[79315] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

botted hosts

daemon@ATHENA.MIT.EDU (Petri Helenius)
Sun Apr 3 12:13:42 2005

Date: Sun, 03 Apr 2005 19:13:36 +0300
From: Petri Helenius <pete@he.iki.fi>
To: Nanog <nanog@nanog.org>
Errors-To: owner-nanog@merit.edu



I run some summaries about spam-sources by country, AS and containing 
BGP route.
These are from a smallish set of servers whole March aggregated. 
Percentage indicates incidents out of total.
Conclusion is that blocking 25 inbound from a handful of prefixes would 
stop >10% of spam.

+---------+------+
| 26.8013 | US   |
| 25.6489 | KR   |
| 11.2896 | CN   |
|  4.3139 | FR   |
|  2.8045 | BR   |

+---------+----------+
| 11.3916 |     4766 |
|  6.3791 |     9318 |
|  5.1094 |     4134 |
|  3.3910 |     7132 |
|  3.1717 |    29963 |

+--------+------------------+
| 2.0754 | 207.182.144.0/20 |
| 1.7184 | 4.0.0.0/8        |
| 1.3054 | 82.224.0.0/11    |
| 1.1116 | 221.144.0.0/12   |
| 1.0963 | 207.182.136.0/21 |
| 0.9943 | 61.78.37.0/24    |
| 0.9586 | 218.144.0.0/12   |
| 0.9484 | 222.96.0.0/12    |
| 0.7394 | 222.65.0.0/16    |
| 0.7343 | 211.200.0.0/13   |

Pete


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[79315] in North American Network Operators' Group

botted hosts

daemon@ATHENA.MIT.EDU (Petri Helenius)Sun Apr 3 12:13:42 2005

daemon@ATHENA.MIT.EDU (Petri Helenius)
Sun Apr 3 12:13:42 2005