POLICY HP JetDirect LCD communication attempt
10660100202MISC VNC communication attempt
8481100090P2P napster communication attempt
8303100084MISC HP Web JetAdmin communication attempt
6025100082MISC Microsoft PPTP communication attempt
5353562P2P Napster Client Data communication attempt
3308563P2P Napster Client Data communication attempt
26021846POLICY vncviewer Java applet communication attempt
2199100063BACKDOOR RUX the Tick connection attempt
2177100028BACKDOOR netbus Connection Cttempt
1989100204MISC Radmin Default install options attempt
19372181P2P BitTorrent communication attempt
1445100073MISC PCAnywhere communication attempt
1278568POLICY HP JetDirect LCD commnication attempt
11801408DOS MSDTC communication attempt
1153561P2P Napster Client Data communication attempt
1057100112DOS Real Audio Server communication attempt
1013100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
9371641DOS DB2 dos communication attempt
878147BACKDOOR GateCrasher Connection attempt
758119BACKDOOR Doly 2.0 Connection attempt
7141605DOS iParty DOS attempt
6332586P2P eDonkey transfer attempt
618100100FTP Yak! FTP server communication attempt
5031987MISC xfs communication attempt
499208BACKDOOR PhaseZero Server Active on Network
401152BACKDOOR BackConstruction 2.1 connection attempt
316100044BACKDOOR NetSphere Connection attempt
2972587P2P eDonkey communication attempt
272100038BACKDOOR - Dagger_1.4.0 Connection attempt
2651636MISC Xtramail communication attempt
250565P2P Napster Server Login communication attempt
2301985BACKDOOR Doly 1.5 Connection attempt
2071383P2P Fastrack kazaa/morpheus communication attempt
195159BACKDOOR NetMetro File List connection attempt
161505MISC Insecure TIMBUKTU communication attempt
144100040BACKDOOR Infector.1.x Connection attempt
1391421SNMP AgentX/tcp request
133599RPC portmap listing TCP 32771
133100203MISC Ghostsurf communication attempt
1301819MISC Alcatel PABX 4400 connection attempt
121163BACKDOOR WinCrash 1.0 communication attempt
121108BACKDOOR QAZ Worm Client Login access
1122124BACKDOOR Remote PC Access connection attempt
104282DOS arkiea backup communication attempt
99207BAD-TRAFFIC data in TCP SYN packet
89100083MISC LDAP communication attempt
68100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
65247DDOS mstream client to handler
65100064BACKDOOR Asylum 0.1 connection request
60107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
60100206PSAD-CUSTOM Kuang2 virus communication attempt
511843BACKDOOR trinity connection attempt
49249DDOS mstream client to handler
49153BACKDOOR DonaldDick 1.53 connection attempt
45145BACKDOOR GirlFriend Connection attempt
38100007DDOS Trin00 Attacker to Master connection attempt
38100207BACKDOOR Subseven connection attempt
37141BACKDOOR HackAttack 1.20 Connection attempt
273016BACKDOOR Insane Network 4.0 connection established port 63536
12230DDOS shaft client login to handler connection attempt
3613SCAN myscan
32182BACKDOOR typot trojan traffic
PortHits
23220702
637996392
2289859
808074073
143368308
8064834
844358348
44357032
338945164
8131580
555527014
237523435
237619101
808915381
854514860
503814230
829112093
808111345
232310889
590010758
920010270
104439856
33909233
508028521
88888491
PortHits
33068426
80008307
218246
112118006
31287970
372157701
54327499
90007056
87286903
80886898
270176862
33916453
22226272
17236027
600015971
265604
33885551
42005436
50605416
77775353
99995212
70015193
95305191
33925131
75474948
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify