[nsp-sec] Got traffic?
Yiming Gong
yiming.gong at xo.com
Thu Jul 16 10:59:43 EDT 2009
not too much, for the past 5 minutes, only 153 flows and here are the tops
Top 15 subnets ordered by first three octet......
12 216.114.215
9 167.206.254
8 66.135.197
8 208.36.123
4 70.43.63
4 167.206.112
3 66.135.195
3 64.238.96
3 64.105.172
3 167.206.251
2 67.142.166
2 67.142.164
2 67.142.163
2 67.142.161
2 64.6.15
Top 15 subnets ordered by first two octet......
19 167.206
13 216.114
11 66.135
8 67.142
8 208.36
4 70.43
4 64.105
3 64.238
3 64.233
3 205.158
2 64.6
2 216.1
2 209.206
2 209.105
2 207.230
Top TCP flags......
75 ......
55 .A....
Top Dst ports......
130 53
Top 15 packet size......
10 67
9 68
8 73
8 64
7 71
7 63
6 77
6 75
6 72
6 66
6 65
5 70
5 61
4 74
4 62
On 07/16/2009 09:44 AM, Nicholas Ianelli wrote:
> ----------- nsp-security Confidential --------
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Are folks seeing lots of requests destined to any of these IP addresses
> (UDP based):
>
> 156.154.100.3
> 156.154.101.3
> 156.154.102.3
> 156.154.103.3
>
> Nick
> - --
> Nicholas Ianelli: NeuStar, Inc.
> Security Operations
>
> 46000 Center Oak Plaza Sterling, VA 20166
> +1 571.434.4691 - http://www.neustar.biz
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
>
> iEYEARECAAYFAkpfPOcACgkQi10dJIBjZIAeQACfXj9dbxamPUKmDdi1Sk7X06sm
> wh0AnA3XqzqsBUKzuf7LSFdBqEDodju1
> =+nxs
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
>
More information about the nsp-security
mailing list