Sunday 11 March 2012

Analysis of Logfiles (Jan & Feb 2012)

After the probes early this month on my ADSL router, I looked back through the Jan and Feb log files for records of probes and analysed the results. The router records DOS and Port Scans, with the originating IP address. For the simple analysis I looked at the total number of attacks, looked at whether there were DOS or Port Scan. With the IP addresses I identified the number of unique IP and then looked at the country of issuing of the IP address registration.
 
Month
No Attacks
DOS
Port Scans
Unique IP
Unique Countries
Feb 2012
76
74
2
60
9
Jan 2012
96
94
2
86
6

Feb 2012

Country
Attacks
Turkey
52
Ukraine
2
France
1
China
1
Egypt
1
South Africa
1
UK
1
Netherlands
1

Jan 2012

Country
Attacks
Turkey
79
South Africa
3
Hong Kong
1
Switzerland
1
USA
1
Thailand
1

This exercise will be repeated every month, with the details being added to the tables. I will also create a page with the results on the blog.


No comments:

Post a Comment