Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC Port Trends


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

The "Trend" is an attempt to put a number to the increase in activity for a given port.
Right now, I am comparing the last 24 hours to the last 30 days.
So if we see a rise in activity compared to the last 30 days, the trend is high.

The following formula is used to calculate the trend:

sqrt( (S-s)^2/s + (T-t)^2/t ) )
S: number of source IPs hitting this port last 24 hrs.
s: average number of source IPs hitting this port each day (last 30 days).
T/t: same for target IPs detecting scans on this port.
PortTrendService
90841webphone
101681lovegate
461mpm-snd
481auditd, DRAT
99941palace-3
471ni-ftp
491tacacs
82001trivnet1
70041afs3-kaserver
500191[ICS] Siemens Spectrum Power TG
511la-maint
7771AimSpy, jconfig, multiling-http, Undetected, [ICS] WellinTech KingView 6.53
73081NetMonitor, swx, XSpy
99931palace-2
100671PortalofDoom, PortalofDoomPOD
50041avt-profile-1
70021afs3-prserver
29651bullant-rap
99981distinct32
180001biimenu, [ICS] Iconic Genesis32 GenBroker (TCP)
28031btprjctrl
29631iph-policy-adm
42771vrml-multi-use
27931initlsmsad
28131llm-pass
27341ccs-software
42191vrml-multi-use
27471fjippol-swrly
26991csoft-plusclnt
29161elvin_server
27411tsb
27431murx
28711msi-selectplay
27701veronica
28481amt-blc-port
95001ismserver
29991remoteware-un
26491vpsipport
26881md-cg-http
27971esp-encap
27761ridgeway1
27681uacs
27031sms-chat
298911TheUnexplained
29481wap-push
29871identify
25381vnwk-prapi
29411sm-pas-4
28151lbc-measure
26961unifyadmin
25951worldfusion1
26571sns-dispatcher
42911vrml-multi-use
28261slc-systemlog
28741dxmessagebase1
30791lv-frontpanel
29041m2ua
24371unicontrol
43291iMesh
441Arctic, mpm-flags
28781aap
28221ka0wuc
28311silkp3
26931belarc-http
49871smar-se-port1
24561altav-remmgt
25051torque-traffic
28851topflow
32741ordinox-server
25241optiwave-lm
28181rmlnk
25811argis-te
27781gwen-sonya
29191roboer
27441honyaku
27161inova-ip-disco, ThePrayer
23701compaq-econnect, l3-hbmon
23191infolibria
26561kana
90031sidewinder-admin
29201roboeda
25581pclemultimedia
30551policyserver
23611tl1
25551compaq-wcp, Lion, T0rnRootkit
28701daishi
22451hao
25471vytalvaultvsmp
32751samd
28941abacus-remote
24411pvsw-inet
23201siebel-ns
871priv-term-l
23981orbiter
24521snifferclient
25681spamtrap
24141beeyond
29291Konik, panja-webadmin
25941dts
20791idware-router