KIPPO-GRAPH
FAST VISUALIZATION FOR YOUR KIPPO SSH HONEYPOT STATS Version: 0.7.4 | Website: bruteforce.gr/kippo-graph
HOMEPAGE
KIPPO-GRAPH
KIPPO-INPUT
KIPPO-GEO
GRAPH GALLERY
Overall honeypot activity Total login attempts
11759
Distinct source IP addresses
56
Active time period Start date (first attack) Tuesday, 09-Apr-2013, 20:22 PM
End date (last attack) Sunday, 21-Apr-2013, 14:40 PM
Graphical statistics generated from your Kippo honeypot database
Top 10 passwords This vertical bar chart diplays the top 10 passwords that attackers try when attacking the system.
Top 10 usernames This vertical bar chart diplays the top 10 usernames that attackers try when attacking the system.
Top 10 user-pass combos This vertical bar chart diplays the top 10 username and password combinations that attackers try when attacking the system.
This pie chart diplays the top 10 username and password combinations that attackers try when attacking the system.
Success ratio This vertical bar chart diplays the overall attack success ratio for the particular honeypot system.
Successes per day/week This vertical bar chart diplays the most successful break-ins per day (Top 20) for the particular honeypot system. The numbers indicate how many times correct credentials were given by attackers.
This line chart diplays the daily successes on the honeypot system. Spikes indicate successful entries over a weekly period. Warning: Dates with zero successes are not displayed.
This line chart diplays the weekly successes on the honeypot system. Curves indicate successful entries over a weekly period.
Connections per IP This vertical bar chart diplays the top 10 unique IPs ordered by the number of overall connections to the system.
This pie chart diplays the top 10 unique IPs ordered by the number of overall connections to the system.
Successful logins from the same IP This vertical bar chart diplays the number of successful logins from the same IP address (Top 20). The numbers indicate how many times the particular source opened a successful session.
Probes per day/week This horizontal bar chart diplays the most probes per day (Top 20) against the honeypot system.
This line chart diplays the daily activity on the honeypot system. Spikes indicate hacking attempts. Warning: Dates with zero probes are not displayed.
This line chart diplays the weekly activity on the honeypot system. Curves indicate hacking attempts over a weekly period.
Top 10 SSH clients This vertical bar chart diplays the top 10 SSH clients used by attackers during their hacking attempts.
Copyright Š 2011, 2012 - All Rights Reserved - Kippo-Graph
Thanks to OS Templates
KIPPO-GRAPH
FAST VISUALIZATION FOR YOUR KIPPO SSH HONEYPOT STATS Version: 0.7.4 | Website: bruteforce.gr/kippo-graph
HOMEPAGE
KIPPO-GRAPH
KIPPO-INPUT
KIPPO-GEO
GRAPH GALLERY
Input presentation and statistics gathered from the honeypot system Overall post-compromise activity Post-compromise human activity Total number of commands 7
Distinct number of commands 4 Downloaded files
Total number of downloads 0
Distinct number of downloads 0
Human activity inside the honeypot The following vertical bar chart visualizes the top 20 busiest days of real human activity, by counting the number of input to the system.
The following line chart visualizes real human activity per day, by counting the number of input to the system for each day of operation. Warning: Dates with zero input are not displayed.
The following line chart visualizes real human activity per week, by counting the number of input to the system for each day of operation.
Top 10 input (overall) The following table diplays the top 10 commands (overall) entered by attackers in the honeypot system. ID
Input
Count
1
exit
3
2
w
2
3
test
1
4
ls
1
This vertical bar chart visualizes the top 10 commands (overall) entered by attackers in the honeypot system.
Top 10 successful input The following table diplays the top 10 successful commands entered by attackers in the honeypot system. ID
Input (success)
Count
1
exit
3
2
w
2
3
ls
1
This vertical bar chart visualizes the top 10 successful commands entered by attackers in the honeypot system.
Top 10 failed input The following table diplays the top 10 failed commands entered by attackers in the honeypot system. ID 1
Input (fail) test
Count 1
This vertical bar chart visualizes the top 10 failed commands entered by attackers in the honeypot system.
Copyright Š 2011, 2012 - All Rights Reserved - Kippo-Graph
Thanks to OS Templates
KIPPO-GRAPH
FAST VISUALIZATION FOR YOUR KIPPO SSH HONEYPOT STATS Version: 0.7.4 | Website: bruteforce.gr/kippo-graph
HOMEPAGE
KIPPO-GRAPH
KIPPO-INPUT
KIPPO-GEO
GRAPH GALLERY
Geolocation information gathered from the top 10 IP addresses probing the system The following table displays the top 10 IP addresses connected to the system (ordered by volume of connections). ID
IP Address
Probes
City
Region
Country Name
Code
Latitude
Longitude
Hostname
1
93.63.201.220
5258
Rome
Latium
Italy
IT
41.900002
12.4833
smtp.sinfarma.it
2
69.28.57.87
4021
Rowland Heights
CA
United States
US
33.978199
-117.903999
69.28.57.87
3
202.102.111.179
383
Nanjing
Jiangsu
China
CN
32.061699
118.777802
202.102.111.179
4
218.237.65.47
284
Seocho
Seoul
Korea, Republic of
KR
37.490601
127.019997
218.237.65.47
5
58.225.75.228
262
Seoul
Seoul
Korea, Republic of
KR
37.598499
126.978302
58.225.75.228
6
79.172.10.78
257
Yekaterinburg
Sverdlovsk
Russian Federation
RU
56.851898
60.612202
79.172.10.78.ural.ru
7
220.161.148.178
218
Putian
Fujian
China
CN
24.987801
118.498299
220.161.148.178
8
121.254.224.145
96
Seoul
Seoul
Korea, Republic of
KR
37.598499
126.978302
121.254.224.145
9
176.99.6.220
90
Russian Federation
RU
60
100
1056.globatel.ru
10
61.236.64.56
81
China
CN
39.928902
116.388298
61.236.64.56
Beijing
Beijing
The following vertical bar chart visualizes the top 10 IPs ordered by the number of connections to the system. Notice the two-letter country code to after each IP get a quick view of the locations where the attacks are coming from.
Lookup
The following pie chart visualizes the top 10 IPs ordered by the number of connections to the system. Notice the two-letter country code to after each IP get a quick view of the locations where the attacks are coming from.
The following zoomable world map marks the geographic locations of the top 10 IPs according to their latitude and longitude values. Click on them to get the full information available from the database.
Imagery Š2013 NASA
The following Intensity Map shows the volume of attacks per country by summarising probes originating from the same nation, using the same IP or not.
347
5258
The following pie chart visualizes the volume of attacks per country by summarising probes originating from the same nation, using the same IP or not.