Country Report
Global China
- View:
- Activity
- Sources
- Malicious Servers
-
Activity (past 24 hours)
Key Service 
Bytes per subnet Percentage UDP/1434 (ms-sql-m) 421.05 kB 36.4%UDP/1026 319.90 kB 27.6%UDP/1027 298.90 kB 25.8%TCP/135 10.73 kB 0.9%TCP/2967 9.71 kB 0.8%TCP/22 (ssh) 9.10 kB 0.8%ICMP/8 5.70 kB 0.5%UDP/137 (netbios-ns) 4.96 kB 0.4%UDP/14653 4.15 kB 0.4%UDP/53 (domain) 3.58 kB 0.3%Other 69.85 kB 6.0%
Key Description Attacks per subnet Change from yesterday CVE Percentage Microsoft SQL Server version buffer overflow attempt 231.04 -15.5 % 
CVE-2002-0649 58.9%Microsoft Windows RPC Messenger Service pop-up spam 114.38 -26.5 %
29.1%Symantec Rtvscan.exe remote management exploit attempt 11.81 -8.1 %
CVE-2006-3455 3.0%symantec antivirus realtime virusscan overflow attempt 11.61 -7.8 %
CVE-2006-2630 3.0%Symantec AV realtime VirusScan overflow attempt, SYMC06-010 11.61 -7.8 %
CVE-2006-2630 3.0%Inbound Attacks 158 Outbound Attacks 306 Maximum packet rate 1.93 M pps Maximum traffic rate 984.59 Mbps Attack class Misuse: 374 Profiled: 90 Attack subclass : 1, TCP RST: 2, TCP SYN: 2, Bandwidth: 1, Protocol: 1, DNS: 1, TCP NULL: 1, Total Traffic: 1, -
Sources (past 24 hours)
By ASN
Key ASN Bytes per subnet Percentage AS4837 (CHINA169-BACKBONE) 701.08 kB 60.6%AS4134 (CHINANET-BACKBONE) 352.24 kB 30.4%AS17431 (TONET) 50.29 kB 4.3%AS24400 (CMNET-V4SHANGHAI-AS-AP) 19.63 kB 1.7%AS24444 (CMNET-V4SHANDONG-AS-AP) 9.62 kB 0.8%AS4812 (CHINANET-SH-AP) 7.40 kB 0.6%AS17633 (CHINATELECOM-SD-AS-AP) 2.14 kB 0.2%AS17672 (CHINATELECOM-HE-AS-AP) 1.73 kB 0.1%AS9808 (CMNET-GD) 1.62 kB 0.1%AS9812 (CNNIC-CN-COLNET) 1.59 kB 0.1%Other 10.26 kB 0.9%By Host
Key Host Bytes per subnet Percentage 61.134.56.18 52.70 kB 4.6%202.99.11.99 50.29 kB 4.3%218.75.199.50 49.40 kB 4.3%61.153.50.237 48.00 kB 4.1%58.20.154.23 45.06 kB 3.9%61.132.223.14 39.20 kB 3.4%218.64.237.219 (219.237.64.218.broad.yt.jx.dynamic.163data.com.cn) 31.14 kB 2.7%124.165.225.109 28.38 kB 2.5%125.211.198.10 25.62 kB 2.2%125.211.198.9 25.17 kB 2.2%Other 762.66 kB 65.9%By ASN
Key ASN Attacks per subnet Percentage AS4134 (CHINANET-BACKBONE) 186.37 47.5%AS4837 (CHINA169-BACKBONE) 153.61 39.1%AS17431 (TONET) 26.22 6.7%AS24444 (CMNET-V4SHANDONG-AS-AP) 5.33 1.4%AS4812 (CHINANET-SH-AP) 4.53 1.2%AS24400 (CMNET-V4SHANGHAI-AS-AP) 4.24 1.1%AS9818 (UNIHUB) 3.85 1.0%AS17799 (CHINATELECOM-LN-AS-AP) 1.75 0.4%AS17897 (Unknown) 1.56 0.4%AS37967 (CNNIC-SUNINFO-MDC-AP) 1.01 0.3%Other 3.99 1.0%By Host
Key Host Attacks per subnet Percentage 61.134.56.18 27.83 7.1%202.99.11.99 26.22 6.7%218.75.199.50 25.98 6.6%61.153.50.237 25.68 6.5%58.20.154.23 23.72 6.0%61.132.223.14 20.71 5.3%218.64.237.219 (219.237.64.218.broad.yt.jx.dynamic.163data.com.cn) 16.34 4.2%124.165.225.109 15.08 3.8%222.82.249.235 10.39 2.6%58.215.93.14 7.60 1.9%Other 192.89 49.2% -
Malicious Servers (past 24 hours)
By ASN
ASN Number of servers Percentage AS4837 (CHINA169-BACKBONE) 11 47.8%AS4134 (CHINANET-BACKBONE) 5 21.7%AS9808 (CMNET-GD) 1 4.3%AS4847 (CNIX-AP) 1 4.3%AS4808 (CHINA169-BJ) 1 4.3%AS4538 (ERX-CERNET-BKB) 1 4.3%AS23724 (CHINANET-IDC-BJ-AP) 1 4.3%AS17964 (DXTNET) 1 4.3%AS17623 (CNCGROUP-SZ) 1 4.3%Other 0 0.0%By Targeted Brand
Brand Name Phished URLs Percentage PayPal 305 53.0%eBay 22 3.8%JP Morgan Chase 21 3.6%Other 228 39.6%By ASN
ASN Phishing URLs hosted Percentage AS4837 (CHINA169-BACKBONE) 349 60.6%AS23853 (Unknown) 85 14.8%AS4134 (CHINANET-BACKBONE) 68 11.8%AS4538 (ERX-CERNET-BKB) 61 10.6%AS4812 (CHINANET-SH-AP) 13 2.3%Other 0 0.0%By Host
Host Phishing URLs hosted Percentage 124.131.8.5 178 30.9%58.19.182.171 85 14.8%211.144.204.135 85 14.8%60.28.223.112 22 3.8%58.241.84.193 22 3.8%219.133.59.182 22 3.8%202.201.112.1 22 3.8%202.120.189.142 22 3.8%59.41.181.113 21 3.6%218.247.38.118 21 3.6%Other 76 13.2%
Background
| Internet Statistics | Date | |
|---|---|---|
| Internet Hosts (est.) | 10637000 | 2007 |
| Internet Users (est.) | 162000000 | 2007 |
| Current Threat Rank | |
|---|---|
| 1 |
 CN (China)
|
| 2 |
 US (United States)
|
| 3 |
 IL (Israel)
|
| 4 |
 RO (Romania)
|
| 5 |
 IN (India)
|
Recent Activity
Threat Rank (30 days)
Number of Scanning Sources (30 days)
Number of Attacking Sources (30 days)
-
430 Bedford Street Lexington, MA 02420
T 781.684.0900 | 866.212.7267 F 781.768.3299
Copyright © 2006-2008 Arbor Networks, Inc., All rights reserved.
About ATLAS | Terms of Use | Legal Notice | Privacy Policy