Top 10 Attacker Countries:
The following data states the extent of attacks that have originated from various countries.
Top 10 Attacker Host:
The following data states the extent of attacks that have originated from specific host IP address.
Detailed Report on Suspicious Hosts:
Behavior: Scanning hosts
Activity: Continuously using different username password combination existing and non existing usernames.
We have found following different types of events:
- SSHD authentication failed
- Multiple SSHD authentication failures
- Multiple failed logins in a small period of time
- SSH insecure connection attempt (scan)
- Failed Password
- Invalid User
- Input user authentication request invalid user
Type of Attack: Bruteforce
Source IP Addresses:
Alarms Report – Top 15 Alarm Triggering Occurrences
June 12, 2017