[nsp-sec] ATLAS identified SSH brute forcers
Jose Nazario
jose at arbor.net
Fri Oct 3 19:40:09 EDT 2008
from the past 24h (sorry no timestamps), sorted by ASN.
Bulk mode; whois.cymru.com [2008-10-03 23:37:32 +0000]
209 | 67.130.150.4 | US | ASN-QWEST - Qwest Communications Corporation
1239 | 65.76.247.230 | US | SPRINTLINK - Sprint
1659 | 163.27.218.65 | TW | ERX-TANET-ASN1 Tiawan Academic Network (TANet) Information Center
1785 | 209.252.127.2 | US | AS-PAETEC-NET - PaeTec Communications, Inc.
1785 | 216.64.71.227 | US | AS-PAETEC-NET - PaeTec Communications, Inc.
2519 | 116.58.176.126 | JP | VECTANT VECTANT Ltd.
2611 | 193.190.117.236 | BE | BELNET BELNET Autonomous System
2819 | 194.213.34.10 | CZ | GTSCZ GTS NOVERA (GTS CZ)
2828 | 199.125.184.68 | US | XO-AS15 - XO Communications
2828 | 67.152.82.140 | US | XO-AS15 - XO Communications
2878 | 92.252.154.126 | RU | MVC-AS VolgaTelecom Ulyanovsk branch autonomous system
3215 | 217.128.11.25 | FR | AS3215 France Telecom - Orange
3269 | 82.63.162.187 | IT | ASN-IBSNAZ TELECOM ITALIA
3269 | 88.40.238.138 | IT | ASN-IBSNAZ TELECOM ITALIA
3301 | 213.180.84.221 | SE | TELIANET-SWEDEN TeliaNet Sweden
3561 | 165.193.24.212 | US | SAVVIS - Savvis
3561 | 165.193.24.215 | US | SAVVIS - Savvis
3561 | 64.41.168.251 | US | SAVVIS - Savvis
3595 | 207.210.78.184 | US | GNAXNET-AS - Global Net Access, LLC
3661 | 137.189.34.66 | HK | ERX-CUHKNET The Chinese University of Hong Kong
3741 | 196.212.80.174 | ZA | IS
3741 | 196.35.169.178 | ZA | IS
3786 | 211.115.80.33 | KR | LGDACOM LG DACOM Corporation
3786 | 211.53.208.34 | KR | LGDACOM LG DACOM Corporation
4134 | 116.10.195.218 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 116.52.147.246 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 122.224.226.132 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 202.102.63.162 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 218.19.140.21 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 218.20.188.141 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 218.22.27.132 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 218.87.16.140 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 222.215.119.33 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 58.210.237.107 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 58.211.139.57 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.184.136.12 | CN | CHINANET-BACKBONE No.31,Jin-rong Street
4323 | 66.162.4.54 | US | TWTC - tw telecom holdings, inc.
4515 | 202.82.197.62 | HK | ERX-STAR Star Internet Services Ltd.
4515 | 202.82.202.142 | HK | ERX-STAR Star Internet Services Ltd.
4515 | 210.176.26.185 | HK | ERX-STAR Star Internet Services Ltd.
4538 | 202.120.80.222 | CN | ERX-CERNET-BKB China Education and Research Network Center
4538 | 202.201.0.246 | CN | ERX-CERNET-BKB China Education and Research Network Center
4538 | 210.34.14.211 | CN | ERX-CERNET-BKB China Education and Research Network Center
4621 | 202.28.123.253 | TH | UNSPECIFIED UNINET-TH
4670 | 202.30.198.49 | KR | HYUNDAI-KR Shinbiro
4670 | 58.180.32.36 | KR | HYUNDAI-KR Shinbiro
4713 | 222.151.71.130 | JP | OCN NTT Communications Corporation
4713 | 61.199.196.219 | JP | OCN NTT Communications Corporation
4716 | 210.255.209.55 | JP | POWEREDCOM KDDI Corporation
4755 | 203.200.95.133 | IN | TATACOMM-AS TATA Communications formerly VSNL is Leading ISP
4766 | 125.141.145.145 | KR | KIXS-AS-KR Korea Telecom
4766 | 218.149.85.17 | KR | KIXS-AS-KR Korea Telecom
4766 | 220.86.211.240 | KR | KIXS-AS-KR Korea Telecom
4766 | 221.144.12.121 | KR | KIXS-AS-KR Korea Telecom
4775 | 203.177.131.37 | PH | GLOBE-TELECOM-AS Globe Telecom, Inc.
4788 | 60.49.12.1 | MY | TMNET-AS-AP TM Net, Internet Service Provider
4788 | 60.53.138.74 | MY | TMNET-AS-AP TM Net, Internet Service Provider
4788 | 60.54.36.88 | MY | TMNET-AS-AP TM Net, Internet Service Provider
4802 | 203.59.134.36 | AU | ASN-IINET iiNet Limited
4808 | 121.52.209.78 | CN | CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
4808 | 61.50.219.244 | CN | CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
4808 | 61.50.219.245 | CN | CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
4812 | 116.228.51.109 | CN | CHINANET-SH-AP China Telecom (Group)
4812 | 222.73.0.101 | CN | CHINANET-SH-AP China Telecom (Group)
4835 | 117.34.70.106 | CN | CHINANET-IDC-SN China Telecom (Group)
4837 | 125.46.36.89 | CN | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 202.99.122.132 | CN | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 202.99.122.136 | CN | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 218.25.54.152 | CN | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 218.28.4.61 | CN | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 221.192.132.47 | CN | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 221.6.33.218 | CN | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 58.244.204.88 | CN | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 61.168.222.136 | CN | CHINA169-BACKBONE CNCGROUP China169 Backbone
4847 | 219.232.41.149 | CN | CNIX-AP China Networks Inter-Exchange
4847 | 59.108.230.182 | CN | CNIX-AP China Networks Inter-Exchange
5396 | 84.253.142.219 | IT | MC-link Spa
5416 | 77.69.240.200 | BH | BATELCO-BH
5617 | 83.13.4.59 | PL | TPNET Polish Telecom_s commercial IP network
5617 | 83.18.233.221 | PL | TPNET Polish Telecom_s commercial IP network
6429 | 200.27.104.99 | CL | Telmex Chile Internet S.A.
6429 | 200.27.109.99 | CL | Telmex Chile Internet S.A.
6458 | 190.56.167.198 | GT | Telgua
6503 | 148.243.165.6 | MX | Avantel, S.A.
6503 | 148.245.173.248 | MX | Avantel, S.A.
6830 | 213.47.4.252 | AT | UPC UPC Broadband
7004 | 200.91.25.227 | CL | CTC Transmisiones Regionales S.A.
7530 | 210.231.212.101 | JP | IRI Internet Research Institute, Inc.
7629 | 203.131.125.60 | PH | INFOCOM-AS-AP INFOCOM Technologies, Inc.
8167 | 189.10.167.35 | BR | TELESC - Telecomunicacoes de Santa Catarina SA
8167 | 189.73.63.76 | BR | TELESC - Telecomunicacoes de Santa Catarina SA
8220 | 80.169.193.69 | GB | COLT COLT Telecommunications
8560 | 217.160.171.193 | DE | ONEANDONE-AS 1&1 Internet AG
8560 | 74.208.46.187 | US | ONEANDONE-AS 1&1 Internet AG
9308 | 211.151.46.252 | CN | CHINA-ABITCOOL Abitcool(China) Inc.
9308 | 58.83.131.68 | CN | CHINA-ABITCOOL Abitcool(China) Inc.
9318 | 211.206.123.172 | KR | HANARO-AS Hanaro Telecom Inc.
9370 | 202.222.17.118 | JP | SAKURA-B SAKURA Internet Inc.
9370 | 59.106.15.112 | JP | SAKURA-B SAKURA Internet Inc.
9371 | 210.188.207.9 | JP | SAKURA-C SAKURA Internet Inc.
9498 | 61.246.218.71 | IN | BBIL-AP BHARTI Airtel Ltd.
9800 | 61.240.238.204 | CN | UNICOM CHINA UNICOM
9976 | 211.112.95.8 | KR | ICNDP-AS-KR Korea Cable TV NamIncheon Broadcasting.co.ltd
9976 | 211.235.32.124 | KR | ICNDP-AS-KR Korea Cable TV NamIncheon Broadcasting.co.ltd
10024 | 203.92.78.38 | SG | LGA-AS-SG-AP LGA International
10077 | 202.56.120.147 | IN | HCL-INFINET-AS-1 HCL Infinet Limited
11426 | 24.106.214.146 | US | SCRR-11426 - Road Runner HoldCo LLC
11751 | 200.14.32.4 | BR | ICEP - INSTITUTO CYBER DE ENSINO E PESQUISA
11830 | 201.198.135.134 | CR | Instituto Costarricense de Electricidad y Telecom.
12322 | 88.191.92.121 | FR | PROXAD AS for Proxad/Free ISP
12357 | 217.130.107.144 | ES | COMUNITEL Comunitel Global Autonomous System
12452 | 194.6.223.243 | RU | PROVRU AS for Prov.RU
12615 | 78.108.248.18 | BG | GCN-AS GCN Bulgaria AS
12874 | 89.97.55.57 | IT | FASTWEB Fastweb Autonomous System
12883 | 213.130.28.24 | UA | FARLEP-AS Farlep-Internet ISP
13127 | 62.58.98.210 | NL | VERSATEL AS for the Trans-European Versatel IP Transport backbone
13213 | 83.170.115.113 | GB | UK2NET-AS UK-2 Ltd Autonomous System
13489 | 201.236.221.82 | CO | ORBITEL S.A. E.S.P.
13601 | 66.132.228.161 | US | ASN-INNERHOST - Peer 1 Dedicated Hosting
13768 | 72.51.35.218 | US | PEER1 - Peer 1 Network Inc.
14000 | 201.158.150.180 | MX | AXTEL, S.A. de C.V.
14259 | 200.75.13.38 | CL | Gtd Internet S.A.
15311 | 200.54.168.210 | CL | Telefonica Empresas
16047 | 194.9.69.61 | UA | MICROSYSTEM-AS JV Microsystem
16095 | 81.7.189.56 | DK | JAYNET jay.net a/s
17379 | 201.70.20.74 | BR | Intelig Telecomunica Ltda
17431 | 218.97.158.10 | CN | TONET Beijing TONEK Information Technology Development Company
17565 | 58.64.22.46 | TH | ADC-BUDDYB-AS Advance Datanetwork Communications Co.,Ltd. BuddyB service. Bangkok
17621 | 58.246.200.130 | CN | CNCGROUP-SH CNCGROUP IP network of Shanghai region MAN network
17770 | 202.124.176.227 | LK | SUNTEL-WOW Suntel Limited
17820 | 203.196.189.152 | IN | DIL-AP DIRECT INTERNET LTD.
17895 | 202.124.135.200 | PH | GLOBALREACH-AP Globalreach eBusiness Networks, Inc.
17964 | 218.249.201.2 | CN | DXTNET Beijing Dian-Xin-Tong Network Technologies Co., Ltd.
18239 | 210.75.208.10 | CN | CAPNET-AS-AP Beijing Capital Public Information Platform
18239 | 218.246.95.243 | CN | CAPNET-AS-AP Beijing Capital Public Information Platform
18239 | 218.246.95.244 | CN | CAPNET-AS-AP Beijing Capital Public Information Platform
18239 | 218.246.95.245 | CN | CAPNET-AS-AP Beijing Capital Public Information Platform
18239 | 218.246.95.246 | CN | CAPNET-AS-AP Beijing Capital Public Information Platform
18391 | 202.52.88.73 | SG | ISECUREP-AS-SG-AP ISecureP Holdings Pte Ltd
18503 | 63.113.54.120 | US | LOGICSOUTH - LogicSouth, Inc.
19291 | 66.179.71.145 | US | INFLOW19291 - Inflow Inc.
19400 | 167.236.0.80 | US | SPX-CORP-AS - SPX Corporation
19916 | 69.94.26.20 | US | ASTRUM-0001 - OLM LLC
20312 | 150.188.32.26 | VE | Centro Nacional de TecnologÃas de Información (CNTI)
20312 | 150.188.32.28 | VE | Centro Nacional de TecnologÃas de Información (CNTI)
20857 | 87.253.156.90 | NL | TRANSIP-AS TransIP BV
20876 | 80.72.89.93 | BG | EVRO-AS EVRO.NET
21229 | 80.95.75.141 | HU | TVNETWORK-AS TVNETWORK
21844 | 66.98.162.53 | US | THEPLANET-AS - ThePlanet.com Internet Services, Inc.
21844 | 66.98.252.49 | US | THEPLANET-AS - ThePlanet.com Internet Services, Inc.
21844 | 75.125.45.178 | US | THEPLANET-AS - ThePlanet.com Internet Services, Inc.
22047 | 200.104.90.58 | CL | VTR BANDA ANCHA S.A.
22724 | 200.105.238.234 | EC | PUNTONET S.A.
22773 | 98.168.250.229 | US | CCINET-2 - Cox Communications Inc.
24186 | 203.153.36.252 | IN | RAILTEL-AS-IN RailTel Corporation of India Ltd., Internet Service Provider, New Delhi
24282 | 203.142.195.73 | JP | KIR Kagoya Japan CO,LTD
24445 | 218.206.203.109 | CN | CMNET-V4HENAN-AS-AP Henan Mobile Communications Co.,Ltd
25904 | 24.249.83.2 | US | GULFCOAST - Cox Communications (CBS-Gulf-Coast)
26554 | 74.204.43.74 | US | US-SIGNAL - US Signal Corporation
26895 | 208.96.198.199 | US | CIMCO1 - CIMCO Communications, Inc.
27650 | 200.30.71.106 | CO | EMTEL S.A. E.S.P.
27699 | 189.19.0.131 | BR | TELECOMUNICACOES DE SAO PAULO S/A - TELESP
27699 | 200.232.164.89 | BR | TELECOMUNICACOES DE SAO PAULO S/A - TELESP
27845 | 190.6.166.84 | CO | Empresa Regional de Telecomunicaciones
28184 | 189.89.49.61 | BR |
29513 | 217.64.60.206 | FR | INITIALSONLINE Initial_s Online limited
30008 | 69.162.121.182 | US | COLOGUYS - ColoGuys
30513 | 204.8.46.244 | US | DYNAMIC-INTERNET - DYNAMIC INTERNET
31291 | 85.11.163.76 | BG | SKKNET-AS SKKNET LTD
31549 | 84.241.40.191 | IR | RASANA Aria Rasana Tadbir
32613 | 64.15.155.170 | CA | IWEB-AS - iWeb Technologies Inc.
33481 | 216.195.98.174 | US | BELWAVE-COMMUNICATIONS - BELWAVE COMMUNICATIONS
33490 | 76.27.247.140 | US | DNEO-OSP5 - Comcast Cable Communications, Inc.
33651 | 98.207.110.84 | US | DNEO-OSP7 - Comcast Cable Communications, Inc.
35612 | 88.149.158.70 | IT | NGI-AS NGI Spa
35916 | 204.15.73.116 | US | MULTA-ASN1 - MULTACOM CORPORATION
38356 | 121.52.209.78 | CN | TIMENET BeiJing Sincerity-times Network Technology Project Ltd.
39324 | 81.22.247.204 | FI | MEDIAM-AS Mediam Oy Autonomous System
39324 | 81.22.247.214 | FI | MEDIAM-AS Mediam Oy Autonomous System
39616 | 81.29.145.3 | CH | SWITCHWARD-AS Switchward LTD London
41126 | 89.111.180.179 | RU | CENTROHOST-AS JSC Centrohost
42237 | 89.248.108.162 | ES | INTERDOMINIOS Grupo Interdominios S.A.
43260 | 89.107.228.234 | TR | DGN DGN Teknoloji
44877 | 79.99.248.4 | JO | MAXIMALI-AS Vtel-Georgia
45223 | 202.44.53.70 | TH | WIN-AS-TH-AP World Internetwork Co.,Ltd , Thailand.
-------------------------------------------------------------
jose nazario, ph.d. <jose at arbor.net>
security researcher, office of the CTO, arbor networks
v: (734) 821 1427 http://asert.arbornetworks.com/
More information about the nsp-security
mailing list