 |
| Daily Frequency of scans |
Peak number of events was on the 30th May when 545 events were logged, other dates that above average number of events were detected were the 14th and 21st of May. With a slightly elevated rate of events on the 24th May.
The detected events broke down country wise as follows
| Country | Number of events | Number of unique IP |
|---|---|---|
| China | 783 | 44 |
| Turkey | 19 | 19 |
| India | 1 | 1 |
| Pakistan | 1 | 1 |
The events on the 24th were TCP probes all on port 23 from IP addresses registered in Turkey.
The events on the 30th were UDP probes on port 58299, the 21st were UDP probes on port 38029, and the 14th were UDP probes on port 58281
The top three IP addresses for the origination of the probes where
288 events - 59.66.241.nnn (Zijing Campus 2nd Phase, Tsinghua University)
128 events - 218.109.70.nnn (WASU-BB)
122 events - 113.117.150.nnn (CHINANET Guangdong province network)
No comments:
Post a Comment