Handler on Duty: Daniel Wesemann
contact us
contact us
Your session is about to expire. Please reload or submit to avoid getting logged out.
The "Trend" is an attempt to put a number to the increase in activity for a given port. Right now, I am comparing the last 24 hours to the last 30 days. So if we see a rise in activity compared to the last 30 days, the trend is high.
The following formula is used to calculate the trend:
sqrt( (S-s)^2/s + (T-t)^2/t ) )
S: number of source IPs hitting this port last 24 hrs.
s: average number of source IPs hitting this port each day (last 30 days).
T/t: same for target IPs detecting scans on this port.
| Port | Trend | Service |
|---|---|---|
| 5060 | 19.45 | |
| 465 | 3.18 | |
| 3389 | 2.67 | |
| 6405 | 2.62 | |
| 5305 | 2.35 | |
| 5200 | 2.08 | |
| 5223 | 2.03 | |
| 1870 | 1.78 | |
| 3129 | 1.68 | |
| 5405 | 1.58 | |
| 995 | 1.57 | |
| 2425 | 1.53 | |
| 73 | 1.53 | |
| 8443 | 1.5 | |
| 2479 | 1.44 | |
| 23 | 1.18 | |
| 34555 | 1.17 | |
| 2967 | 0.94 | |
| 2122 | 0.78 | |
| 161 | 0.72 | |
| 7424 | 0.66 | |
| 22 | 0.56 | |
| 3050 | 0.54 | |
| 443 | 0.53 | |
| 7 | 0.43 | |
| 20001 | 0.35 | |
| 5 | 0.28 | |
| 8880 | 0.21 |
