본문 바로가기
정보보호 (Security)

해킹 유형 정보 - 인터넷침해사고대응지원센터

by 날으는물고기 2010. 6. 17.

해킹 유형 정보 - 인터넷침해사고대응지원센터

네트워크 모니터링을 통해 수집된 해킹/취약점 현황입니다.

| 6월 17일 10시 기준
번호 해킹/취약점명 점유율
1 Host Sweep 33.44
2 UDP Tear Drop 30.58
3 Ping Sweep 7.37
4 Open Tear 6.09
5 SMB Service sweep(tcp-445) 5.51
6 TCP ACK Flooding 4.65
7 FTP Login Fail 2.54
8 UDP Flooding 1.50
9 SMB Service connect(tcp-445) 1.39
10 FTP Login Brute Force 1.39
11 Netbios Scan (Messenger, RPC Dcom, MyDoom...) (UDP-137) 1.04
12 TCP DRDOS Attack 0.96
13 TCP Invalid port 0.80
14 Ping Flooding 0.51
15 TCP Connect DOS 0.42
16 Dcom_TCP_Sweep(MSBlaster Worm, Messenger...) 0.34
17 Dcom_ICMP_Sweep(Welchia.worm, ICMP-Type8,Code0) 0.21
18 ICMP Unreachable Storm 0.18
19 HTTP Login Brute Force 0.16
20 Netbios-ns scan (Opaserv.Worm) 0.14
21 TCP Invalid flags (maerong) 0.13
22 SMB(Netbios) Service Scan (tcp-445) 0.11
23 Win32/Slamer.Worm-1 (UDP-1434) 0.08
24 SMB(Netbios) Service Scan (tcp-139) 0.08
25 Ack Storm 0.05
26 Tear Drop 0.05
27 NETBIOS Service sweep(tcp-139) 0.04
28 FIN Port Scan 0.04
29 SMB Login Brute Force 0.03
30 TCP SYN Flooding 0.03
31 UDP Invalid Data Size 0.02
32 SYN Port Scan 0.02
33 Opaserv.Worm (Netbios-ssn connection) 0.02
34 Trojan Horse Sendmail Distribution or IRC/Flood.k Master(6667/tcp) 0.02
35 ICMP Redirect DoS 0.01
36 MyDoom Worm-1(NetSky) (TCP-25) 0.01
37 TCP Tear Drop 0.01
38 UDP Invalid port 0.01
39 Secure Shell Brute Force 0.01
40 Malicious Javascript Pack-3[Res] 0.0045
41 <script (Common XSS Injection -1) 0.0034
42 SNMP Brute Force 0.0030
43 Telnet Login Fail 0.0028
44 Win32/Netsky.worm.J.K-7 (tcp 25) 0.0019
45 Windows Terminal Brute Force 0.0015
46 IP Invalid Address 0.0014
47 /names.nsf (Web server vulnerability) 0.0012
48 InstallShield Update Service Agent ActiveX Vuln[Res] 0.0012
49 ICMP Ping Of Death 0.0011
50 ICMP Invalid Type 0.0010
51 MS RPC Dcom long filename heap overflow(TCP135) 0.0007
52 Sun Solaris Telnet Remote Authentication Bypass 0.0007
53 Microsoft NetpIsRemote() MS06-040 Overflow-4(TCP-139) 0.0007
54 DCOM RPC Buffer Overflow(Worm) 0.0006
55 /domcfg.nsf (Lotus notes config change) 0.0005
56 Sun Solaris Telnet Remote Authentication Bypass(IDS) 0.0005
57 not found 0.0003
58 Apache HTTPd DoS 0.0003
59 Windows Terminal Service 0.0003
60 main.cgi ('filename' Variable File Disclosure Vulnerability) 0.0003
61 TNS Listener Null Password connect 0.0003
62 HTTPD Overflow 0.0003
63 Ethereal SMB Malformed Packet DoS 0.0002
64 Remote Network File Lister(MS Windows) 0.0002
65 MS IE Modal Dialog Zone Bypass Vulnerability 0.0002
66 board_skin_path=http:/ (Gnuboard4 "board_skin_path" File Inclusion Vulnerability) 0.0002
67 Windows Lsasrv.dll RPC buffer overflow-2 (TCP-445) 0.0002
68 Ability Server FTP STOR Buffer Overflow 0.0002
69 /count.cgi (Web Server vulnerability) 0.0002
70 Win32/Netsky.worm.P.Q-14 (tcp 25) 0.0002
71 not found 0.0001
72 Apache HTTPd DoS-1 (TCP-80) 0.0001
73 login.php?dir=http: (Attack web02 zeroboard login.php vul.) 0.0001
74 MS Windows Workstation Service Buffer Overflow-2 (MS06-070) 0.0001
75 MS Internet Expolrer BOF Shellcode launcher Response 0.0001
76 MS Windows Plug and Play Buffer Overflow-2(TCP-139) 0.0001
77 Windows Lsasrv.dll RPC buffer Overflow (TCP-445) 0.0001
78 Windows Lsasrv.dll RPC buffer Overflow 0.0001
79 Win32/Spammer.Oficla.34304-2 0.0001
80 SQL Query Injection Vulnerability 0.0001


출처 : 인터넷침해사고대응지원센터
728x90

댓글