Flow table
HoneyNet
| Port |
Protocol |
% of flows |
LCS count |
% of LCS |
|
|
445
|
tcp |
21.54 |
8965 |
89.52 |
|
|
32001
|
tcp |
17.32 |
0 |
0.00 |
|
|
|
icmp |
5.42 |
0 |
0.00 |
|
|
23
|
tcp |
5.19 |
0 |
0.00 |
|
|
3389
|
tcp |
4.74 |
0 |
0.00 |
|
|
52046
|
tcp |
4.45 |
0 |
0.00 |
|
|
16146
|
tcp |
3.32 |
0 |
0.00 |
|
|
22
|
tcp |
2.53 |
0 |
0.00 |
|
|
1433
|
tcp |
2.52 |
10 |
0.10 |
|
|
64050
|
tcp |
2.34 |
0 |
0.00 |
|
|
| Port |
Protocol |
|
% unique Dip |
|
| 445 |
tcp |
|
85.47 |
|
| 3389 |
tcp |
|
63.13 |
|
| 0 |
icmp |
|
61.95 |
|
| 1434 |
udp |
|
60.34 |
|
| 1433 |
tcp |
|
54.62 |
|
| 22 |
tcp |
|
54.38 |
|
| 80 |
tcp |
|
51.09 |
|
| 23 |
tcp |
|
45.93 |
|
| 1234 |
tcp |
|
41.28 |
|
| 5060 |
udp |
|
41.28 |
|
| 4899 |
tcp |
|
40.04 |
|
| 25 |
tcp |
|
38.30 |
|
| 3306 |
tcp |
|
35.26 |
|
| 139 |
tcp |
|
31.91 |
|
| 8080 |
tcp |
|
28.99 |
|
| 443 |
tcp |
|
28.24 |
|
| 3072 |
tcp |
|
22.66 |
|
| 1024 |
tcp |
|
22.22 |
|
| 135 |
tcp |
|
21.29 |
|
| 1080 |
tcp |
|
17.26 |
|
|
|
Statistics related to flows show the TOP 20 destination ports queried in the last 24 hours. These are sorted based on the amount of flows to the destination ports (the top table) and based on the amount of destination hosts queried (the bottom table). The lower table is a useful indicator of new scanning activity even when the scanning is slow and from a limited number of sources. |
2007 (Last update: 2012-02-05 07:05:00 CET)