PORT SCAN ATTACK DETECTOR (PSAD)

This page contains the output of the Port Scan Attack Detector (PSAD) daemon running on my home network.

These statistics have been tracked since Tue Jan 22 22:50:31 2019.  Read more here:  PSAD on Raspberry Pi

Click here to show the various live data being tracked:

Top Attackers  |  Top Signatures  |  Top Ports
Last SeenHitsIP AddressCountryHosting Provider
Fri Mar 29 21:36:38 201918125194.147.34.12RUORG-LB141-RIPE
Fri Mar 22 05:32:15 20196095176.57.71.239NLON-LINE DATA LTD
Wed May 22 09:31:03 20193534185.176.26.101BGIP Kirichenko Andrey Evgenievich
Wed May 22 10:44:44 20193519185.176.26.100BGIP Kirichenko Andrey Evgenievich
Sat Feb 9 01:09:04 2019335796.4.0.35??
Fri Mar 1 11:20:52 2019297446.161.27.159NLMEGA HOLDINGS LIMITED
Fri Feb 8 10:41:14 2019280877.72.82.22RUORG-NA225-RIPE
Wed May 22 09:44:19 20192060185.176.27.118BGIP Dunaev Yuriy Vyacheslavovich
Wed May 22 07:57:28 2019177089.248.174.3NLORG-IVI1-RIPE
Wed May 22 09:53:34 20191753185.208.209.6NLAccess2.IT Group B.V.
Wed May 22 10:35:57 20191752185.208.208.198NLAccess2.IT Group B.V.
Mon Feb 4 10:18:36 2019169980.211.185.78ITARUBA-NET
Thu May 2 02:44:34 20191621122.228.19.79CNHZZYKJ-WZ
Tue Jan 29 12:56:58 2019153294.102.56.235SCQuasi Networks LTD.
Thu Apr 11 08:30:07 2019145892.63.196.17RUORG-OA984-RIPE
Wed May 22 07:09:25 20191421185.176.27.6BGIP Dunaev Yuriy Vyacheslavovich
Wed May 22 10:46:11 2019140981.22.45.229RUInformation Technologies LLC
Wed May 22 09:36:26 2019138081.22.45.231RUInformation Technologies LLC
Wed May 22 10:41:33 2019137881.22.45.230RUInformation Technologies LLC
Wed May 22 08:22:51 2019135981.22.45.228RUInformation Technologies LLC
Wed May 22 10:24:07 2019131781.22.45.232RUInformation Technologies LLC
Sat Apr 27 23:42:22 20191307185.176.26.66BGIP Kirichenko Andrey Evgenievich
Wed May 22 02:25:46 2019130489.248.174.193NLORG-IVI1-RIPE
Wed May 22 10:29:14 2019126581.22.45.191RUInformation Technologies LLC
Wed May 22 06:52:52 2019124989.248.168.51NLORG-IVI1-RIPE
Wed May 22 10:44:27 2019124281.22.45.192RUInformation Technologies LLC
Wed May 22 04:40:27 20191234110.249.212.46CNUNICOM-HE
Wed May 22 06:11:57 20191220185.176.27.246BGIP Dunaev Yuriy Vyacheslavovich
Wed May 22 08:42:39 2019121981.22.45.193RUInformation Technologies LLC
Wed May 22 10:00:26 20191172185.176.27.42BGIP Dunaev Yuriy Vyacheslavovich
Wed May 22 08:33:54 20191107185.176.26.105BGIP Kirichenko Andrey Evgenievich
Thu May 9 08:52:53 20191106185.176.26.78BGIP Kirichenko Andrey Evgenievich
Wed May 22 10:54:10 20191106207.244.86.225USLeaseweb USA, Inc. (LU)
Wed May 15 11:54:18 20191100207.244.86.222USLeaseweb USA, Inc. (LU)
Tue Apr 23 05:42:30 20191092185.176.27.242BGIP Dunaev Yuriy Vyacheslavovich
Wed May 22 07:46:07 20191084185.216.140.6NLDEDI-NOVOGARA
Wed May 22 09:57:48 20191084185.176.27.2BGIP Dunaev Yuriy Vyacheslavovich
Fri Apr 5 06:41:49 20191065185.211.245.168RUteam-host-ru-highload-network
Fri Apr 5 10:53:13 20191026185.211.245.157RUteam-host-ru-highload-network
Tue Apr 2 07:51:59 20191015193.32.160.35EUSTELLAR ADVANCED CONCEPTS LTD
Wed May 22 09:55:41 201999381.22.45.219RUInformation Technologies LLC
Wed May 22 07:52:05 201991881.22.45.239RUInformation Technologies LLC
Wed Apr 17 07:48:25 201991392.63.196.143RUORG-OA984-RIPE
Wed May 8 17:19:32 201990581.22.45.75RUInformation Technologies LLC
Wed Apr 3 15:10:52 2019874185.254.122.5LTARTURAS
Wed May 22 10:31:14 201986489.248.162.168NLORG-IVI1-RIPE
Wed May 22 02:20:58 2019846120.52.152.17CNCU-CDC
Mon Mar 25 14:10:59 2019836141.98.89.143GBUK-BRITNET2-20190111
Tue May 21 10:00:35 2019827185.176.27.178BGIP Dunaev Yuriy Vyacheslavovich
Wed May 22 10:42:37 2019815120.52.152.18CNCU-CDC
HitsSIDSignature
5390100205MISC Microsoft SQL Server communication attempt
5322100077MISC MS Terminal Server communication attempt
3941100063BACKDOOR RUX the Tick connection attempt
3404486ICMP Destination Unreachable Communication with Destination Host is Administratively Prohibited
2897564P2P Napster Client Data communication attempt
1835100202MISC VNC communication attempt
17952375BACKDOOR DoomJuice file upload attempt
1606510POLICY HP JetDirect LCD communication attempt
904100090P2P napster communication attempt
583100084MISC HP Web JetAdmin communication attempt
430402ICMP Destination Unreachable Port Unreachable
420100082MISC Microsoft PPTP communication attempt
352562P2P Napster Client Data communication attempt
280563P2P Napster Client Data communication attempt
2561846POLICY vncviewer Java applet communication attempt
206100028BACKDOOR netbus Connection Cttempt
1992181P2P BitTorrent communication attempt
136100204MISC Radmin Default install options attempt
133100073MISC PCAnywhere communication attempt
130100112DOS Real Audio Server communication attempt
1231408DOS MSDTC communication attempt
98568POLICY HP JetDirect LCD commnication attempt
93207BAD-TRAFFIC data in TCP SYN packet
82100041BACKDOOR SatansBackdoor.2.0.Beta, or BackConstruction 2.1 Connection Attempt
75147BACKDOOR GateCrasher Connection attempt
601641DOS DB2 dos communication attempt
54119BACKDOOR Doly 2.0 Connection attempt
46208BACKDOOR PhaseZero Server Active on Network
372586P2P eDonkey transfer attempt
331636MISC Xtramail communication attempt
32100100FTP Yak! FTP server communication attempt
321605DOS iParty DOS attempt
301987MISC xfs communication attempt
29561P2P Napster Client Data communication attempt
26100044BACKDOOR NetSphere Connection attempt
251383P2P Fastrack kazaa/morpheus communication attempt
222587P2P eDonkey communication attempt
15505MISC Insecure TIMBUKTU communication attempt
12100038BACKDOOR - Dagger_1.4.0 Connection attempt
12152BACKDOOR BackConstruction 2.1 connection attempt
93016BACKDOOR Insane Network 4.0 connection established port 63536
9599RPC portmap listing TCP 32771
8100064BACKDOOR Asylum 0.1 connection request
81985BACKDOOR Doly 1.5 Connection attempt
72124BACKDOOR Remote PC Access connection attempt
7565P2P Napster Server Login communication attempt
71421SNMP AgentX/tcp request
5159BACKDOOR NetMetro File List connection attempt
4100206PSAD-CUSTOM Kuang2 virus communication attempt
4100029BACKDOOR NetBus Pro 2.0 Connection Cttempt
4100040BACKDOOR Infector.1.x Connection attempt
3107BACKDOOR Subseven DEFCON8 2.1 connection Attempt
3282DOS arkiea backup communication attempt
31819MISC Alcatel PABX 4400 connection attempt
3108BACKDOOR QAZ Worm Client Login access
21843BACKDOOR trinity connection attempt
2163BACKDOOR WinCrash 1.0 communication attempt
2100203MISC Ghostsurf communication attempt
2247DDOS mstream client to handler
1249DDOS mstream client to handler
1100083MISC LDAP communication attempt
1145BACKDOOR GirlFriend Connection attempt
12182BACKDOOR typot trojan traffic
1141BACKDOOR HackAttack 1.20 Connection attempt
1100207BACKDOOR Subseven connection attempt
1100007DDOS Trin00 Attacker to Master connection attempt
PortHits
2342715
254117493
807050
226877
80806617
14335479
33895464
815049
85454159
222223954
55552897
23232781
4432292
600012214
59001846
50381602
80891493
33061119
63791008
3390989
50802926
8888905
3128880
21847
9001828
PortHits
25814
3391773
8443761
2222713
5431710
9000684
9527666
27017621
8088601
3388595
8000584
3392584
7001559
8291547
1080522
3399516
3393507
5060502
3395502
8081502
9090498
3394492
8118467
5901465
88446
The script to generate this HTML from PSAD output data can be downloaded here:  https://github.com/disloops/psadify