不正なSIP着信 57
Published: 2012/11/12
相変わらずregister floodとパスワードをやぶるためのブルートフォースが大量な状況です。
脆弱なアカウント、パスワードが盗まれて、知らないうちに国際電話をかけられて多額の料金請求をうけることにならないようにSIPサーバーの監理をちゃんとしましょう。
以下最近のSIPサーバーへのブルートフォースの攻撃元。
IN(インド)、US(アメリカ)は相変わらずですが、最近SIP以外でもいろいろな攻撃の攻撃元として目立つPS(パレスチナ)、SA(サウジアラビア)が気になります。
IP | 逆引き | AS | AS Name | Country | Count |
---|---|---|---|---|---|
61.191.189.135 | NONE | 4134 | CHINANET-BACKBONE_No.31Jin-rong_Street | CN | 2 |
61.191.189.67 | NONE | 4134 | CHINANET-BACKBONE_No.31Jin-rong_Street | CN | 1 |
123.225.125.174 | p4174-ipbf2708funabasi.chiba.ocn.ne.jp. | 4713 | OCN_NTT_Communications_Corporation | JP | 9902 |
203.177.182.52 | NONE | 4775 | GLOBE-TELECOM-AS_Globe_Telecoms | PH | 2 |
58.32.208.27 | NONE | 4812 | CHINANET-SH-AP_China_Telecom_(Group) | CN | 1 |
211.103.186.163 | NONE | 4847 | CNIX-AP_China_Networks_Inter-Exchange | CN | 1 |
200.111.166.220 | video.cw.cl. | 6471 | ENTEL_CHILE_S.A. | CL | 2 |
212.138.140.250 | NONE | 8895 | ISU-RUH_King_Abdul_Aziz_City_for_Science_and_Technology | SA | 120802 |
212.26.74.17 | NONE | 8895 | ISU-RUH_King_Abdul_Aziz_City_for_Science_and_Technology | SA | 4 |
188.161.222.115 | NONE | 12975 | PALTEL-AS_PALTEL_Autonomous_System | PS | 1 |
188.161.222.254 | NONE | 12975 | PALTEL-AS_PALTEL_Autonomous_System | PS | 2 |
188.161.233.166 | NONE | 12975 | PALTEL-AS_PALTEL_Autonomous_System | PS | 10 |
188.161.93.97 | NONE | 12975 | PALTEL-AS_PALTEL_Autonomous_System | PS | 5 |
77.111.89.10 | ringato.hu. | 15467 | ENTERNET-LIBERCOM-AS_Enternet_2001_Ltd._Hungary | HU | 54 |
37.8.10.192 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS | 51 |
37.8.26.61 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS | 3 |
37.8.34.150 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS | 4 |
37.8.34.55 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS | 12 |
37.8.42.209 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS | 1 |
37.8.49.73 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS | 2 |
37.8.51.253 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS | 2 |
37.8.58.104 | NONE | 15975 | HADARA-AS_Hadara_Technologies_Private_Shareholding_Company | PS | 2 |
68.67.115.130 | accessamerica.deafactioncenter.org. | 16610 | BLUEBIRD-WIRELESS_-_Bluebird_Wireless_Broadband_Services_L.L.C. | US | 1 |
115.248.87.130 | NONE | 18101 | RELIANCE-COMMUNICATIONS-IN_Reliance_Communications_Ltd.DAKC_MUMBAI | IN | 13144 |
210.5.53.59 | vps149.lnx.vps.isx.net.nz. | 18202 | VOYAGERNET-AS-AP_Voyager_Internet_Ltd. | NZ | 119 |
50.56.28.195 | 50-56-28-195.static.cloud-ips.com. | 19994 | RACKSPACE_-_Rackspace_Hosting | US | 2 |
184.164.143.82 | NONE | 20454 | SSASN2_-_SECURED_SERVERS_LLC | US | 48 |
188.40.225.160 | static.160.225.40.188.clients.your-server.de. | 24940 | HETZNER-AS_Hetzner_Online_AG_RZ | DE | 27407 |
72.14.168.130 | mail.kingschristian.net. | 26788 | BLINK-AS2_-_Blink_Communications_Inc. | CA | 2 |
108.163.202.55 | 55.202.163.108.unassigned.ord.singlehop.net. | 32475 | SINGLEHOP-INC_-_SingleHop | US | 27635 |
69.175.68.14 | 14.68.175.69.unassigned.ord.singlehop.net. | 32475 | SINGLEHOP-INC_-_SingleHop | US | 56885 |
198.61.207.215 | NONE | 33070 | RMH-14_-_Rackspace_Hosting | US | 1 |
205.152.158.150 | NONE | 33328 | NORTON-HEALTHCARE_-_Norton_Healthcare | US | 2 |
64.31.15.244 | ns2.mcspacecraft.com. | 46475 | LIMESTONENETWORKS_-_Limestone_Networks_Inc. | US | 21868 |
173.242.117.129 | NONE | 46664 | VOLUMEDRIVE_-_VolumeDrive | US | 19697 |
134.90.144.118 | ge118.link.blixbone.net. | 50304 | BLIX_Blix_Solutions_AS | NO | 1 |
by jyake