Handler on Duty: Deborah Hale
contact us
contact us
Your session is about to expire. Please reload or submit to avoid getting logged out.
The "Trend" is an attempt to put a number to the increase in activity for a given port. Right now, I am comparing the last 24 hours to the last 30 days. So if we see a rise in activity compared to the last 30 days, the trend is high.
The following formula is used to calculate the trend:
sqrt( (S-s)^2/s + (T-t)^2/t ) )
S: number of source IPs hitting this port last 24 hrs.
s: average number of source IPs hitting this port each day (last 30 days).
T/t: same for target IPs detecting scans on this port.
| Port | Trend | Service |
|---|---|---|
| 3050 | 4.38 | |
| 1911 | 4.29 | |
| 465 | 2.92 | |
| 1050 | 2.28 | |
| 2425 | 2.16 | |
| 3389 | 1.78 | |
| 1337 | 1.75 | |
| 5223 | 1.6 | |
| 8880 | 1.59 | |
| 2121 | 1.4 | |
| 5 | 1.39 | |
| 41524 | 1.31 | |
| 5900 | 0.88 | |
| 1363 | 0.83 | |
| 8443 | 0.81 | |
| 7 | 0.72 | |
| 2 | 0.7 | |
| 6508 | 0.69 | |
| 161 | 0.64 | |
| 58 | 0.57 | |
| 995 | 0.48 | |
| 2014 | 0.46 | |
| 443 | 0.12 |
