PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Mon Aug 3 00:30:15 2020.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Last SeenFirst SeenIP AddressCountryPorts Targeted
Sun Mar 7 21:51:24 2021Sun Mar 7 16:30:47 2021 23.146.241.10 US80
Sun Mar 7 21:50:40 2021Wed Feb 10 14:20:08 2021 193.35.154.106 TR1433
Sun Mar 7 21:49:56 2021Sat Mar 6 09:30:12 2021 195.88.208.125 RU8443
Sun Mar 7 21:49:11 2021Mon Mar 1 03:34:01 2021 192.241.227.50 US2375
Sun Mar 7 21:46:24 2021Thu Mar 4 12:20:21 2021 115.95.231.66 KR23
Sun Mar 7 21:45:39 2021Thu Feb 4 10:03:23 2021 2.57.122.97 NL5555
Sun Mar 7 21:37:55 2021Sun Mar 7 21:37:33 2021 142.93.150.18 US12346
Sun Mar 7 21:32:09 2021Sun Jan 17 08:05:13 2021 185.153.197.146 MD5959
Sun Mar 7 21:31:33 2021Sun Mar 7 21:31:03 2021 118.130.187.45 KR1433
Sun Mar 7 21:27:25 2021Sun Mar 7 21:27:17 2021 101.200.138.79 CN1433
Sun Mar 7 21:24:32 2021Wed Aug 5 13:11:10 2020 139.162.77.6 NL3389
Sun Mar 7 21:13:18 2021Fri Feb 26 19:03:54 2021 114.80.246.245 CN1433
Sun Mar 7 20:56:35 2021Tue Sep 1 07:24:35 2020 162.142.125.29 US9000
Sun Mar 7 20:51:45 2021Sun Mar 7 20:51:36 2021 202.97.174.4 CN1433
Sun Mar 7 20:51:15 2021Mon Mar 1 08:58:53 2021 209.141.46.206 US5555
Sun Mar 7 20:47:31 2021Sat Jan 2 23:11:15 2021 189.57.157.50 BR1433
Sun Mar 7 20:43:09 2021Fri Feb 26 23:13:05 2021 192.241.221.82 US7070
Sun Mar 7 20:30:44 2021Sun Nov 22 19:52:21 2020 185.193.91.250 NL3361
Sun Mar 7 20:19:35 2021Thu Aug 6 12:22:17 2020 185.200.118.88 GB1723
Sun Mar 7 20:18:23 2021Mon Sep 14 17:12:44 2020 167.248.133.71 US3150
Last SeenHitsIP AddressCountryHosting Provider
Thu Jan 7 21:53:03 202129919193.27.229.94RUStarcrecium Limited
Thu Jan 7 21:48:45 202129705193.27.229.93RUStarcrecium Limited
Sun Mar 7 21:54:47 202120383194.147.140.83SCLeading Mechanical Industry PJS
Wed Jan 27 06:13:48 20211644445.146.166.126RUStarcrecium Limited
Wed Jan 27 11:44:19 20211633345.146.166.127RUStarcrecium Limited
Wed Jan 27 14:42:19 20211626545.134.26.169RUStarcrecium Limited
Wed Jan 27 15:26:51 20211601145.146.165.128RUStarcrecium Limited
Wed Jan 27 19:16:56 20211490445.146.166.162RUStarcrecium Limited
Thu Jan 7 18:19:49 20211273645.129.33.41EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:56:59 20211264845.129.33.24EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:46:38 20211240845.129.33.12EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:23:56 20211238745.129.33.13EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:24:24 20211218545.129.33.9EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:19:15 20211214845.129.33.10EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:17:19 20211204445.129.33.8EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:26:21 20211193845.129.33.15EUMaximilian Kutzner trading as HostSlick
Wed Jan 13 02:19:21 20211170545.129.33.60EUMaximilian Kutzner trading as HostSlick
Thu Aug 27 21:38:23 202011487194.26.29.104RURU-MEDIA-LAND-2-20191120
Thu Aug 27 21:34:35 202011304194.26.29.102RURU-MEDIA-LAND-2-20191120
Wed Jan 20 08:02:09 20211087151.77.86.185DESD-LIM-113A-10G-HG
Tue Feb 23 18:58:43 20211061594.102.51.17NLORG-IVI1-RIPE
Wed Jan 13 04:01:11 20211053145.129.33.43EUMaximilian Kutzner trading as HostSlick
Wed Jan 13 03:03:35 20211047545.129.33.57EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:06:55 20211029845.129.33.84EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 06:27:17 20211004445.129.33.82EUMaximilian Kutzner trading as HostSlick
Tue Jan 12 05:53:52 2021969445.129.33.129EUMaximilian Kutzner trading as HostSlick
Fri Feb 5 04:42:59 2021931292.63.197.18UAIP Kiktev Nikolay Vladimirovich
Mon Dec 21 17:49:43 2020923351.161.14.102EUNON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
Sun Mar 7 20:30:44 2021900645.155.205.34RUStarcrecium Limited
Tue Jan 12 06:22:27 2021892345.129.33.6EUMaximilian Kutzner trading as HostSlick
Wed Feb 10 10:06:04 2021884683.97.20.35ROOvO Systems Ltd
Sun Mar 7 21:37:33 2021852945.155.205.31RUStarcrecium Limited
Wed Jan 13 02:42:47 2021850045.129.33.48EUMaximilian Kutzner trading as HostSlick
Sun Mar 7 21:24:32 2021833345.155.205.32RUStarcrecium Limited
Sun Mar 7 21:38:46 2021821680.82.78.82NLORG-IVI1-RIPE
Tue Feb 9 13:26:08 2021821292.63.197.16UAIP Kiktev Nikolay Vladimirovich
Tue Jan 12 05:49:31 2021818145.129.33.5EUMaximilian Kutzner trading as HostSlick
Sun Mar 7 21:33:00 20218126141.98.80.242EUCLOUD-CDN-NET
Sun Mar 7 21:28:39 2021805745.155.205.33RUStarcrecium Limited
Sun Mar 7 20:05:44 20217757195.54.160.155RUStarcrecium Limited
Sun Mar 7 21:53:06 2021769245.135.232.23RUStarcrecium Limited
Tue Mar 2 22:15:41 20217677194.26.27.101RURU-MEDIA-LAND-2-20191120
Wed Oct 21 11:03:31 20207550194.26.25.114RURU-MEDIA-LAND-2-20191120
Tue Feb 16 07:44:55 2021739892.63.197.21UAIP Kiktev Nikolay Vladimirovich
Sun Mar 7 21:44:56 20217312195.54.160.228RUStarcrecium Limited
Sun Mar 7 21:46:23 2021710245.135.232.22RUStarcrecium Limited
Wed Feb 24 16:57:20 2021696789.248.160.139NLORG-IVI1-RIPE
Sun Mar 7 21:23:41 2021695245.135.232.21RUStarcrecium Limited
Sun Mar 7 21:35:17 20216896185.156.73.57NLIP Kiktev Nikolay Vladimirovich
Sat Dec 12 01:14:22 2020686845.129.33.153EUMaximilian Kutzner trading as HostSlick
HitsSIDSignature
40470100205MISC Microsoft SQL Server communication attempt
20958100077MISC MS Terminal Server communication attempt
124522375BACKDOOR DoomJuice file upload attempt
12212564P2P Napster Client Data communication attempt
4942510POLICY HP JetDirect LCD communication attempt
4392100202MISC VNC communication attempt
3583100090P2P napster communication attempt
3160562P2P Napster Client Data communication attempt
3023100084MISC HP Web JetAdmin communication attempt
2856100082MISC Microsoft PPTP communication attempt
1474563P2P Napster Client Data communication attempt
11591846POLICY vncviewer Java applet communication attempt
1060100063BACKDOOR RUX the Tick connection attempt
952100028BACKDOOR netbus Connection Cttempt
8662181P2P BitTorrent communication attempt
839100204MISC Radmin Default install options attempt
676100073MISC PCAnywhere communication attempt
5941408DOS MSDTC communication attempt
589568POLICY HP JetDirect LCD commnication attempt
507561P2P Napster Client Data communication attempt
493100112DOS Real Audio Server communication attempt
4581641DOS DB2 dos communication attempt
440147BACKDOOR GateCrasher Connection attempt
437100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
375119BACKDOOR Doly 2.0 Connection attempt
358100100FTP Yak! FTP server communication attempt
3242586P2P eDonkey transfer attempt
3121605DOS iParty DOS attempt
247208BACKDOOR PhaseZero Server Active on Network
2081987MISC xfs communication attempt
169100044BACKDOOR NetSphere Connection attempt
157100038BACKDOOR - Dagger_1.4.0 Connection attempt
153152BACKDOOR BackConstruction 2.1 connection attempt
1432587P2P eDonkey communication attempt
1281636MISC Xtramail communication attempt
121565P2P Napster Server Login communication attempt
1081383P2P Fastrack kazaa/morpheus communication attempt
1041985BACKDOOR Doly 1.5 Connection attempt
90159BACKDOOR NetMetro File List connection attempt
81100040BACKDOOR Infector.1.x Connection attempt
65505MISC Insecure TIMBUKTU communication attempt
62100203MISC Ghostsurf communication attempt
611421SNMP AgentX/tcp request
56163BACKDOOR WinCrash 1.0 communication attempt
55108BACKDOOR QAZ Worm Client Login access
53599RPC portmap listing TCP 32771
521819MISC Alcatel PABX 4400 connection attempt
51100083MISC LDAP communication attempt
502124BACKDOOR Remote PC Access connection attempt
48282DOS arkiea backup communication attempt
39107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
35100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
34100206PSAD-CUSTOM Kuang2 virus communication attempt
33247DDOS mstream client to handler
28100064BACKDOOR Asylum 0.1 connection request
271843BACKDOOR trinity connection attempt
24153BACKDOOR DonaldDick 1.53 connection attempt
23249DDOS mstream client to handler
22145BACKDOOR GirlFriend Connection attempt
22100207BACKDOOR Subseven connection attempt
20141BACKDOOR HackAttack 1.20 Connection attempt
17100007DDOS Trin00 Attacker to Master connection attempt
10207BAD-TRAFFIC data in TCP SYN packet
83016BACKDOOR Insane Network 4.0 connection established port 63536
2230DDOS shaft client login to handler connection attempt
1613SCAN myscan
PortHits
23111394
143341072
2235634
8028426
808021814
338921280
44320771
8112275
555512214
844311450
808910303
85458379
63798119
50385824
23235455
80815026
33904560
59004446
23754130
33064063
92004043
112113964
82913760
213638
88883587
PortHits
31283537
80883355
33913307
54323161
77773160
80003025
508023006
262916
270172902
33882879
17232856
90002760
95302745
50602668
33922645
22222517
600012400
45672397
70012367
50002289
23762274
33932219
99992123
30002118
33992109
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify