[nsp-sec] Daily Reports Summary for week ending 2009-11-30
Tim Wilde
twilde at cymru.com
Mon Nov 30 09:20:21 EST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings, Everyone!
You may have noticed that no Daily Reports data appeared today, and were
quite truncated yesterday - we apologize for this, there was an error
with some of our processing over the weekend that caused problems with
our IP to ASN mappings, preventing the data from being processed
properly. This is reflected by the excessively large "noroute" numbers
you see in the summary data below. We have corrected the problem at
this time, but due to the complexity of re-generating all of the reports
data from the last ~36 hours, we will simply be moving forward at this
point, rather than flooding you with back-dated reports. We apologize
for this inconvenience, and are putting some additional safeguards into
place to ensure that we don't get bitten by this particular problem again.
Below is the weekly summary of ASN Alert/Daily Reports submissions for
the week ending 30 NOV 2009. For information regarding these projects
please visit our website at:
<https://www.cymru.com/nsp-sec/ASN-Alert/>
<https://www.cymru.com/nsp-sec/dailyreports/>
Please note that the nsp-security section on our website is
password-protected. Your nsp-sec mailing list username and password can
be used to access these pages. If you have problems logging in please
verify your account information at:
<http://www.nsp-security.org/>
Team Cymru couldn't provide our services without the generous donations
and support from a great community of folks. We always welcome feedback
regarding the daily reports or any of our services. Please feel free to
send questions, comments or concerns to us at team-cymru at cymru.com.
Thank you for your continued support!
Regards,
Tim Wilde
- --
Tim Wilde, Senior Software Engineer, Team Cymru, Inc.
twilde at cymru.com | +1-630-230-5433 | http://www.team-cymru.org/
CURRENT WEEK'S DATA PREVIOUS WEEK
report UniqueIPs Change ASNs bogon noroute UniqueIPs ASNs
- ------ ------------------------------------------ -----------------
Beagle 8,363 - 3.6% 635 0 3027 8,676 704
Blaster 96 + 37.1% 53 0 20 70 43
Bots 25,949,195 + 3.1% 13573 1 11982775 25,167,106 13864
Bruteforce 607 - 30.2% 258 0 308 870 413
Dameware 24 + 26.3% 18 0 16 19 14
Ddosreport 1,672 + 29.4% 539 2 399 1,292 487
Defacement 0 NaN 0 0 0 0 0
Dipnet 9 + 12.5% 7 0 0 8 8
Fastflux 5,157 + 93.9% 573 0 2269 2,659 472
Flowbots 3,803 - 8.8% 618 24 1410 4,171 685
Malwareurl 999 - 25.4% 376 1 330 1,339 495
Mydoom 6 + 50.0% 6 0 1 4 4
Nachi 3,455 - 0.2% 428 5 1551 3,462 446
Openresolver 1,296,274 - 2.2% 15721 0 52 1,325,936 15730
Phatbot 962 - 30.3% 261 0 0 1,380 308
Phishing 1,804 + 5.8% 572 3 717 1,705 679
Proxy 21,386 + 18.9% 1454 0 13953 17,982 1603
Routers 155 - 12.4% 68 0 47 177 77
Scanners 4,626 + 20.7% 985 3 1473 3,833 1018
Sinit 9 - 35.7% 8 0 3 14 14
Slammer 2,624 - 2.5% 474 5 1608 2,692 501
Spam 6,583,628 - 8.8% 10095 0 3148927 7,217,476 10935
Spreaders 2,397 + 55.5% 300 0 1487 1,541 385
Stormworm 15,056 - 6.2% 1019 0 5797 16,054 1106
Toxbot 9,816 - 5.3% 515 0 3753 10,369 554
TOTALS 31,459,158 + 1.3% 19605 71 14488071 31,065,149 19848
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAksT1KUACgkQluRbRini9tiZDQCfY1i+oAhnvi3ap0W5a1ZGeKlv
kGIAn3g/oMdItUr9TP2UPvrlZ4wLwCOT
=l4Tj
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list