I wrote about failure notices I got when sending notifications to CNCERT two weeks ago. But then the problem disappeared before I had done anything about it. I guess I was just lucky.
I also send notifications about zombie computers in India to the CERT of India. Unfortunately they began to reject my notifications two days ago. I might not be so lucky this time...
I also send notifications about zombie computers in India to the CERT of India. Unfortunately they began to reject my notifications two days ago. I might not be so lucky this time...
detection period: 2010-11-29 00:00-23:59 UTC
total number of suspected botnet IPs: 2393
number of botnet IPs notified to network operators: 1949
number of blocked spams: 338506
recipient count of blocked spams: 11568541
The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | HINET-NET | 462 |
| 2 | BSNLNET | 320 |
| 3 | RCOM | 59 |
| 4 | AR-TEAR7-LACNIC | 52 |
| 5 | 000.065.376/0002-65 | 36 |
| 6 | TATACOMM-IN | 35 |
| 7 | 002.558.134/0001-58 | 35 |
| 8 | TRUENET | 30 |
| 9 | KORNET-KR | 28 |
| 10 | CAT-BB-NET | 28 |
The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:
| Rank | Country | # of suspected botnet IPs |
|---|---|---|
| 1 | India | 492 |
| 2 | Taiwan | 477 |
| 3 | China | 268 |
| 4 | Brazil | 224 |
| 5 | Russian Federation | 152 |
| 6 | Thailand | 106 |
| 7 | Argentina | 102 |
| 8 | Ukraine | 60 |
| 9 | United States | 54 |
| 10 | South Korea | 48 |
No comments:
Post a Comment