[nsp-sec] Daily Reports Summary for week ending 2011-04-04
Tim Wilde
twilde at cymru.com
Mon Apr 4 13:38:05 EDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings everyone!
Immediately below you will find the weekly summary of Daily Reports /
ASN Alerts submissions for the week ending 04 APR 2011.
CURRENT WEEK'S DATA PREVIOUS WEEK
report UniqueIPs Change ASNs bogon noroute UniqueIPs ASNs
- ------ ------------------------------------------ -----------------
Beagle 2,888 - 4.3% 260 0 0 3,018 239
Bots 1,043,105 + 1.8% 8917 0 102 1,024,622 8882
Bruteforce 264 - 24.4% 170 0 0 349 219
Ddosreport 866 - 27.2% 384 1 3 1,190 467
Fastflux 1,704 - 21.7% 347 0 0 2,177 351
Flowbots 1 - 66.7% 1 0 0 3 3
Malwareurl 14,625 + 5.0% 2017 1 2 13,922 1973
Nachi 1,833 - 7.4% 352 12 12 1,979 358
Openresolvers 706,598 - 80.5% 10163 0 46 3,629,701 19042
Phatbot 648 - 1.1% 189 0 0 655 205
Phishing 1,272 + 2.9% 473 1 1 1,236 475
Proxy 22,015 - 16.1% 1944 1 12 26,240 2052
Routers 296 + 21.8% 92 0 0 243 61
Scanners 27,710 +632.7% 3310 1 15 3,782 932
Slammer 22 + 22.2% 10 0 0 18 13
Spam 6,243,215 + 23.6% 12590 0 1777 5,052,560 10614
Spreaders 546 - 46.7% 193 0 0 1,025 356
Stormworm 3,456 - 2.5% 467 0 0 3,545 471
TOTALS 7,932,420 - 17.6% 16544 15 1968 9,631,397 20957
The dramatic increase in the scanners category is due to a new data
source we brought online last week, providing a much broader view of
scanning activity than we had previously provided. Feedback on these
reports would be particularly appreciated, though of course we always
appreciate all feedback at any time! A big bump for spam this week
unfortunately doesn't come from a new data source, but just from a big
bump in spam. :)
Finally, the open resolver drop (and associated drop in the totals) is
again due to the big monthly-ish open resolver scan that was reflected
in last week's report, and is gone this week, so nothing sinister going
on there. For more information on our DNS research hosts, you can
always check out https://dnsresearch.cymru.com/ (that is a public URL,
feel free to share as widely as needed/desired).
For information regarding these projects please visit our website at:
<https://www.cymru.com/nsp-sec/ASN-Alert/>
<https://www.cymru.com/nsp-sec/dailyreports/>
Please note that the nsp-security section on our website is
password-protected. Your nsp-sec mailing list username and password can
be used to access these pages. If you have problems logging in please
verify your account information at:
<http://www.nsp-security.org/>
Team Cymru couldn't provide our services without the generous donations
and support from a great community of folks. We always welcome feedback
regarding the daily reports or any of our services. Please feel free to
send questions, comments or concerns to us at team-cymru at cymru.com.
Thank you for your continued support!
Regards,
Tim Wilde
- --
Tim Wilde, Senior Software Engineer, Team Cymru, Inc.
twilde at cymru.com | +1-630-230-5433 | http://www.team-cymru.org/
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAk2aAfwACgkQluRbRini9tj4hACcDINlMAjw0WXsTjqAkElfWrWB
CrIAn0De/E8Jm/mFwpZq4lGdOnsrwhyR
=961u
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list