[90487] in North American Network Operators' Group
Re: Are botnets relevant to NANOG?
daemon@ATHENA.MIT.EDU (Fergie)
Fri May 26 13:34:46 2006
From: "Fergie" <fergdawg@netzero.net>
Date: Fri, 26 May 2006 17:29:15 GMT
To: wessorh@ar.com
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
I think the numbers speak for themselves.
- ferg
-- Rick Wesson <wessorh@ar.com> wrote:
> Some people need whatever bandwidth they can get for ranting.
> Of course routing reports, virus reports and botnet bgp statistics
> take away a lot of valuable bandwidth that could otherwise be used
> for nagging. On the other hand without Gadi's howling for the
> wolves those wolves might be lost species and without the wolves
> all the nagging and ranting would make less fun.
lets see, should we be concerned? here are a few interesting tables, the=
=
cnt column is new IP addresses we have seen in the last 5 days. The =
first table is Tier-2 ASNs as classified by Fontas's ASN Taxonomy paper =
=
[1] The second table is Universities. The ASN concerned are just in the =
=
announced by orgs in USA as to imply that they should be on NANOG.
Let me say it again the counts are NEW observations in the last 5 days. =
=
also note I'm not Gati, and I've got much more data on everyones network=
s.
-rick
New compromised unique IP addresses (last 5 days) Tier-2 ASN
+-------+------------------------------------+-------+
| asnum | asname | cnt |
+-------+------------------------------------+-------+
| 19262 | Verizon Internet Services | 35790 |
| 20115 | Charter Communications | 4453 |
| 8584 | Barak AS | 3930 |
| 5668 | CenturyTel Internet Holdings, Inc. | 2633 |
| 12271 | Road Runner | 2485 |
| 22291 | Charter Communications | 2039 |
| 8113 | VRIS Verizon Internet Services | 1664 |
| 6197 | BellSouth Network Solutions, Inc | 1634 |
| 6198 | BellSouth Network Solutions, Inc | 1531 |
| 9325 | XTRA-AS Telecom XTRA, Auckland | 1415 |
| 11351 | Road Runner | 1415 |
| 6140 | ImpSat | 1051 |
| 7021 | Verizon Internet Services | 961 |
| 6350 | Verizon Internet Services | 945 |
| 19444 | CHARTER COMMUNICATIONS | 845 |
+-------+------------------------------------+-------+
Universities, new unique ip last 5 days
+-------+--------------------------------+-----+
| asnum | left(asname,30) | cnt |
+-------+--------------------------------+-----+
| 14 | Columbia University | 93 |
| 3 | MIT-2 Massachusetts Institute | 45 |
| 73 | University of Washington | 25 |
| 7925 | West Virginia Network for Educ | 24 |
| 4385 | RIT-3 Rochester Institute of T | 20 |
| 23369 | SCOE-5 Sonoma County Office of | 19 |
| 5078 | Oklahoma Network for Education | 18 |
| 3388 | UNM University of New Mexico | 18 |
| 55 | University of Pennsylvania | 13 |
| 159 | The Ohio State University | 12 |
| 104 | University of Colorado at Boul | 12 |
| 4265 | CERFN California Education and | 11 |
| 693 | University of Notre Dame | 10 |
| 2900 | Arizona Tri University Network | 9 |
| 2637 | Georgia Institute of Technolog | 9 |
+-------+--------------------------------+-----+
[1] http://www.ece.gatech.edu/research/labs/MANIACS/as_taxonomy/
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg@netzero.net or fergdawg@sbcglobal.net
ferg's tech blog: http://fergdawg.blogspot.com/
