Updating...
Total Attacks info_outline
0
Unique Attackers info_outline
0
Top Country
-
Last Attack info_outline
N/A
No Data
filter_list Filtering by :
CLEAR FILTER
Top Attack Sources (ASNs)
Geographic Distribution
router Top Networks
ASNOrganizationAttacks%
public Top Countries
FlagCountryAttacks%
person_outline Targeted Usernames
UsernameAttempts%
list Threat Feed
TimeAttacker IPUserLocASN

About BruteSight Threat Intelligence

BruteSight is a real-time cybersecurity platform dedicated to tracking and analyzing global SSH brute-force attacks. Our dashboard provides a live view of malicious activity sourced from a distributed network of honeypots and reporting agents. By aggregating this data, we offer actionable threat intelligence to system administrators and security professionals.

How Data is Collected

The IP addresses displayed on this dashboard are collected from active brute-force attempts against our sensor network. When an attacker attempts to login with invalid credentials or executes a dictionary attack, their IP address, username, and timestamp are logged. This data is then processed to identify patterns and top offenders. Note: The collected data is not anonymized. We maintain full fidelity logs to ensure accurate identification and blocking of malicious actors.

ASN and Geographic Enrichment

Raw IP data is enriched with Autonomous System Number (ASN) and geolocation information. We utilize high-performance lookup services to map IPs to their respective ISPs (Internet Service Providers) and countries. We would like to acknowledge Team Cymru for providing the DNS-based ASN enrichment data that powers our network analysis.

Protect Your Infrastructure

Beyond visualization, BruteSight offers a free API that allows you to generate block lists for your infrastructure. You can integrate this threat data directly into your firewalls (Mikrotik, Cisco, Juniper, IPTables) to automatically block top offenders, significantly reducing the attack surface of your servers.