Today's Internet Threat Level: GREEN
Handler on Duty: Mark Hofman
Handler on Duty: Mark Hofman
The "Trend" is an attempt to put a number to the increase in activity for a given port. Right now, I am comparing the last 24 hours to the last 30 days. So if we see a rise in activity compared to the last 30 days, the trend is high.
The following formula is used to calculate the trend:
sqrt( (S-s)^2/s + (T-t)^2/t ) )
S: number of source IPs hitting this port last 24 hrs.
s: average number of source IPs hitting this port each day (last 30 days).
T/t: same for target IPs detecting scans on this port.
| Port | Trend | Service |
|---|---|---|
| 20000 | 7.07 | |
| 545 | 6.7 | |
| 2593 | 5.33 | |
| 3105 | 5.29 | |
| 3073 | 5.09 | |
| 2561 | 5.08 | |
| 2081 | 5.03 | |
| 2121 | 4.42 | |
| 1569 | 3.82 | |
| 1537 | 3.69 | |
| 1328 | 3.23 | |
| 2425 | 3.21 | |
| 2049 | 3.1 | |
| 8008 | 2.78 | |
| 1057 | 2.67 | |
| 33 | 2.33 | |
| 8001 | 2.29 | |
| 20001 | 2 | |
| 513 | 1.81 | |
| 888 | 1.81 | |
| 1111 | 1.78 | |
| 5200 | 1.71 | |
| 1843 | 1.66 | |
| 9000 | 1.55 | |
| 553 | 1.46 | |
| 1 | 1.3 | |
| 3389 | 1.21 | |
| 2967 | 1.21 | |
| 1076 | 1.17 | |
| 808 | 1.16 | |
| 8081 | 1.12 | |
| 443 | 1.09 | |
| 161 | 1.08 | |
| 9090 | 1.05 | |
| 8443 | 0.96 | |
| 995 | 0.87 | |
| 1095 | 0.87 | |
| 23 | 0.81 | |
| 1077 | 0.64 | |
| 1104 | 0.62 | |
| 1101 | 0.62 | |
| 7 | 0.57 | |
| 1318 | 0.54 | |
| 1316 | 0.46 | |
| 1306 | 0.46 | |
| 465 | 0.45 | |
| 1309 | 0.45 | |
| 1082 | 0.42 | |
| 1108 | 0.4 | |
| 1093 | 0.4 | |
| 1317 | 0.4 | |
| 123 | 0.39 | |
| 1315 | 0.36 | |
| 1308 | 0.35 | |
| 445 | 0.34 | |
| 1074 | 0.33 | |
| 1314 | 0.32 | |
| 1302 | 0.3 | |
| 1292 | 0.29 | |
| 1266 | 0.28 | |
| 1078 | 0.26 | |
| 1301 | 0.26 | |
| 1303 | 0.25 | |
| 1276 | 0.24 | |
| 1277 | 0.2 | |
| 1311 | 0.19 | |
| 1265 | 0.19 | |
| 1283 | 0.18 | |
| 1323 | 0.14 | |
| 1261 | 0.13 | |
| 1284 | 0.12 | |
| 1304 | 0.11 | |
| 1267 | 0.09 | |
| 1340 | 0.06 |
