[nsp-sec] Daily Reports Summary for week ending 2011-01-17

Tim Wilde twilde at cymru.com
Mon Jan 17 11:34:41 EST 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Good morning everyone!

Immediately below you will find the weekly summary of Daily Reports /
ASN Alerts submissions for the week ending 17 JAN 2011.

                       CURRENT WEEK'S DATA               PREVIOUS WEEK

report       UniqueIPs   Change  ASNs  bogon  noroute    UniqueIPs  ASNs
- ------     ------------------------------------------  -----------------
Beagle           1,287  - 13.9%   178      0        0        1,494   202
Blaster             64  +  1.6%    45      0        0           63    44
Bots           784,911  +  2.8%  8560      0       68      763,214  8236
Bruteforce         373  + 13.4%   227      0        0          329   206
Dameware            17  - 39.3%    12      0        0           28    19
Ddosreport         620  -  1.9%   321      1        6          632   311
Fastflux         4,616  + 90.7%   692      0        1        2,421   589
Flowbots             1    NaN       1      0        0            0     0
Malwareurl      10,605  -  0.1%  1639      1        3       10,620  1643
Nachi            1,215  - 42.3%   303      2        2        2,104   354
Openresolvers  729,198  +  0.7% 10228      0       84      724,363 10146
Phatbot            696  -  0.4%   212      0        0          699   232
Phishing         1,148  +  6.8%   453      0        0        1,075   429
Proxy           26,161  +  3.1%  2013      1       19       25,378  1903
Routers            186  +  6.9%    49      0        0          174    50
Scanners         1,463  - 52.3%   538      3        4        3,066   812
Slammer          1,361  -  9.4%   399      3       28        1,503   422
Spam         4,768,989  + 26.2% 11095     20     1343    3,777,705  9595
Spreaders          670  + 59.5%   212      0        0          420   171
Stormworm        4,552  +  3.8%   561      0        1        4,387   545

TOTALS       6,269,312  + 19.1% 15639     30     1556    5,263,769 14916

You may notice a few less categories in the report this week; due to a
list member's suggestion, we've disabled weekly summary reporting for a
few of the more finely aged malware variant categories that were
receiving few, if any, data hits each week.  They're still enabled for
general reporting in case you have an infection in your ASN, but they
won't clog up the report here any further.

Unfortunately, we see a big jump back up in the spam category this week
- - looks like the spammers are back at their game again after the
"holiday break". :)  This matches what I believe has been reported in
wider forums as well, so no huge surprise there, just disappointment. :)

For information regarding these projects please visit our website at:

	<https://www.cymru.com/nsp-sec/ASN-Alert/>
	<https://www.cymru.com/nsp-sec/dailyreports/>

Please note that the nsp-security section on our website is
password-protected.  Your nsp-sec mailing list username and password can
be used to access these pages.  If you have problems logging in please
verify your account information at:

	<http://www.nsp-security.org/>

Team Cymru couldn't provide our services without the generous donations
and support from a great community of folks.  We always welcome feedback
regarding the daily reports or any of our services.  Please feel free to
send questions, comments or concerns to us at team-cymru at cymru.com.

Thank you for your continued support!

Regards,
Tim Wilde

- -- 
Tim Wilde, Senior Software Engineer, Team Cymru, Inc.
twilde at cymru.com | +1-630-230-5433 | http://www.team-cymru.org/
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAk00b6AACgkQluRbRini9tghgwCdGDEtWb3sN1Wv1UV3vkyDwLKx
5AkAnjT8EwJ88u4HCEs+t/PJw6JXjl4E
=+VK5
-----END PGP SIGNATURE-----

More information about the nsp-security mailing list