Half-complete README.md
commit
02ba84cdb8
|
@ -0,0 +1 @@
|
||||||
|
**/.DS_Store
|
|
@ -0,0 +1,28 @@
|
||||||
|
|
||||||
|
<h1 align="center">
|
||||||
|
sgp-internet-ping
|
||||||
|
</h1>
|
||||||
|
|
||||||
|
<p align="center">
|
||||||
|
A quick analysis of internet latency form Singapore to the rest of the world.
|
||||||
|
</p>
|
||||||
|
|
||||||
|
## Scanning the internet
|
||||||
|
|
||||||
|
To scan the IPv4 internet, I used the tool [`masscan`](https://github.com/robertdavidgraham/masscan) by security researcher Robert Graham. He has extensively made use of `masscan` in the security research he does. It provides latency measurements up to the millisecond.
|
||||||
|
|
||||||
|
I wrote a configuration file to run `masscan` on the entire internet with the included exclusion list, and scan the top 5 open ports according to [speedguide.net](https://www.speedguide.net/ports_common.php). It is stored as `scan.conf`. I started the scan with:
|
||||||
|
|
||||||
|
```
|
||||||
|
masscan -c scan.conf
|
||||||
|
```
|
||||||
|
|
||||||
|
This produces the output file `scan.bin`.
|
||||||
|
|
||||||
|
## Categorising readings by country
|
||||||
|
|
||||||
|
To associate an IP address with a country, a geolocation lookup database must be used. I used two sources of geolocation databases; Maxmind's GeoLite2, and Webnet77's IPToCountry; to test the accuracy of either database.
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
```
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,253 @@
|
||||||
|
geoname_id,locale_code,continent_code,continent_name,country_iso_code,country_name,is_in_european_union
|
||||||
|
49518,en,AF,Africa,RW,Rwanda,0
|
||||||
|
51537,en,AF,Africa,SO,Somalia,0
|
||||||
|
69543,en,AS,Asia,YE,Yemen,0
|
||||||
|
99237,en,AS,Asia,IQ,Iraq,0
|
||||||
|
102358,en,AS,Asia,SA,"Saudi Arabia",0
|
||||||
|
130758,en,AS,Asia,IR,Iran,0
|
||||||
|
146669,en,EU,Europe,CY,Cyprus,1
|
||||||
|
149590,en,AF,Africa,TZ,Tanzania,0
|
||||||
|
163843,en,AS,Asia,SY,Syria,0
|
||||||
|
174982,en,AS,Asia,AM,Armenia,0
|
||||||
|
192950,en,AF,Africa,KE,Kenya,0
|
||||||
|
203312,en,AF,Africa,CD,Congo,0
|
||||||
|
223816,en,AF,Africa,DJ,Djibouti,0
|
||||||
|
226074,en,AF,Africa,UG,Uganda,0
|
||||||
|
239880,en,AF,Africa,CF,"Central African Republic",0
|
||||||
|
241170,en,AF,Africa,SC,Seychelles,0
|
||||||
|
248816,en,AS,Asia,JO,"Hashemite Kingdom of Jordan",0
|
||||||
|
272103,en,AS,Asia,LB,Lebanon,0
|
||||||
|
285570,en,AS,Asia,KW,Kuwait,0
|
||||||
|
286963,en,AS,Asia,OM,Oman,0
|
||||||
|
289688,en,AS,Asia,QA,Qatar,0
|
||||||
|
290291,en,AS,Asia,BH,Bahrain,0
|
||||||
|
290557,en,AS,Asia,AE,"United Arab Emirates",0
|
||||||
|
294640,en,AS,Asia,IL,Israel,0
|
||||||
|
298795,en,AS,Asia,TR,Turkey,0
|
||||||
|
337996,en,AF,Africa,ET,Ethiopia,0
|
||||||
|
338010,en,AF,Africa,ER,Eritrea,0
|
||||||
|
357994,en,AF,Africa,EG,Egypt,0
|
||||||
|
366755,en,AF,Africa,SD,Sudan,0
|
||||||
|
390903,en,EU,Europe,GR,Greece,1
|
||||||
|
433561,en,AF,Africa,BI,Burundi,0
|
||||||
|
453733,en,EU,Europe,EE,Estonia,1
|
||||||
|
458258,en,EU,Europe,LV,Latvia,1
|
||||||
|
587116,en,AS,Asia,AZ,Azerbaijan,0
|
||||||
|
597427,en,EU,Europe,LT,"Republic of Lithuania",1
|
||||||
|
607072,en,EU,Europe,SJ,"Svalbard and Jan Mayen",0
|
||||||
|
614540,en,AS,Asia,GE,Georgia,0
|
||||||
|
617790,en,EU,Europe,MD,"Republic of Moldova",0
|
||||||
|
630336,en,EU,Europe,BY,Belarus,0
|
||||||
|
660013,en,EU,Europe,FI,Finland,1
|
||||||
|
661882,en,EU,Europe,AX,"Åland",0
|
||||||
|
690791,en,EU,Europe,UA,Ukraine,0
|
||||||
|
718075,en,EU,Europe,MK,Macedonia,0
|
||||||
|
719819,en,EU,Europe,HU,Hungary,1
|
||||||
|
732800,en,EU,Europe,BG,Bulgaria,1
|
||||||
|
783754,en,EU,Europe,AL,Albania,0
|
||||||
|
798544,en,EU,Europe,PL,Poland,1
|
||||||
|
798549,en,EU,Europe,RO,Romania,1
|
||||||
|
831053,en,EU,Europe,XK,Kosovo,0
|
||||||
|
878675,en,AF,Africa,ZW,Zimbabwe,0
|
||||||
|
895949,en,AF,Africa,ZM,Zambia,0
|
||||||
|
921929,en,AF,Africa,KM,Comoros,0
|
||||||
|
927384,en,AF,Africa,MW,Malawi,0
|
||||||
|
932692,en,AF,Africa,LS,Lesotho,0
|
||||||
|
933860,en,AF,Africa,BW,Botswana,0
|
||||||
|
934292,en,AF,Africa,MU,Mauritius,0
|
||||||
|
934841,en,AF,Africa,SZ,Swaziland,0
|
||||||
|
935317,en,AF,Africa,RE,Réunion,0
|
||||||
|
953987,en,AF,Africa,ZA,"South Africa",0
|
||||||
|
1024031,en,AF,Africa,YT,Mayotte,0
|
||||||
|
1036973,en,AF,Africa,MZ,Mozambique,0
|
||||||
|
1062947,en,AF,Africa,MG,Madagascar,0
|
||||||
|
1149361,en,AS,Asia,AF,Afghanistan,0
|
||||||
|
1168579,en,AS,Asia,PK,Pakistan,0
|
||||||
|
1210997,en,AS,Asia,BD,Bangladesh,0
|
||||||
|
1218197,en,AS,Asia,TM,Turkmenistan,0
|
||||||
|
1220409,en,AS,Asia,TJ,Tajikistan,0
|
||||||
|
1227603,en,AS,Asia,LK,"Sri Lanka",0
|
||||||
|
1252634,en,AS,Asia,BT,Bhutan,0
|
||||||
|
1269750,en,AS,Asia,IN,India,0
|
||||||
|
1282028,en,AS,Asia,MV,Maldives,0
|
||||||
|
1282588,en,AS,Asia,IO,"British Indian Ocean Territory",0
|
||||||
|
1282988,en,AS,Asia,NP,Nepal,0
|
||||||
|
1327865,en,AS,Asia,MM,"Myanmar [Burma]",0
|
||||||
|
1512440,en,AS,Asia,UZ,Uzbekistan,0
|
||||||
|
1522867,en,AS,Asia,KZ,Kazakhstan,0
|
||||||
|
1527747,en,AS,Asia,KG,Kyrgyzstan,0
|
||||||
|
1546748,en,AN,Antarctica,TF,"French Southern Territories",0
|
||||||
|
1547314,en,AN,Antarctica,HM,"Heard Island and McDonald Islands",0
|
||||||
|
1547376,en,AS,Asia,CC,"Cocos [Keeling] Islands",0
|
||||||
|
1559582,en,OC,Oceania,PW,Palau,0
|
||||||
|
1562822,en,AS,Asia,VN,Vietnam,0
|
||||||
|
1605651,en,AS,Asia,TH,Thailand,0
|
||||||
|
1643084,en,AS,Asia,ID,Indonesia,0
|
||||||
|
1655842,en,AS,Asia,LA,Laos,0
|
||||||
|
1668284,en,AS,Asia,TW,Taiwan,0
|
||||||
|
1694008,en,AS,Asia,PH,Philippines,0
|
||||||
|
1733045,en,AS,Asia,MY,Malaysia,0
|
||||||
|
1814991,en,AS,Asia,CN,China,0
|
||||||
|
1819730,en,AS,Asia,HK,"Hong Kong",0
|
||||||
|
1820814,en,AS,Asia,BN,Brunei,0
|
||||||
|
1821275,en,AS,Asia,MO,Macao,0
|
||||||
|
1831722,en,AS,Asia,KH,Cambodia,0
|
||||||
|
1835841,en,AS,Asia,KR,"Republic of Korea",0
|
||||||
|
1861060,en,AS,Asia,JP,Japan,0
|
||||||
|
1873107,en,AS,Asia,KP,"North Korea",0
|
||||||
|
1880251,en,AS,Asia,SG,Singapore,0
|
||||||
|
1899402,en,OC,Oceania,CK,"Cook Islands",0
|
||||||
|
1966436,en,OC,Oceania,TL,"East Timor",0
|
||||||
|
2017370,en,EU,Europe,RU,Russia,0
|
||||||
|
2029969,en,AS,Asia,MN,Mongolia,0
|
||||||
|
2077456,en,OC,Oceania,AU,Australia,0
|
||||||
|
2078138,en,AS,Asia,CX,"Christmas Island",0
|
||||||
|
2080185,en,OC,Oceania,MH,"Marshall Islands",0
|
||||||
|
2081918,en,OC,Oceania,FM,"Federated States of Micronesia",0
|
||||||
|
2088628,en,OC,Oceania,PG,"Papua New Guinea",0
|
||||||
|
2103350,en,OC,Oceania,SB,"Solomon Islands",0
|
||||||
|
2110297,en,OC,Oceania,TV,Tuvalu,0
|
||||||
|
2110425,en,OC,Oceania,NR,Nauru,0
|
||||||
|
2134431,en,OC,Oceania,VU,Vanuatu,0
|
||||||
|
2139685,en,OC,Oceania,NC,"New Caledonia",0
|
||||||
|
2155115,en,OC,Oceania,NF,"Norfolk Island",0
|
||||||
|
2186224,en,OC,Oceania,NZ,"New Zealand",0
|
||||||
|
2205218,en,OC,Oceania,FJ,Fiji,0
|
||||||
|
2215636,en,AF,Africa,LY,Libya,0
|
||||||
|
2233387,en,AF,Africa,CM,Cameroon,0
|
||||||
|
2245662,en,AF,Africa,SN,Senegal,0
|
||||||
|
2260494,en,AF,Africa,CG,"Republic of the Congo",0
|
||||||
|
2264397,en,EU,Europe,PT,Portugal,1
|
||||||
|
2275384,en,AF,Africa,LR,Liberia,0
|
||||||
|
2287781,en,AF,Africa,CI,"Ivory Coast",0
|
||||||
|
2300660,en,AF,Africa,GH,Ghana,0
|
||||||
|
2309096,en,AF,Africa,GQ,"Equatorial Guinea",0
|
||||||
|
2328926,en,AF,Africa,NG,Nigeria,0
|
||||||
|
2361809,en,AF,Africa,BF,"Burkina Faso",0
|
||||||
|
2363686,en,AF,Africa,TG,Togo,0
|
||||||
|
2372248,en,AF,Africa,GW,Guinea-Bissau,0
|
||||||
|
2378080,en,AF,Africa,MR,Mauritania,0
|
||||||
|
2395170,en,AF,Africa,BJ,Benin,0
|
||||||
|
2400553,en,AF,Africa,GA,Gabon,0
|
||||||
|
2403846,en,AF,Africa,SL,"Sierra Leone",0
|
||||||
|
2410758,en,AF,Africa,ST,"São Tomé and Príncipe",0
|
||||||
|
2411586,en,EU,Europe,GI,Gibraltar,0
|
||||||
|
2413451,en,AF,Africa,GM,Gambia,0
|
||||||
|
2420477,en,AF,Africa,GN,Guinea,0
|
||||||
|
2434508,en,AF,Africa,TD,Chad,0
|
||||||
|
2440476,en,AF,Africa,NE,Niger,0
|
||||||
|
2453866,en,AF,Africa,ML,Mali,0
|
||||||
|
2461445,en,AF,Africa,EH,"Western Sahara",0
|
||||||
|
2464461,en,AF,Africa,TN,Tunisia,0
|
||||||
|
2510769,en,EU,Europe,ES,Spain,1
|
||||||
|
2542007,en,AF,Africa,MA,Morocco,0
|
||||||
|
2562770,en,EU,Europe,MT,Malta,1
|
||||||
|
2589581,en,AF,Africa,DZ,Algeria,0
|
||||||
|
2622320,en,EU,Europe,FO,"Faroe Islands",0
|
||||||
|
2623032,en,EU,Europe,DK,Denmark,1
|
||||||
|
2629691,en,EU,Europe,IS,Iceland,0
|
||||||
|
2635167,en,EU,Europe,GB,"United Kingdom",1
|
||||||
|
2658434,en,EU,Europe,CH,Switzerland,0
|
||||||
|
2661886,en,EU,Europe,SE,Sweden,1
|
||||||
|
2750405,en,EU,Europe,NL,Netherlands,1
|
||||||
|
2782113,en,EU,Europe,AT,Austria,1
|
||||||
|
2802361,en,EU,Europe,BE,Belgium,1
|
||||||
|
2921044,en,EU,Europe,DE,Germany,1
|
||||||
|
2960313,en,EU,Europe,LU,Luxembourg,1
|
||||||
|
2963597,en,EU,Europe,IE,Ireland,1
|
||||||
|
2993457,en,EU,Europe,MC,Monaco,0
|
||||||
|
3017382,en,EU,Europe,FR,France,1
|
||||||
|
3041565,en,EU,Europe,AD,Andorra,0
|
||||||
|
3042058,en,EU,Europe,LI,Liechtenstein,0
|
||||||
|
3042142,en,EU,Europe,JE,Jersey,0
|
||||||
|
3042225,en,EU,Europe,IM,"Isle of Man",0
|
||||||
|
3042362,en,EU,Europe,GG,Guernsey,0
|
||||||
|
3057568,en,EU,Europe,SK,Slovakia,1
|
||||||
|
3077311,en,EU,Europe,CZ,Czechia,1
|
||||||
|
3144096,en,EU,Europe,NO,Norway,0
|
||||||
|
3164670,en,EU,Europe,VA,"Vatican City",0
|
||||||
|
3168068,en,EU,Europe,SM,"San Marino",0
|
||||||
|
3175395,en,EU,Europe,IT,Italy,1
|
||||||
|
3190538,en,EU,Europe,SI,Slovenia,1
|
||||||
|
3194884,en,EU,Europe,ME,Montenegro,0
|
||||||
|
3202326,en,EU,Europe,HR,Croatia,1
|
||||||
|
3277605,en,EU,Europe,BA,"Bosnia and Herzegovina",0
|
||||||
|
3351879,en,AF,Africa,AO,Angola,0
|
||||||
|
3355338,en,AF,Africa,NA,Namibia,0
|
||||||
|
3370751,en,AF,Africa,SH,"Saint Helena",0
|
||||||
|
3371123,en,AN,Antarctica,BV,"Bouvet Island",0
|
||||||
|
3374084,en,NA,"North America",BB,Barbados,0
|
||||||
|
3374766,en,AF,Africa,CV,"Cabo Verde",0
|
||||||
|
3378535,en,SA,"South America",GY,Guyana,0
|
||||||
|
3381670,en,SA,"South America",GF,"French Guiana",0
|
||||||
|
3382998,en,SA,"South America",SR,Suriname,0
|
||||||
|
3424932,en,NA,"North America",PM,"Saint Pierre and Miquelon",0
|
||||||
|
3425505,en,NA,"North America",GL,Greenland,0
|
||||||
|
3437598,en,SA,"South America",PY,Paraguay,0
|
||||||
|
3439705,en,SA,"South America",UY,Uruguay,0
|
||||||
|
3469034,en,SA,"South America",BR,Brazil,0
|
||||||
|
3474414,en,SA,"South America",FK,"Falkland Islands",0
|
||||||
|
3474415,en,AN,Antarctica,GS,"South Georgia and the South Sandwich Islands",0
|
||||||
|
3489940,en,NA,"North America",JM,Jamaica,0
|
||||||
|
3508796,en,NA,"North America",DO,"Dominican Republic",0
|
||||||
|
3562981,en,NA,"North America",CU,Cuba,0
|
||||||
|
3570311,en,NA,"North America",MQ,Martinique,0
|
||||||
|
3572887,en,NA,"North America",BS,Bahamas,0
|
||||||
|
3573345,en,NA,"North America",BM,Bermuda,0
|
||||||
|
3573511,en,NA,"North America",AI,Anguilla,0
|
||||||
|
3573591,en,NA,"North America",TT,"Trinidad and Tobago",0
|
||||||
|
3575174,en,NA,"North America",KN,"St Kitts and Nevis",0
|
||||||
|
3575830,en,NA,"North America",DM,Dominica,0
|
||||||
|
3576396,en,NA,"North America",AG,"Antigua and Barbuda",0
|
||||||
|
3576468,en,NA,"North America",LC,"Saint Lucia",0
|
||||||
|
3576916,en,NA,"North America",TC,"Turks and Caicos Islands",0
|
||||||
|
3577279,en,NA,"North America",AW,Aruba,0
|
||||||
|
3577718,en,NA,"North America",VG,"British Virgin Islands",0
|
||||||
|
3577815,en,NA,"North America",VC,"Saint Vincent and the Grenadines",0
|
||||||
|
3578097,en,NA,"North America",MS,Montserrat,0
|
||||||
|
3578421,en,NA,"North America",MF,"Saint Martin",0
|
||||||
|
3578476,en,NA,"North America",BL,Saint-Barthélemy,0
|
||||||
|
3579143,en,NA,"North America",GP,Guadeloupe,0
|
||||||
|
3580239,en,NA,"North America",GD,Grenada,0
|
||||||
|
3580718,en,NA,"North America",KY,"Cayman Islands",0
|
||||||
|
3582678,en,NA,"North America",BZ,Belize,0
|
||||||
|
3585968,en,NA,"North America",SV,"El Salvador",0
|
||||||
|
3595528,en,NA,"North America",GT,Guatemala,0
|
||||||
|
3608932,en,NA,"North America",HN,Honduras,0
|
||||||
|
3617476,en,NA,"North America",NI,Nicaragua,0
|
||||||
|
3624060,en,NA,"North America",CR,"Costa Rica",0
|
||||||
|
3625428,en,SA,"South America",VE,Venezuela,0
|
||||||
|
3658394,en,SA,"South America",EC,Ecuador,0
|
||||||
|
3686110,en,SA,"South America",CO,Colombia,0
|
||||||
|
3703430,en,NA,"North America",PA,Panama,0
|
||||||
|
3723988,en,NA,"North America",HT,Haiti,0
|
||||||
|
3865483,en,SA,"South America",AR,Argentina,0
|
||||||
|
3895114,en,SA,"South America",CL,Chile,0
|
||||||
|
3923057,en,SA,"South America",BO,Bolivia,0
|
||||||
|
3932488,en,SA,"South America",PE,Peru,0
|
||||||
|
3996063,en,NA,"North America",MX,Mexico,0
|
||||||
|
4030656,en,OC,Oceania,PF,"French Polynesia",0
|
||||||
|
4030699,en,OC,Oceania,PN,"Pitcairn Islands",0
|
||||||
|
4030945,en,OC,Oceania,KI,Kiribati,0
|
||||||
|
4031074,en,OC,Oceania,TK,Tokelau,0
|
||||||
|
4032283,en,OC,Oceania,TO,Tonga,0
|
||||||
|
4034749,en,OC,Oceania,WF,"Wallis and Futuna",0
|
||||||
|
4034894,en,OC,Oceania,WS,Samoa,0
|
||||||
|
4036232,en,OC,Oceania,NU,Niue,0
|
||||||
|
4041468,en,OC,Oceania,MP,"Northern Mariana Islands",0
|
||||||
|
4043988,en,OC,Oceania,GU,Guam,0
|
||||||
|
4566966,en,NA,"North America",PR,"Puerto Rico",0
|
||||||
|
4796775,en,NA,"North America",VI,"U.S. Virgin Islands",0
|
||||||
|
5854968,en,OC,Oceania,UM,"U.S. Minor Outlying Islands",0
|
||||||
|
5880801,en,OC,Oceania,AS,"American Samoa",0
|
||||||
|
6251999,en,NA,"North America",CA,Canada,0
|
||||||
|
6252001,en,NA,"North America",US,"United States",0
|
||||||
|
6254930,en,AS,Asia,PS,Palestine,0
|
||||||
|
6255147,en,AS,Asia,,,0
|
||||||
|
6255148,en,EU,Europe,,,0
|
||||||
|
6290252,en,EU,Europe,RS,Serbia,0
|
||||||
|
6697173,en,AN,Antarctica,AQ,Antarctica,0
|
||||||
|
7609695,en,NA,"North America",SX,"Sint Maarten",0
|
||||||
|
7626836,en,NA,"North America",CW,Curaçao,0
|
||||||
|
7626844,en,NA,"North America",BQ,"Bonaire, Sint Eustatius, and Saba",0
|
||||||
|
7909807,en,AF,Africa,SS,"South Sudan",0
|
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,292 @@
|
||||||
|
|
||||||
|
# Downloaded from https://raw.githubusercontent.com/robertdavidgraham/masscan/master/data/exclude.conf
|
||||||
|
|
||||||
|
# http://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
|
||||||
|
# http://tools.ietf.org/html/rfc5735
|
||||||
|
# "This" network
|
||||||
|
0.0.0.0/8
|
||||||
|
# Private networks
|
||||||
|
10.0.0.0/8
|
||||||
|
# Carrier-grade NAT - RFC 6598
|
||||||
|
100.64.0.0/10
|
||||||
|
# Host loopback
|
||||||
|
127.0.0.0/8
|
||||||
|
# Link local
|
||||||
|
169.254.0.0/16
|
||||||
|
# Private networks
|
||||||
|
172.16.0.0/12
|
||||||
|
# IETF Protocol Assignments
|
||||||
|
192.0.0.0/24
|
||||||
|
# DS-Lite
|
||||||
|
192.0.0.0/29
|
||||||
|
# NAT64
|
||||||
|
192.0.0.170/32
|
||||||
|
# DNS64
|
||||||
|
192.0.0.171/32
|
||||||
|
# Documentation (TEST-NET-1)
|
||||||
|
192.0.2.0/24
|
||||||
|
# 6to4 Relay Anycast
|
||||||
|
192.88.99.0/24
|
||||||
|
# Private networks
|
||||||
|
192.168.0.0/16
|
||||||
|
# Benchmarking
|
||||||
|
198.18.0.0/15
|
||||||
|
# Documentation (TEST-NET-2)
|
||||||
|
198.51.100.0/24
|
||||||
|
# Documentation (TEST-NET-3)
|
||||||
|
203.0.113.0/24
|
||||||
|
# Reserved
|
||||||
|
240.0.0.0/4
|
||||||
|
# Limited Broadcast
|
||||||
|
255.255.255.255/32
|
||||||
|
|
||||||
|
|
||||||
|
#Received: from elbmasnwh002.us-ct-eb01.gdeb.com ([153.11.13.41]
|
||||||
|
# helo=ebsmtp.gdeb.com) by mx1.gd-ms.com with esmtp (Exim 4.76) (envelope-from
|
||||||
|
# <bmandes@gdeb.com>) id 1VS55c-0004qL-0F for support@erratasec.com; Fri, 04
|
||||||
|
# Oct 2013 09:06:40 -0400
|
||||||
|
#To: <support@erratasec.com>
|
||||||
|
#CC: <ebsoc@gdeb.com>
|
||||||
|
#Subject: Scanning and Probing our network
|
||||||
|
#From: Robert Mandes <bmandes@gdeb.com>
|
||||||
|
#Date: Fri, 4 Oct 2013 09:06:36 -0400
|
||||||
|
#
|
||||||
|
#Stop scanning and probing our network, 153.11.0.0/16. We are a defense
|
||||||
|
#contractor and report to Federal law enforcement authorities when scans
|
||||||
|
#and probes are directed at our network. I assume you don't want to be
|
||||||
|
#part of that report. Please permanently remove our network range from
|
||||||
|
#your current and future research.
|
||||||
|
#
|
||||||
|
#Thank you
|
||||||
|
#
|
||||||
|
#Robert Mandes
|
||||||
|
#Information Security Officer
|
||||||
|
#General Dynamics
|
||||||
|
#Electric Boat
|
||||||
|
#
|
||||||
|
#C 860-625-0605
|
||||||
|
#P 860-433-1553
|
||||||
|
|
||||||
|
153.11.0.0/16
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#Date: Mon, 7 Oct 2013 17:25:41 -0700
|
||||||
|
#Subject: Re: please stop the attack to our router
|
||||||
|
#From: Di Li <di@egihosting.com>
|
||||||
|
#
|
||||||
|
#Make sure you stop the scan immediately, that's not OK for any company or
|
||||||
|
#organization scan our network at all.
|
||||||
|
#
|
||||||
|
#If you fail to do that we will block whole traffic from ASN 10439, and we
|
||||||
|
#will fail a police report after that.
|
||||||
|
#
|
||||||
|
#Let me know when you stop, since we still receive the attack from you, and
|
||||||
|
#by the way your scan are not going anywhere, it's was dropped from our edge
|
||||||
|
#since the first 5 scan
|
||||||
|
#
|
||||||
|
#Oct 7 17:17:32:I:SNMP: Auth. failure, intruder IP: 209.126.230.72
|
||||||
|
#...
|
||||||
|
#Oct 7 16:55:27:I:SNMP: Auth. failure, intruder IP: 209.126.230.72
|
||||||
|
#
|
||||||
|
#Di
|
||||||
|
|
||||||
|
4.53.201.0/24
|
||||||
|
5.152.179.0/24
|
||||||
|
8.12.162.0-8.12.164.255
|
||||||
|
8.14.84.0/22
|
||||||
|
8.14.145.0-8.14.147.255
|
||||||
|
8.17.250.0-8.17.252.255
|
||||||
|
23.27.0.0/16
|
||||||
|
23.231.128.0/17
|
||||||
|
37.72.172.0/23
|
||||||
|
38.72.200.0/22
|
||||||
|
50.93.192.0-50.93.197.255
|
||||||
|
50.115.128.0/20
|
||||||
|
50.117.0.0/17
|
||||||
|
50.118.128.0/17
|
||||||
|
63.141.222.0/24
|
||||||
|
64.62.253.0/24
|
||||||
|
64.92.96.0/19
|
||||||
|
64.145.79.0/24
|
||||||
|
64.145.82.0/23
|
||||||
|
64.158.146.0/23
|
||||||
|
65.49.24.0/24
|
||||||
|
65.49.93.0/24
|
||||||
|
65.162.192.0/22
|
||||||
|
66.79.160.0/19
|
||||||
|
66.160.191.0/24
|
||||||
|
68.68.96.0/20
|
||||||
|
69.46.64.0/19
|
||||||
|
69.176.80.0/20
|
||||||
|
72.13.80.0/20
|
||||||
|
72.52.76.0/24
|
||||||
|
74.82.43.0/24
|
||||||
|
74.82.160.0/19
|
||||||
|
74.114.88.0/22
|
||||||
|
74.115.0.0/24
|
||||||
|
74.115.2.0/24
|
||||||
|
74.115.4.0/24
|
||||||
|
74.122.100.0/22
|
||||||
|
75.127.0.0/24
|
||||||
|
103.251.91.0/24
|
||||||
|
108.171.32.0/24
|
||||||
|
108.171.42.0/24
|
||||||
|
108.171.52.0/24
|
||||||
|
108.171.62.0/24
|
||||||
|
118.193.78.0/23
|
||||||
|
130.93.16.0/23
|
||||||
|
136.0.0.0/16
|
||||||
|
142.111.0.0/16
|
||||||
|
142.252.0.0/16
|
||||||
|
146.82.55.93
|
||||||
|
149.54.136.0/21
|
||||||
|
149.54.152.0/21
|
||||||
|
166.88.0.0/16
|
||||||
|
172.252.0.0/16
|
||||||
|
173.245.64.0/19
|
||||||
|
173.245.194.0/23
|
||||||
|
173.245.220.0/22
|
||||||
|
173.252.192.0/18
|
||||||
|
178.18.16.0/22
|
||||||
|
178.18.26.0-178.18.29.255
|
||||||
|
183.182.22.0/24
|
||||||
|
192.92.114.0/24
|
||||||
|
192.155.160.0/19
|
||||||
|
192.177.0.0/16
|
||||||
|
192.186.0.0/18
|
||||||
|
192.249.64.0/20
|
||||||
|
192.250.240.0/20
|
||||||
|
194.110.214.0/24
|
||||||
|
198.12.120.0-198.12.122.255
|
||||||
|
198.144.240.0/20
|
||||||
|
199.33.120.0/24
|
||||||
|
199.33.124.0/22
|
||||||
|
199.48.147.0/24
|
||||||
|
199.68.196.0/22
|
||||||
|
199.127.240.0/21
|
||||||
|
199.187.168.0/22
|
||||||
|
199.188.238.0/23
|
||||||
|
199.255.208.0/24
|
||||||
|
203.12.6.0/24
|
||||||
|
204.13.64.0/21
|
||||||
|
204.16.192.0/21
|
||||||
|
204.19.238.0/24
|
||||||
|
204.74.208.0/20
|
||||||
|
205.159.189.0/24
|
||||||
|
205.164.0.0/18
|
||||||
|
205.209.128.0/18
|
||||||
|
206.108.52.0/23
|
||||||
|
206.165.4.0/24
|
||||||
|
208.77.40.0/21
|
||||||
|
208.80.4.0/22
|
||||||
|
208.123.223.0/24
|
||||||
|
209.51.185.0/24
|
||||||
|
209.54.48.0/20
|
||||||
|
209.107.192.0/23
|
||||||
|
209.107.210.0/24
|
||||||
|
209.107.212.0/24
|
||||||
|
211.156.110.0/23
|
||||||
|
216.83.33.0-216.83.49.255
|
||||||
|
216.83.51.0-216.83.63.255
|
||||||
|
216.151.183.0/24
|
||||||
|
216.151.190.0/23
|
||||||
|
216.172.128.0/19
|
||||||
|
216.185.36.0/24
|
||||||
|
216.218.233.0/24
|
||||||
|
216.224.112.0/20
|
||||||
|
|
||||||
|
#Received: from [194.77.40.242] (HELO samba.agouros.de)
|
||||||
|
# for abuse@erratasec.com; Sat, 12 Oct 2013 09:55:35 -0500
|
||||||
|
#Received: from rumba.agouros.de (rumba-internal [192.168.8.1]) by
|
||||||
|
# samba.agouros.de (Postfix) with ESMTPS id 9055FBAD1D for
|
||||||
|
# <abuse@erratasec.com>; Sat, 12 Oct 2013 16:55:32 +0200 (CEST)
|
||||||
|
#Received: from rumba.agouros.de (localhost [127.0.0.1]) by rumba.agouros.de
|
||||||
|
# (Postfix) with ESMTP id 7B5DD206099 for <abuse@erratasec.com>; Sat, 12 Oct
|
||||||
|
# 2013 16:55:32 +0200 (CEST)
|
||||||
|
#Received: from localhost.localdomain (localhost [127.0.0.1]) by
|
||||||
|
# rumba.agouros.de (Postfix) with ESMTP id 5FBC420601D for
|
||||||
|
# <abuse@erratasec.com>; Sat, 12 Oct 2013 16:55:32 +0200 (CEST)
|
||||||
|
#To: <abuse@erratasec.com>
|
||||||
|
#Subject: Loginattempts from Your net
|
||||||
|
#Message-ID: <20131012145532.5FBC420601D@rumba.agouros.de>
|
||||||
|
#Date: Sat, 12 Oct 2013 16:55:32 +0200
|
||||||
|
#From: <elwood@agouros.de>
|
||||||
|
#
|
||||||
|
#The address 209.126.230.72 from Your network tried to log in to
|
||||||
|
#our network using Port 22 (1)/tcp. Below You will find a listing of the dates and
|
||||||
|
#times the incidents occured as well as the attacked IP-Addresses.
|
||||||
|
#This is a matter of concern for us and continued tries might result in
|
||||||
|
#legal action. If the machine was victim to a hack take it offline, repair
|
||||||
|
#the damage and use better protection next time.
|
||||||
|
#The times included are in Central European (Summer) Time.
|
||||||
|
#Date Sourceip port destips
|
||||||
|
#
|
||||||
|
#07.10.2013 22:34:40 CEST 209.126.230.72 22 194.77.40.242 (1)
|
||||||
|
#08.10.2013 01:44:15 CEST 209.126.230.72 22 194.77.40.246 (1)
|
||||||
|
#
|
||||||
|
#Regards,
|
||||||
|
#Konstantin Agouros
|
||||||
|
|
||||||
|
194.77.40.242
|
||||||
|
194.77.40.246
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#Received: from [165.160.9.58] (HELO mx2.cscinfo.com)
|
||||||
|
#X-Virus-Scanned: amavisd-new at cscinfo.com
|
||||||
|
#Received: from mx2.cscinfo.com ([127.0.0.1]) by localhost
|
||||||
|
# (plmail02.wil.csc.local [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id
|
||||||
|
# GGQ7EiQaK2P0 for <protodev@erratasec.com>; Wed, 30 Oct 2013 09:26:00 -0400
|
||||||
|
# (EDT)
|
||||||
|
#Received: from casarray.cscinfo.com (pwmailch02.cscinfo.com [172.20.53.94]) by
|
||||||
|
# mx2.cscinfo.com (Postfix) with ESMTPS id 4BA5E58170 for
|
||||||
|
# <protodev@erratasec.com>; Wed, 30 Oct 2013 09:26:00 -0400 (EDT)
|
||||||
|
#Received: from PWMAILM02.cscinfo.com ([169.254.7.52]) by
|
||||||
|
# PWMAILCH02.cscinfo.com ([172.20.53.94]) with mapi id 14.02.0247.003; Wed, 30
|
||||||
|
# Oct 2013 09:26:00 -0400
|
||||||
|
#From: "Derksen, Bill" <bderksen@cscinfo.com>
|
||||||
|
#Subject: Unauthorized Scanning
|
||||||
|
#Date: Wed, 30 Oct 2013 13:25:59 +0000
|
||||||
|
#Message-ID: <1F80316A0C861F40A9A88F18465F138E01EF885F@PWMAILM02.cscinfo.com>
|
||||||
|
#x-originating-ip: [172.31.252.72]
|
||||||
|
#
|
||||||
|
#We have detected unauthorized activity from your systems on our public netw=
|
||||||
|
#ork. Please suspend scanning of our networks immediately.
|
||||||
|
#
|
||||||
|
#Our network block is 165.160/16
|
||||||
|
#
|
||||||
|
#Further scanning will result in reports of unauthorized activity being file=
|
||||||
|
#d with law enforcement agencies.
|
||||||
|
#
|
||||||
|
#Corporation Service Company
|
||||||
|
#
|
||||||
|
#
|
||||||
|
#
|
||||||
|
#________________________________
|
||||||
|
#
|
||||||
|
#NOTICE: This e-mail and any attachments is intended only for use by the add=
|
||||||
|
#ressee(s) named herein and may contain legally privileged, proprietary or c=
|
||||||
|
#onfidential information. If you are not the intended recipient of this e-ma=
|
||||||
|
#il, you are hereby notified that any dissemination, distribution or copying=
|
||||||
|
# of this email, and any attachments thereto, is strictly prohibited. If you=
|
||||||
|
# receive this email in error please immediately notify me via reply email o=
|
||||||
|
#r at (800) 927-9800 and permanently delete the original copy and any copy o=
|
||||||
|
#f any e-mail, and any printout.
|
||||||
|
|
||||||
|
165.160.0.0/16
|
||||||
|
|
||||||
|
#******************************
|
||||||
|
#Greetings from the IT Security Team at Utah State University.
|
||||||
|
#
|
||||||
|
#We have detected network activity that might be suspicious or
|
||||||
|
#malicious. We think it might be sourced from your network. We
|
||||||
|
#include IP Addresses as well as description, log snippets, and
|
||||||
|
#other useful information.
|
||||||
|
#
|
||||||
|
#Please review this information or forward to the responsible person.
|
||||||
|
129.123.0.0/16
|
||||||
|
144.39.0.0/16
|
||||||
|
204.113.91.0/24
|
||||||
|
|
Loading…
Reference in New Issue