total number of suspected botnet IPs: 15406
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 14786
number of spam blocked: 0
recipient count of spam blocked: 0
Today I add a new chart for the top 10 most scanned TCP ports.
The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | Baidu | 474 |
| 2 | DO-13 | 444 |
| 3 | TENCENT-CN | 336 |
| 4 | HINET-NET | 325 |
| 5 | TencentCloud | 313 |
| 6 | KORNET | 304 |
| 7 | VNPT-VN | 247 |
| 8 | OVH | 173 |
| 9 | CHINANET-GD | 173 |
| 10 | MSFT | 165 |
The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:
| Rank | Country/Region | # of suspected botnet IPs |
|---|---|---|
| 1 | China | 3241 |
| 2 | United States | 2415 |
| 3 | France | 795 |
| 4 | India | 623 |
| 5 | Brazil | 600 |
| 6 | Russian Federation | 597 |
| 7 | Viet Nam | 584 |
| 8 | South Korea | 493 |
| 9 | Indonesia | 442 |
| 10 | Taiwan | 373 |
The top 10 TCP ports, ordered by number of connection attempts received are:
| Rank | TCP port number | # of connection attempts received |
|---|---|---|
| 1 | 25 | 46741 |
| 2 | 110 | 46317 |
| 3 | 445 | 23659 |
| 4 | 23 | 21843 |
| 5 | 3389 | 15241 |
| 6 | 3390 | 14770 |
| 7 | 5038 | 13861 |
| 8 | 22 | 13016 |
| 9 | 3391 | 12456 |
| 10 | 1433 | 8225 |
No comments:
Post a Comment