해킹 유형 정보 - 인터넷침해사고대응지원센터

네트워크 모니터링을 통해 수집된 해킹/취약점 현황입니다.

| 6월 17일 10시 기준
번호		해킹/취약점명		점유율
1		Host Sweep		33.44
2		UDP Tear Drop		30.58
3		Ping Sweep		7.37
4		Open Tear		6.09
5		SMB Service sweep(tcp-445)		5.51
6		TCP ACK Flooding		4.65
7		FTP Login Fail		2.54
8		UDP Flooding		1.50
9		SMB Service connect(tcp-445)		1.39
10		FTP Login Brute Force		1.39
11		Netbios Scan (Messenger, RPC Dcom, MyDoom...) (UDP-137)		1.04
12		TCP DRDOS Attack		0.96
13		TCP Invalid port		0.80
14		Ping Flooding		0.51
15		TCP Connect DOS		0.42
16		Dcom_TCP_Sweep(MSBlaster Worm, Messenger...)		0.34
17		Dcom_ICMP_Sweep(Welchia.worm, ICMP-Type8,Code0)		0.21
18		ICMP Unreachable Storm		0.18
19		HTTP Login Brute Force		0.16
20		Netbios-ns scan (Opaserv.Worm)		0.14
21		TCP Invalid flags (maerong)		0.13
22		SMB(Netbios) Service Scan (tcp-445)		0.11
23		Win32/Slamer.Worm-1 (UDP-1434)		0.08
24		SMB(Netbios) Service Scan (tcp-139)		0.08
25		Ack Storm		0.05
26		Tear Drop		0.05
27		NETBIOS Service sweep(tcp-139)		0.04
28		FIN Port Scan		0.04
29		SMB Login Brute Force		0.03
30		TCP SYN Flooding		0.03
31		UDP Invalid Data Size		0.02
32		SYN Port Scan		0.02
33		Opaserv.Worm (Netbios-ssn connection)		0.02
34		Trojan Horse Sendmail Distribution or IRC/Flood.k Master(6667/tcp)		0.02
35		ICMP Redirect DoS		0.01
36		MyDoom Worm-1(NetSky) (TCP-25)		0.01
37		TCP Tear Drop		0.01
38		UDP Invalid port		0.01
39		Secure Shell Brute Force		0.01
40		Malicious Javascript Pack-3[Res]		0.0045
41		<script (Common XSS Injection -1)		0.0034
42		SNMP Brute Force		0.0030
43		Telnet Login Fail		0.0028
44		Win32/Netsky.worm.J.K-7 (tcp 25)		0.0019
45		Windows Terminal Brute Force		0.0015
46		IP Invalid Address		0.0014
47		/names.nsf (Web server vulnerability)		0.0012
48		InstallShield Update Service Agent ActiveX Vuln[Res]		0.0012
49		ICMP Ping Of Death		0.0011
50		ICMP Invalid Type		0.0010
51		MS RPC Dcom long filename heap overflow(TCP135)		0.0007
52		Sun Solaris Telnet Remote Authentication Bypass		0.0007
53		Microsoft NetpIsRemote() MS06-040 Overflow-4(TCP-139)		0.0007
54		DCOM RPC Buffer Overflow(Worm)		0.0006
55		/domcfg.nsf (Lotus notes config change)		0.0005
56		Sun Solaris Telnet Remote Authentication Bypass(IDS)		0.0005
57		not found		0.0003
58		Apache HTTPd DoS		0.0003
59		Windows Terminal Service		0.0003
60		main.cgi ('filename' Variable File Disclosure Vulnerability)		0.0003
61		TNS Listener Null Password connect		0.0003
62		HTTPD Overflow		0.0003
63		Ethereal SMB Malformed Packet DoS		0.0002
64		Remote Network File Lister(MS Windows)		0.0002
65		MS IE Modal Dialog Zone Bypass Vulnerability		0.0002
66		board_skin_path=http:/ (Gnuboard4 "board_skin_path" File Inclusion Vulnerability)		0.0002
67		Windows Lsasrv.dll RPC buffer overflow-2 (TCP-445)		0.0002
68		Ability Server FTP STOR Buffer Overflow		0.0002
69		/count.cgi (Web Server vulnerability)		0.0002
70		Win32/Netsky.worm.P.Q-14 (tcp 25)		0.0002
71		not found		0.0001
72		Apache HTTPd DoS-1 (TCP-80)		0.0001
73		login.php?dir=http: (Attack web02 zeroboard login.php vul.)		0.0001
74		MS Windows Workstation Service Buffer Overflow-2 (MS06-070)		0.0001
75		MS Internet Expolrer BOF Shellcode launcher Response		0.0001
76		MS Windows Plug and Play Buffer Overflow-2(TCP-139)		0.0001
77		Windows Lsasrv.dll RPC buffer Overflow (TCP-445)		0.0001
78		Windows Lsasrv.dll RPC buffer Overflow		0.0001
79		Win32/Spammer.Oficla.34304-2		0.0001
80		SQL Query Injection Vulnerability		0.0001

출처 : 인터넷침해사고대응지원센터