PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Mon Aug 3 00:30:15 2020.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Last Attacks  |  Top Attackers  |  Top Signatures  |  Top Ports
Last SeenFirst SeenIP AddressCountryPorts Targeted
Tue Nov 24 04:00:26 2020Tue Aug 4 02:05:16 2020 184.105.139.92 US4369
Tue Nov 24 03:41:36 2020Tue Nov 24 03:41:35 2020 190.95.210.227 EC3389
Tue Nov 24 03:39:18 2020Mon Aug 3 03:34:22 2020 193.93.62.61 LV7700
Tue Nov 24 03:23:10 2020Wed Aug 5 15:09:20 2020 184.105.139.91 US5555
Tue Nov 24 03:18:17 2020Mon Nov 23 09:13:32 2020 172.104.213.182 US6379
Tue Nov 24 03:13:46 2020Thu Aug 27 01:45:09 2020 122.228.19.80 CN22222
Tue Nov 24 03:13:09 2020Mon Aug 3 14:46:29 2020 185.153.196.126 MD3389
Tue Nov 24 03:05:06 2020Tue Aug 4 15:45:14 2020 192.241.222.11 US27017
Tue Nov 24 02:49:47 2020Tue Nov 24 02:49:33 2020 182.59.223.86 IN5555
Tue Nov 24 02:48:56 2020Wed Aug 26 12:49:42 2020 141.98.82.19 PA3369-3399
Tue Nov 24 02:43:38 2020Sun Nov 22 11:34:18 2020 194.26.25.126 RU5401
Tue Nov 24 02:40:27 2020Sat Oct 3 02:56:59 2020 123.162.182.243 CN1433
Tue Nov 24 02:30:33 2020Tue Nov 17 15:18:56 2020 117.50.5.37 CN38
Tue Nov 24 02:28:31 2020Sat Aug 8 07:56:33 2020 117.50.101.117 CN11211
Tue Nov 24 02:21:30 2020Tue Nov 24 02:21:22 2020 120.131.6.210 CN1433
Tue Nov 24 02:19:38 2020Tue Nov 24 02:19:15 2020 27.3.88.52 vn5555
Tue Nov 24 02:13:20 2020Mon Aug 3 01:44:56 2020 195.54.160.228 RU50000
Tue Nov 24 02:03:36 2020Sun Oct 25 10:18:25 2020 202.84.32.140 BD1433
Tue Nov 24 02:00:28 2020Fri Nov 20 09:34:22 2020 192.241.236.106 US2049
Tue Nov 24 01:57:04 2020Mon Aug 3 15:20:15 2020 196.52.43.51 US9002
Last SeenHitsIP AddressCountryHosting Provider
Tue Nov 24 04:04:58 202011788193.27.229.94RURU-HOSTWAY-20191218
Tue Nov 24 04:04:39 202011720193.27.229.93RURU-HOSTWAY-20191218
Thu Aug 27 21:38:23 202011487194.26.29.104RURU-MEDIA-LAND-2-20191120
Thu Aug 27 21:34:35 202011304194.26.29.102RURU-MEDIA-LAND-2-20191120
Tue Nov 24 03:50:39 2020918845.129.33.41EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:47:02 2020836045.129.33.24EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:40:01 2020818745.129.33.12EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:43:02 2020815445.129.33.13EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 04:02:17 2020805845.129.33.10EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:36:20 2020802245.129.33.9EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:35:48 2020785245.129.33.8EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:26:57 2020784345.129.33.15EUMaximilian Kutzner trading as HostSlick
Mon Nov 23 15:07:57 2020771645.129.33.60EUMaximilian Kutzner trading as HostSlick
Wed Oct 21 11:03:31 20207550194.26.25.114RURU-MEDIA-LAND-2-20191120
Sun Nov 15 20:19:34 20206819103.125.190.215VNHYPERNET-VN
Mon Nov 23 18:07:02 2020668945.129.33.43EUMaximilian Kutzner trading as HostSlick
Fri Oct 30 03:14:53 20206687193.27.228.172RURU-HOSTWAY-20191218
Sun Nov 22 09:03:59 2020644545.129.33.48EUMaximilian Kutzner trading as HostSlick
Wed Nov 18 09:33:10 20206340193.27.228.153RURU-HOSTWAY-20191218
Tue Nov 24 04:01:34 2020626645.129.33.5EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:58:16 2020615445.129.33.57EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:57:51 2020612945.129.33.84EUMaximilian Kutzner trading as HostSlick
Sun Nov 22 02:53:47 2020609983.97.20.35ROOvO Systems Ltd
Tue Nov 24 03:00:57 2020591945.129.33.82EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:49:01 2020531145.129.33.129EUMaximilian Kutzner trading as HostSlick
Fri Aug 7 22:11:51 2020519645.145.67.14RURU-HOSTWAY-20200514
Tue Nov 24 03:47:14 2020504745.129.33.153EUMaximilian Kutzner trading as HostSlick
Mon Nov 23 08:14:35 2020495845.129.33.47EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:55:59 2020477345.129.33.6EUMaximilian Kutzner trading as HostSlick
Mon Nov 23 23:56:47 2020469445.129.33.59EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:31:18 20204644193.27.229.47RURU-HOSTWAY-20191218
Sun Nov 22 08:11:07 20204536193.27.229.207RURU-HOSTWAY-20191218
Tue Nov 24 00:54:38 2020448194.102.51.17NLORG-IVI1-RIPE
Mon Sep 21 05:22:18 2020445545.145.66.96RURU-HOSTWAY-20200514
Tue Nov 24 04:00:00 20204334195.54.160.228RURU-HOSTWAY-20191220
Mon Nov 23 23:29:59 2020429645.129.33.156EUMaximilian Kutzner trading as HostSlick
Mon Nov 2 22:48:06 2020426294.102.57.152NLORG-IVI1-RIPE
Mon Nov 2 22:59:24 2020425794.102.57.179NLORG-IVI1-RIPE
Mon Nov 2 21:50:04 2020423994.102.57.172NLORG-IVI1-RIPE
Tue Nov 3 01:53:02 2020423580.82.78.188NLORG-IVI1-RIPE
Mon Nov 2 22:20:57 2020422193.174.93.26NLORG-IVI1-RIPE
Mon Nov 2 22:47:05 2020421694.102.57.180NLORG-IVI1-RIPE
Tue Nov 24 03:28:19 2020420745.129.33.49EUMaximilian Kutzner trading as HostSlick
Mon Nov 2 22:45:45 2020417794.102.57.153NLORG-IVI1-RIPE
Mon Nov 2 22:18:37 2020417594.102.57.136NLORG-IVI1-RIPE
Mon Nov 23 10:47:36 2020410145.129.33.14EUMaximilian Kutzner trading as HostSlick
Tue Nov 24 03:17:02 20204059193.93.62.58LVSIA "IT Services"
Tue Nov 24 03:43:08 20204042193.93.62.61LVSIA "IT Services"
Sat Nov 21 16:14:21 20204017194.26.27.104RURU-MEDIA-LAND-2-20191120
Mon Sep 21 06:44:23 20204007185.176.27.26BGIP Dunaev Yuriy Vyacheslavovich
HitsSIDSignature
23133100205MISC Microsoft SQL Server communication attempt
11999100077MISC MS Terminal Server communication attempt
7224564P2P Napster Client Data communication attempt
56872375BACKDOOR DoomJuice file upload attempt
2520100202MISC VNC communication attempt
2272562P2P Napster Client Data communication attempt
2264510POLICY HP JetDirect LCD communication attempt
1809100090P2P napster communication attempt
1446100084MISC HP Web JetAdmin communication attempt
1441100082MISC Microsoft PPTP communication attempt
820563P2P Napster Client Data communication attempt
6191846POLICY vncviewer Java applet communication attempt
597100063BACKDOOR RUX the Tick connection attempt
521100028BACKDOOR netbus Connection Cttempt
400100204MISC Radmin Default install options attempt
3752181P2P BitTorrent communication attempt
334100073MISC PCAnywhere communication attempt
316568POLICY HP JetDirect LCD commnication attempt
2961408DOS MSDTC communication attempt
266147BACKDOOR GateCrasher Connection attempt
239100112DOS Real Audio Server communication attempt
2211641DOS DB2 dos communication attempt
220561P2P Napster Client Data communication attempt
203100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
192119BACKDOOR Doly 2.0 Connection attempt
188100100FTP Yak! FTP server communication attempt
1571605DOS iParty DOS attempt
1322586P2P eDonkey transfer attempt
130208BACKDOOR PhaseZero Server Active on Network
981987MISC xfs communication attempt
76152BACKDOOR BackConstruction 2.1 connection attempt
69100044BACKDOOR NetSphere Connection attempt
692587P2P eDonkey communication attempt
67100038BACKDOOR - Dagger_1.4.0 Connection attempt
641636MISC Xtramail communication attempt
501383P2P Fastrack kazaa/morpheus communication attempt
48565P2P Napster Server Login communication attempt
471985BACKDOOR Doly 1.5 Connection attempt
38159BACKDOOR NetMetro File List connection attempt
34100040BACKDOOR Infector.1.x Connection attempt
28107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
27599RPC portmap listing TCP 32771
262124BACKDOOR Remote PC Access connection attempt
24100206PSAD-CUSTOM Kuang2 virus communication attempt
24100083MISC LDAP communication attempt
231421SNMP AgentX/tcp request
221819MISC Alcatel PABX 4400 connection attempt
22100203MISC Ghostsurf communication attempt
22108BACKDOOR QAZ Worm Client Login access
22163BACKDOOR WinCrash 1.0 communication attempt
21505MISC Insecure TIMBUKTU communication attempt
18100064BACKDOOR Asylum 0.1 connection request
17282DOS arkiea backup communication attempt
14100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
14247DDOS mstream client to handler
131843BACKDOOR trinity connection attempt
12249DDOS mstream client to handler
11100007DDOS Trin00 Attacker to Master connection attempt
11153BACKDOOR DonaldDick 1.53 connection attempt
10145BACKDOOR GirlFriend Connection attempt
9100207BACKDOOR Subseven connection attempt
9207BAD-TRAFFIC data in TCP SYN packet
9141BACKDOOR HackAttack 1.20 Connection attempt
13016BACKDOOR Insane Network 4.0 connection established port 63536
1613SCAN myscan
PortHits
2370359
143323476
2219034
8014975
338912177
808011497
4439400
55557226
816420
84435795
80895746
85455570
63793345
23233146
50383074
33902616
80812587
59002540
95302501
77772272
23752178
82912156
92002154
211938
112111912
PortHits
31281904
33061895
33911865
80881825
88881812
514131683
33881678
270171673
54321559
45671550
50601524
33921478
80001446
17231441
22221365
600011263
90001263
508021253
50001246
33931244
333891208
33991180
30001153
33951111
881107
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify