More stuff

Posted on July 5, 2006 by Arthur

Yesterday, I mentioned the logs that I imported into a Postgres database: today some minor cleanup and indexing/reindexing. The full monty:

The hardest hit day was on September 7th of 2004: 86803 hits in 2 hours only. I’m still collecting data about ports, but here some quick data: You need to read beyond the fold for this one.

Top 10 incoming hits from single IP addresses
source_ip min max count
68.186.67.114 9/7/2004 7:12:30 PM 9/7/2004 8:58:56 PM 12770
66.171.67.43 12/8/2004 8:34:46 PM 12/8/2004 10:39:34 PM 7431
64.113.126.64 9/7/2004 7:12:30 PM 9/7/2004 8:58:54 PM 6385
65.102.84.220 9/7/2004 7:12:32 PM 9/7/2004 8:58:56 PM 6385
192.189.102.2 9/7/2004 7:12:30 PM 9/7/2004 8:58:54 PM 6379
68.12.116.252 9/7/2004 7:12:32 PM 9/7/2004 8:58:56 PM 6344
24.60.108.255 9/7/2004 7:12:32 PM 9/7/2004 8:58:56 PM 6322
64.252.39.109 9/7/2004 7:12:30 PM 9/7/2004 8:58:54 PM 6300
68.12.37.97 9/7/2004 7:12:32 PM 9/7/2004 8:58:54 PM 6293
69.132.232.23 9/7/2004 7:12:30 PM 9/7/2004 8:58:54 PM 6248

 

Top 10 of source ports/protocols
source_port protocol count min max
6346 UDP 2361 3/14/2004 12:44:46 PM 4/9/2005 6:01:58 PM
1025 UDP 1510 2/23/2004 11:08:34 PM 4/9/2005 8:23:42 PM
6348 UDP 1412 4/3/2004 9:27:10 AM 4/9/2005 2:27:16 PM
1026 UDP 1378 2/23/2004 11:01:14 PM 4/9/2005 6:52:34 PM
0 ICMP (type:8/subtype:0) 1330 2/24/2004 7:45:34 PM 4/13/2005 2:25:26 PM
1027 UDP 1261 2/23/2004 11:01:42 PM 4/8/2005 8:16:46 PM
1028 UDP 985 2/23/2004 10:58:52 PM 4/9/2005 8:49:54 AM
1029 UDP 956 2/23/2004 11:10:40 PM 4/9/2005 8:10:46 PM
137 UDP 683 3/5/2004 10:07:16 AM 4/9/2005 10:10:22 AM
1030 UDP 628 2/23/2004 11:11:44 PM 4/8/2005 8:30:44 PM

 

Top 10 of destination ports/protocols
destination_port protocol count min max
20301 TCP (flags:S) 86465 9/7/2004 7:12:30 PM 9/7/2004 8:58:56 PM
1264 TCP (flags:S) 78855 6/12/2004 2:33:14 PM 12/31/2004 4:39:04 PM
6346 TCP (flags:S) 33912 2/23/2004 10:32:14 PM 4/9/2005 9:08:06 PM
1214 TCP (flags:S) 14260 2/25/2004 7:43:00 PM 4/8/2005 5:57:36 PM
137 UDP 12571 2/23/2004 10:28:04 PM 4/9/2005 10:44:06 PM
4242 TCP (flags:S) 8216 12/8/2004 8:34:46 PM 12/8/2004 10:39:34 PM
3955 TCP (flags:S) 6490 6/4/2004 6:20:32 PM 12/19/2004 12:47:28 AM
6881 TCP (flags:S) 5707 2/25/2004 7:41:06 AM 4/5/2005 8:21:02 PM
41170 UDP 5351 2/28/2004 3:00:22 PM 3/15/2005 7:27:48 AM
22408 TCP (flags:S) 5181 1/21/2005 7:23:10 AM 1/22/2005 4:09:10 AM
This entry was posted in Ordinateurs. Bookmark the permalink.