[Sentinel/US-West] #opencanary analysis for yesterday

toce@infosec.exchange

[Sentinel/US-West] #opencanary analysis for yesterday

Summary:
Total Connection Attempts: 47785
Unique Usernames: 162
Distinct Passwords: 387
Unique Attacker IPs: 877

Port Popularity (Port / Count):
️ MSSQL: 17936
️ RDP: 13218
️ VNC: 10401
SSH: 5174
️ SMB: 502
Telnet: 501
REDIS: 40
MySQL: 12
FTP: 1

Top 10 Usernames (Username / Count):
35: 6997
root: 543
hello: 390
admin: 160
ubuntu: 126
user: 102
debian: 93
test: 27
deploy: 20
guest: 19

Top 10 Passwords (Password / Count):
123456: 53
admin: 46
password: 25
default: 24
root: 24
12345: 22
12345678: 19
1: 18
1234: 17
vizxv: 17

Top 10 Attacker IPs (IP / Count):
104.192.6.xxx: 12968
117.30.168.xxx: 1710
127.0.0.xxx: 1436
152.32.140.xxx: 1120
221.203.90.xxx: 891
220.190.103.xxx: 890
8.26.21.xxx: 616
119.8.155.xxx: 561
47.129.236.xxx: 557
36.228.88.xxx: 467

The OpenCanary Experience is at https://www.toce.ch