PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Tue Jan 22 17:50:31 2019.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Start TimeIP AddressPorts Targeted
Sat, Aug 24 06:10:12 PM92.246.76.48 8443
Sat, Aug 24 06:03:45 PM154.81.216.1 1433
Sat, Aug 24 06:02:22 PM221.229.174.229 1433
Sat, Aug 24 05:58:27 PM113.163.233.174 9000
Sat, Aug 24 05:53:10 PM220.134.162.54 9000
Sat, Aug 24 05:48:58 PM160.119.81.72 3389
Sat, Aug 24 05:35:41 PM185.142.236.34 9000
Sat, Aug 24 05:34:54 PM5.226.142.143 5555
Sat, Aug 24 05:29:07 PM113.238.187.32 9000
Sat, Aug 24 05:51:30 PM89.248.174.219 8080
Sat, Aug 24 05:27:21 PM198.108.66.181 25
Sat, Aug 24 05:17:05 PM141.98.80.128 1723
Sat, Aug 24 05:16:53 PM81.22.45.239 1433
Sat, Aug 24 04:59:17 PM139.162.121.251 3128
Sat, Aug 24 04:56:39 PM103.70.164.149 9000
Sat, Aug 24 04:53:31 PM104.152.52.24 2427
Sat, Aug 24 05:02:24 PM91.195.99.114 8080
Sat, Aug 24 04:26:59 PM88.202.190.144 50880
Sat, Aug 24 04:26:59 PM139.60.161.224 8443
Sat, Aug 24 04:25:48 PM110.52.29.204 5555
Last SeenHitsIP AddressCountryHosting Provider
Sat Aug 24 01:17:38 20192293185.143.221.187NLinformtech-select
Sat Aug 24 05:07:18 20191365185.209.0.18LVSIA "IT Services"
Sat Aug 24 18:09:43 201949181.22.45.76RUInformation Technologies LLC
Thu Aug 22 12:12:26 201947892.119.160.80RUInformation Technologies LLC
Sat Aug 24 18:04:44 2019341108.62.202.220USUbiquity Server Solutions Seattle (NTGL-5)
Fri Aug 23 08:13:39 201932846.161.27.87NLMEGA HOLDINGS LIMITED
Sat Aug 24 17:54:32 201917581.22.45.254RUInformation Technologies LLC
Sat Aug 24 15:58:36 2019115185.175.93.105RUIP CHistyakov Mihail Viktorovich
Sat Aug 24 17:47:42 2019111185.209.0.17LVSIA "IT Services"
Sat Aug 24 14:41:19 2019107185.153.196.80MDRU-RMENGINEERING-20160524
Sat Aug 24 17:19:55 2019105185.175.93.104RUIP CHistyakov Mihail Viktorovich
Sat Aug 24 17:17:11 201999185.209.0.143LVSIA "IT Services"
Sat Aug 24 13:03:17 201999109.252.93.79RUMGTS-PPPOE
Fri Aug 23 10:37:07 20199592.118.37.97EUDonner Oleg Alexeevich
Sat Aug 24 17:57:28 20199592.119.160.52RUInformation Technologies LLC
Sat Aug 24 18:12:15 201994122.228.19.80CNHZZYKJ-WZ
Sat Aug 24 17:06:37 20199292.119.160.143RUInformation Technologies LLC
Sat Aug 24 16:58:01 20199189.248.172.85NLORG-IVI1-RIPE
Sat Aug 24 17:53:10 201984185.216.140.252NLDEDI-NOVOGARA
Sat Aug 24 15:09:17 20198394.102.56.181NLORG-IVI1-RIPE
Sat Aug 24 17:20:07 20198189.248.160.193NLORG-IVI1-RIPE
Thu Aug 22 21:28:46 20198089.248.162.247NLORG-IVI1-RIPE
Sat Aug 24 17:10:26 20197880.82.70.239NLORG-IVI1-RIPE
Sat Aug 24 18:04:32 201978193.106.29.106UAORG-IU17-RIPE
Sat Aug 24 05:17:00 20197789.248.174.201NLORG-IVI1-RIPE
Sat Aug 24 17:28:50 20197589.248.168.202NLORG-IVI1-RIPE
Thu Aug 22 21:33:03 20197489.248.172.196NLORG-IVI1-RIPE
Sat Aug 24 17:32:38 201973185.216.140.27NLDEDI-NOVOGARA
Sat Aug 24 17:16:53 20197081.22.45.239RUInformation Technologies LLC
Sat Aug 24 16:53:31 201968104.152.52.24USRethem Hosting LLC (RHL-18)
Sat Aug 24 15:35:11 201967185.153.196.191MDRU-RMENGINEERING-20160524
Sat Aug 24 15:39:28 201964185.56.81.7SCSC-DATASHIELD-20140501
Sat Aug 24 17:55:54 201963185.175.93.78RUIP CHistyakov Mihail Viktorovich
Sat Aug 24 13:37:55 20196281.22.45.252RUInformation Technologies LLC
Fri Aug 23 09:27:54 20196189.248.162.168NLORG-IVI1-RIPE
Sat Aug 24 16:59:46 20195692.118.37.86EUDonner Oleg Alexeevich
Sat Aug 24 13:49:03 20195681.22.45.219RUInformation Technologies LLC
Sat Aug 24 06:03:09 20195081.22.45.29RUInformation Technologies LLC
Sat Aug 24 06:03:50 20194981.22.45.165RUInformation Technologies LLC
Sat Aug 24 16:56:15 20194837.49.231.104NLCLOUD STAR HOSTING SERVICES
Sat Aug 24 15:50:01 20194780.82.64.127NLORG-IVI1-RIPE
Sat Aug 24 09:17:17 20194781.22.45.148RUInformation Technologies LLC
Sat Aug 24 16:07:01 201946185.175.93.18RUIP CHistyakov Mihail Viktorovich
Sat Aug 24 08:22:04 20194481.22.45.150RUInformation Technologies LLC
Sat Aug 24 17:53:34 20194337.49.231.130NLCLOUD STAR HOSTING SERVICES
Sat Aug 24 11:16:28 201943218.75.40.149CNHANGZHOU-YUNHAI-NETBAR
Thu Aug 22 07:11:31 2019405.188.86.114NLChannelnet LTD.
Sat Aug 24 14:24:01 20193894.102.53.10NLORG-IVI1-RIPE
Sat Aug 24 17:46:02 20193881.22.45.202RUInformation Technologies LLC
Sat Aug 24 16:09:16 201937134.209.208.112USDigitalOcean, LLC (DO-13)
HitsSIDSignature
9725100077MISC MS Terminal Server communication attempt
7054100205MISC Microsoft SQL Server communication attempt
6207100063BACKDOOR RUX the Tick connection attempt
5946564P2P Napster Client Data communication attempt
3447486ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
32632375BACKDOOR DoomJuice file upload attempt
3177100202MISC VNC communication attempt
2369510POLICY HP JetDirect LCD communication attempt
1472100090P2P napster communication attempt
1116100082MISC Microsoft PPTP communication attempt
949100084MISC HP Web JetAdmin communication attempt
604402ICMP Destination Unreachable Port Unreachable
601562P2P Napster Client Data communication attempt
492563P2P Napster Client Data communication attempt
3991846POLICY vncviewer Java applet communication attempt
348100028BACKDOOR netbus Connection Cttempt
3182181P2P BitTorrent communication attempt
246100073MISC PCAnywhere communication attempt
228100112DOS Real Audio Server communication attempt
223100204MISC Radmin Default install options attempt
1891408DOS MSDTC communication attempt
173568POLICY HP JetDirect LCD commnication attempt
141100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
120147BACKDOOR GateCrasher Connection attempt
1121641DOS DB2 dos communication attempt
96119BACKDOOR Doly 2.0 Connection attempt
93207BAD-TRAFFIC data in TCP SYN packet
751987MISC xfs communication attempt
73208BACKDOOR PhaseZero Server Active on Network
68100100FTP Yak! FTP server communication attempt
672586P2P eDonkey transfer attempt
58561P2P Napster Client Data communication attempt
551605DOS iParty DOS attempt
411636MISC Xtramail communication attempt
402587P2P eDonkey communication attempt
37100044BACKDOOR NetSphere Connection attempt
311383P2P Fastrack kazaa/morpheus communication attempt
23152BACKDOOR BackConstruction 2.1 connection attempt
19100038BACKDOOR - Dagger_1.4.0 Connection attempt
19505MISC Insecure TIMBUKTU communication attempt
16159BACKDOOR NetMetro File List connection attempt
161985BACKDOOR Doly 1.5 Connection attempt
15565P2P Napster Server Login communication attempt
131421SNMP AgentX/tcp request
122124BACKDOOR Remote PC Access connection attempt
11599RPC portmap listing TCP 32771
11100064BACKDOOR Asylum 0.1 connection request
101819MISC Alcatel PABX 4400 connection attempt
103016BACKDOOR Insane Network 4.0 connection established port 63536
9108BACKDOOR QAZ Worm Client Login access
8100203MISC Ghostsurf communication attempt
8100040BACKDOOR Infector.1.x Connection attempt
8163BACKDOOR WinCrash 1.0 communication attempt
5100207BACKDOOR Subseven connection attempt
5100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
5282DOS arkiea backup communication attempt
4100083MISC LDAP communication attempt
4100206PSAD-CUSTOM Kuang2 virus communication attempt
3107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
21843BACKDOOR trinity connection attempt
2141BACKDOOR HackAttack 1.20 Connection attempt
22182BACKDOOR typot trojan traffic
2247DDOS mstream client to handler
2145BACKDOOR GirlFriend Connection attempt
1100007DDOS Trin00 Attacker to Master connection attempt
1249DDOS mstream client to handler
11853BACKDOOR win-trin00 connection attempt
1230DDOS shaft client login to handler connection attempt
1153BACKDOOR DonaldDick 1.53 connection attempt
PortHits
2374524
2213547
808011745
8011731
2541110172
338910009
818610
85457440
14337198
80896256
222226226
55555948
23235276
600014857
4433947
59003200
50383063
508022042
33062032
82911952
80881837
33901717
63791713
95271668
88881473
PortHits
31281437
211429
251351
84431347
33911311
54311253
22221236
90001195
17231118
33881010
90011004
3392971
27017970
8000950
8081929
7001891
1080871
9090869
9200867
3393855
3395850
3399849
11211825
5060822
3394815
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify