[nsp-sec] ACK RE: skunkx bots - sinkhole data
Krista Hickey
Krista.Hickey at cogeco.com
Tue Apr 26 15:36:31 EDT 2011
ACK for 7992 and proxy ACK for 11290
Thanks
Krista
7992
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-
> bounces at puck.nether.net] On Behalf Of Jose Nazario
> Sent: April-26-11 3:15 PM
> To: NSP-Sec NSP
> Subject: [nsp-sec] skunkx bots - sinkhole data
>
> ----------- nsp-security Confidential --------
>
> past 24h of sinkholing the skunkx ddos bot associated with the domain
> name "imageshak.biz". you can read about it here:
>
> http://asert.arbornetworks.com/2011/03/skunkx-ddos-bot-analysis/
>
> total uniq IPs seen in the past day: 28732
> top ASNs by count:
> 7559 AS45595 | PKTELECOM-AS-PK Pakistan Telecom Company Limited
> 2772 AS9829 | BSNL-NIB National Internet Backbone
> 1880 AS24560 | AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia
> Services
> 831 AS17813 | MTNL-AP Mahanagar Telephone Nigam Ltd.
> 787 AS17974 | TELKOMNET-AS2-AP PT Telekomunikasi Indonesia
> 732 AS17803 | BSES-AS-AP BSES TeleCom Limited
> 702 AS38264 | WATEEN-IMS-PK-AS-AP National WiMAX/IMS environment
> 650 AS23693 | TELKOMSEL-ASN-ID PT. Telekomunikasi Selular
> 600 AS38710 | WORLDCALL-AS-LHR Worldcall Broadband Limited
> 510 AS55740 | TATAINDICOM-IN TATA TELESERVICES LTD - TATA INDICOM
> - CDMA DIVISION
>
>
> data enclosed, format is ASN, IP, CC, UTC timestamp of last
> observation, and network name
>
> Bulk mode; whois.cymru.com [2011-04-26 19:09:57 +0000]
> NA | 203.193.142.37 | IN | 1303820354 | NA
> 12 | 128.122.68.176 | US | 1303844808 | NYU-DOMAIN - New
> York University
> 12 | 128.122.92.104 | US | 1303844807 | NYU-DOMAIN - New
> York University
> ...
>
> hope this helps. data may be shared per list conditions with relevant
> parties for remediation purposes.
>
> _____________________________
> jose nazario, ph.d. jose at arbor.net
> sr. manager of security research, arbor networks
> http://asert.arbor.net/
>
More information about the nsp-security
mailing list