[nsp-sec] ACK: SSH scanners are out in force
Rodolfo Baader
rbaader at arcert.gov.ar
Mon Mar 8 15:12:21 EST 2010
Hi!
ACK for AR ASNs: 7303, 10318
> 10318 | 24.232.169.4 | 22/tcp 2010-03-05 17:45:00 GMT-0500 549 |
CABLEVISION S.A.
> 7303 | 190.226.45.34 | 22/tcp 2010-03-06 10:50:00 GMT-0500 511 | Telecom
Argentina S.A.
> 7303 | 190.226.45.35 | 22/tcp 2010-03-05 20:05:00 GMT-0500 490 | Telecom
Argentina S.A.
Notifications were sent to the abuse/noc departments.
Regards,
R.
Joel Rosenblatt wrote:
> ----------- nsp-security Confidential --------
>
>
>
> ------------------------------------------------------------------------
>
> Hi,
>
> Big SSH scanner run last night. See attached file
>
> Number after time stamp is number of attempts
>
> Time stamps are -0500 (EST)
>
> This seems to be a different collection of ASNs then the usual suspects,
> but that's not a scientific analysis, just an eyeball observation :-)
>
> Happy hunting!
>
> Thanks,
> Joel
>
> Joel Rosenblatt, Manager Network & Computer Security
> Columbia Information Security Office (CISO)
> Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
> http://www.columbia.edu/~joel
>
>
> ------------------------------------------------------------------------
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list