Rss

    Honeypot Data Analysis

    I’ve recently analysed a range of Honeypot data relating to about 3 months of malicious attempts against a number of Internet exposed ports and services The data has been sourced from a typical Australian Internet connection.

    From the analysis, the traffic type and source countries were more or less as expected, although it was interesting to see the ratio of attacks received from each country.

    I thought I would share some of the initial results (see the graphics below). Over the coming months I will share more of the analysis and detail.

    General port scans and most of the spider/crawler traffic has been removed from the baseline data, so these results relate to actual malicious attempts – automated tools and manual techniques.

    China and Hungary have been seen to contribute to the highest number of Internet attack attempts.

    The top 10 countries who are attacking Australians:
    1/ China – CN
    2/ Hungary – HU
    3/ United StatesĀ  – US
    4/ Canada – CA
    5/ Australia – AU
    6/ India – IN
    7/ Republic of Korea – KR
    8/ Brazil – BR
    9/ Russian Federation – RU
    10 Puerto Rico – PR

     

     

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.