Thread: Cyberwarfare
View Single Post
  #35  
Old 10-21-2016, 10:44 PM
Daywolf Daywolf is offline
Planar Protector

Daywolf's Avatar

Join Date: Jun 2010
Location: Peeing on the grass cats chew on. And on your
Posts: 4,192
Default
Yeah, the thing is, the only data mapping that I've found working doesn't report on attacks from within the US onto the US, not well at all. The China attacks are about all showing, along with some attacks out of Russia, but the attacks from China are usually always happening. Like Norse which is the most popular site, it's been down all day, and they usually give great data on domestic attacks.

...Norse just loaded for a couple minutes before going down again, checked again while I was typing this. This is definitely a domestic attack for the most part. Every network in the US looks like it's just pounding the East coast atm. I mean it's getting pounded hard. I got in again for a minute, here's a little data...


ATTACK ORIGINS
# Country
206 United States
148 China
20 Ukraine
10 South Korea
9 Spain
7 Germany
6 Netherlands
6 Moldova
4 Saudi Arabia
4 Japan
ATTACK TYPES
# Port Service Type
163 25 ◯ smtp
77 23 ◯ telnet
68 8080 ◯ http-alt
34 5900 ◯ rfb
28 3389 ◯ ms-wbt-server
14 50864 ◯ xsan-filesystem
12 445 ◯ microsoft-ds
6 138 ◯ netbios-dgm
5 3306 ◯ mysql
5 80 ◯ http
ATTACK TARGETS
# Country
307 United States
88 United Arab Emirates
28 Spain
22 Italy
6 Saudi Arabia
5 Singapore
4 Russia
3 Portugal
2 Thailand
2 Cyprus
LIVE ATTACKS
Timestamp Attacker Attacker IP Attacker Geo Target Geo Attack Type Port
19:39:37.364 Riskiq 64.125.239.81 San Francisco, US San Francisco, US http 80
19:39:37.358 Tokai Communications Corporation 59.86.45.187 Shizuoka, JP San Francisco, US listmgr-port 3767
19:39:37.351 Adsl-Met- #304zmir- Static Pool 85.98.94.160 Istanbul, TR San Francisco, US telnet 23
19:39:37.066 Microsoft Corporation 157.56.110.245 Redmond, US De Kalb Junction, US smtp 25
19:39:36.668 Microsoft Corporation 207.46.100.252 Redmond, US De Kalb Junction, US smtp 25
19:39:36.198 Microsoft Corporation 157.56.110.249 Redmond, US De Kalb Junction, US smtp 25
19:39:35.849 Microsoft Corporation 207.46.100.254 Redmond, US De Kalb Junction, US smtp 25
19:39:35.463 Sc Starnet Srl 178.168.36.55 Chisinau, MD Oslo, NO unknown 28358
19:39:35.229 Zhenjiang Sky Netbar 218.3.55.177 Zhenjiang, CN Madrid, ES telnet 23
19:39:35.081 18-4317066_Business Process Outsourcing Internation 119.92.151.246 Cebu, PH Lynnwood, US telnet

If I could hold the con for 15-20 min I could get a better idea of what's happening.. and notice who M$ Corp is attacking lol. Looked like hardly anything outbound.

edit: hmmm yeah here is some vid of the attacks https://youtu.be/mOfp7xF7GG0?t=754 that's like pretty heavy from a couple hours ago, and mostly from within. I still can't hardly stick a con anywhere, but like I said my network was dropping not long ago.
__________________

Woof! And now a word from our sponsors..
Last edited by Daywolf; 10-21-2016 at 11:08 PM..