Dashboard
Global
- 01
-
Top Attacks (past 24 hours)
Description Attacks per subnet Change from yesterday CVE Percentage Microsoft SQL Server version buffer overflow attempt 331.57 -14.3 % 
CVE-2002-0649 55.6%Microsoft Windows RPC Messenger Service pop-up spam 103.63 -12.2 %
17.4%Microsoft Windows ASN.1 Library buffer overflow attempt 26.21 -2.9 %
CVE-2003-0818 4.4%ASN.1 constructed bit string 23.92 -9.5 %
CVE-2005-1935 4.0%[more] Description Attacks per subnet Change from yesterday CVE Percentage VNC network scanning activity 12.16 +88.5 % 
2.0%Microsoft Windows IIS Server Translate Header attempt 1.41 +49.0 %
CVE-2000-0778 0.2%SSH brute-force login attempts 15.37 +39.7 %
2.6%POLICY PE EXE or DLL Windows file download 16.68 +16.0 %
2.8%[more] - 02
-
Top Scanned Services (past 24 hours)
Description Traffic per subnet Change from yesterday Latest CVE Percentage UDP/1434 (ms-sql-m) 543.37 kB -31.6 %
CVE-2002-0649 32.4%UDP/1026 156.22 kB -18.9 %
9.3%TCP/135 147.78 kB -14.2 %
CVE-2007-2446 8.8%UDP/1027 132.99 kB -19.2 %
7.9%TCP/445 (microsoft-ds) 114.43 kB -18.2 %
CVE-2007-5351 6.8%[more] Description Traffic per subnet Change from yesterday Latest CVE Percentage TCP/21 (ftp) 6.98 kB +100.0 %
CVE-2007-0019 0.4%TCP/80 (http) 14.79 kB +51.8 %
CVE-2008-0068 0.9%UDP/53 (domain) 49.26 kB +11.1 %
CVE-2007-2926 2.9%TCP/23 (telnet) 23.98 kB +3.7 %
CVE-2007-0956 1.4%Other 151.71 kB N/A 9.1%[more] - 03
-
Top Threat Sources (past 24 hours)
Country 
Rank Attacks per subnet Scans per subnet Botnets Phishing DoS 
CN (China)1 411 946.15 kB 28 12 1803 
US (United States)2 69 225.52 kB 302 4455 5943 
GB (Great Britain)3 3 23.31 kB 15 426 2474 
DE (Germany)4 10 60.02 kB 74 71 858 
NL (Netherlands)5 8 6.85 kB 8 2510 154 
BE (Belgium)6 1 102.83 kB 3 12 0 
RO (Romania)7 2 6.95 kB 9 1953 74 
ZA (South Africa)8 0 79.75 kB 1 0 8 
HK (Hong Kong)9 1 5.00 kB 5 1 1003 
RU (Russian Federation)10 3 18.19 kB 6 632 222 
KR (South Korea)11 3 21.22 kB 34 324 251 
FR (France)12 8 21.54 kB 15 45 402 
SE (Sweden)13 1 6.79 kB 7 12 654 
TW (Taiwan)14 5 23.00 kB 16 12 363 
IL (Israel)15 0 2.49 kB 9 1148 3 
BR (Brazil)16 2 23.17 kB 12 23 250 
JP (Japan)17 9 20.92 kB 21 24 207 
PL (Poland)18 3 16.64 kB 6 356 60 
IN (India)19 2 6.34 kB 6 0 363 
BG (Bulgaria)20 0 5.55 kB 4 91 244 ASN Rank Attacks per subnet Scans per subnet Botnets Phishing DoS AS4837 (Unknown) 1 166 452.23 kB 6 0 125 AS4134 (Unknown) 2 178 375.25 kB 6 0 825 AS237 (MERIT-AS-14) 3 0 0 B 0 0 2376 AS4589 (EASYNET) 4 0 1.55 kB 3 0 2077 AS5432 (BELGACOM-SKYNET-AS) 5 0 99.96 kB 0 0 0 AS3320 (DTAG) 6 2 43.31 kB 0 0 597 AS3741 (IS) 7 0 68.32 kB 0 0 0 AS10026 (ANC) 8 0 0 B 0 0 990 AS17785 (CHINATELECOM-HA-AS-AP) 9 31 53.77 kB 0 0 0 AS210 (WEST-NET-WEST) 10 0 52.25 kB 0 0 0 AS8708 (RDSNET) 11 0 0 B 0 1391 41 AS7132 (SBIS-AS) 12 3 7.62 kB 13 826 63 AS4538 (ERX-CERNET-BKB) 13 0 0 B 0 0 606 AS3389 (FORDSRL-AS) 14 21 35.29 kB 0 0 0 AS17431 (TONET) 15 21 31.26 kB 0 0 0 AS10423 (Unknown) 16 0 0 B 0 0 478 AS26415 (VERISIGN-INC) 17 0 30.34 kB 0 0 0 AS10950 (DNSCENTRAL-1) 18 16 26.66 kB 0 0 0 AS4755 (VSNL-AS) 19 0 2.25 kB 2 0 342 AS9116 (GOLDENLINES-ASN) 20 0 0 B 2 618 0 Host Rank Attacks per subnet Scans per subnet Botnets Phishing 220.171.31.41 1 5 54.28 kB 0 0 58.20.222.30 2 30 44.82 kB 0 0 61.132.223.14 3 22 37.48 kB 0 0 219.150.147.6 4 21 35.95 kB 0 0 136.1.7.55 (55.7.1.136.in-addr.arpa) 5 21 35.29 kB 0 0 61.128.186.202 6 20 34.62 kB 0 0 202.99.11.99 7 21 31.25 kB 0 0 122.225.1.148 8 18 31.02 kB 0 0 61.153.50.237 9 18 30.80 kB 0 0 192.58.128.30 (30.128.58.192.in-addr.arpa) 10 0 30.34 kB 0 0 158.91.1.50 (50.1.91.158.in-addr.arpa) 11 0 28.79 kB 0 0 216.250.230.14 (14.230.250.216.in-addr.arpa) 12 16 26.66 kB 0 0 220.163.43.139 (139.43.163.220.in-addr.arpa) 13 11 19.19 kB 0 0 217.119.57.19 14 0 0 B 0 489 217.115.151.98 (98.151.115.217.in-addr.arpa) 15 0 0 B 0 489 209.172.59.193 16 0 0 B 0 489 195.20.32.104 17 0 0 B 0 489 193.33.61.2 18 0 0 B 0 489 219.150.209.39 19 10 16.65 kB 0 0 220.163.85.203 (203.85.163.220.in-addr.arpa) 20 10 16.45 kB 0 0
ASERT Security Intelligence
Summary: A medium severity issue was found in Sun Solaris, specifically the "lpd" daemon in Solaris 8-10. No major new scanning activity to report. We are also working with many people around the world investigating the rash of SQL injections that lead to malware being loaded onto visitors' computers.
Title: Sun Solaris Print Service Unspecified Vulnerabilities
Severity Level: Elevated Severity
Published: Mon, 12 May 2008 13:56:06 +0000
Sun Solaris 8-10 is vulnerable to a set of unspecified issues in the "lpd" service (printer daemon). This service listens on TCP port 515 for incoming requests. A remote attacker can cause a denial of service or execute arbitrary code using the proper exploit. Sun has released updates to address this issue.
Source: [3/5] Sun Solaris Print Service Unspecified Vulnerabilities
So, I’m sitting in the Red Carpet Club in the San Francisco Airport, headed back home to Denver in a bit. Having independently discovered last week that Red Carpet Club members could now get Internet access for free via T-Mobile, I was eager to get online in an airport without having to drop another [...]
Fri, 09 May 2008 17:41:53 +0000
One of the overriding themes in the Network Neutrality debate, and what triggered much of the recent activity with Comcast and the FCC, has to do with transparency. Or in the recent words of FCC Chairman Kevin Martin, “Consumers must be completely informed about the exact nature of the service they are purchasing”. When it [...]
Wed, 07 May 2008 23:54:07 +0000
Using RPKI to Construct Validated IRR Data
As has been discussed here many times in the past, one of the most fragile and vulnerable components of the Internet infrastructure is the global routing system. The Border Gateway Protocol (BGP) is used to exchange destination reachability information (routes) between different autonomous systems (AS) on the Internet. These routes consist of blocks [...]
Wed, 07 May 2008 17:26:02 +0000
My colleague Lixia Zhang provided me a pointer a few weeks back to the article On Being the Right Size, originally published in 1928 and authored by J.B.S. Haldane. It was originally available here, and is quoted in full below. It’s interesting that since I read it, I find it’s applicability to such [...]
Tue, 06 May 2008 17:23:09 +0000
Some of you may have seen the coverage that Ono picked up today because of it’s ability to optimize P2P transaction speeds by enabling more topologically optimal distribution - all while requiring no interaction with the ISP. On one hand, I’m happy about this, as the whole P4P thing, and the topology intelligence dependence [...]
Tue, 06 May 2008 04:47:24 +0000
-
430 Bedford Street Lexington, MA 02420
T 781.684.0900 | 866.212.7267 F 781.768.3299
Copyright © 2006-2008 Arbor Networks, Inc., All rights reserved.
About ATLAS | Terms of Use | Legal Notice | Privacy Policy