CSNA网络分析论坛»首页 流量分析 资源共享 经常扫描网络的地址黑名单
返回列表 发帖
查看: 3335|回复: 2

经常扫描网络的地址黑名单

[复制链接]
天蓝
发表于 2007-1-9 09:34:53 | 显示全部楼层 |阅读模式
转自:rdsk
说明:国内地址多数为拨号地址,国内ISP可以与我们联系得到此地址对应上网时间等信息。 对这些不法用户进行教育、制止,以免影响你们ISP甚至中国的声誉。也有国内很多专线地址多数为ISP管理员,希望停止非法网络扫描。 从这里,我们也可以看出一些攻击者常用的后门端口号。因为数量太大,不能全部列出,只选出一小部分最常见的和近期仍在进行的IP:

扫描TCP21端口:
202.103.80.6
202.103.136.179

连接TCP22端口:
202.103.136.179

扫描TCP23端口:
202.103.80.69
202.103.136.179

扫描TCP25端口:
202.103.136.179

扫描TCP42端口:
202.103.136.179

扫描TCP53端口:
202.103.136.179

扫描TCP69端口:
202.103.136.179

扫描TCP79端口:
202.103.80.69
202.103.136.179

扫描TCP80端口:
210.76.57.130
202.106.174.160
202.38.250.87
202.103.91.88
202.103.80.69
202.101.117.11
202.116.93.199
202.99.92.10
202.112.104.219
202.103.120.25
202.38.196.154
202.104.11.18
202.96.190.124
166.111.144.162
210.151.9.111
202.98.68.80
202.96.190.63

扫描TCP110端口:
202.103.136.179

扫描TCP111端口:
202.103.136.179
202.21.11.49
202.114.69.168
212.18.0.55
203.155.192.67

攻击(利用)TCP113端口(邮件列表):
216.90.72.3
216.117.143.95
216.122.8.227
216.157.31.216
216.200.244.220
210.102.33.2
209.242.64.155
209.235.102.23
209.133.83.130
209.133.35.11
209.133.35.16
209.133.35.17
209.116.252.2
209.113.172.16
209.47.246.101
207.211.36.2
207.211.58.12
207.115.58.41
207.115.48.91
207.115.63.81
207.115.59.58
207.110.0.50
207.40.196.12
206.109.1.6
206.40.40.1
205.152.184.10
204.248.144.194
204.162.60.71
202.224.189.103
205.219.238.23
202.204.7.235
202.105.185.168
202.103.134.11
202.96.199.66
202.96.125.107
202.96.236.125
200.203.246.1
200.230.97.10
192.215.81.87
193.79.237.186
198.69.10.4
198.6.114.2
198.143.3.26
194.179.21.9
192.124.98.111
169.132.8.27
169.132.8.26
163.28.16.21
160.45.10.13
159.28.1.1
130.240.16.33
128.125.5.229
128.125.253.183

连接TCP119端口:
202.103.136.179

扫描TCP143端口:
202.103.136.179

扫描TCP1080端口:
202.38.250.16
202.116.27.83
202.116.30.115
202.38.238.228
202.96.190.124
202.96.190.42
202.96.190.72
202.96.190.112
202.38.249.13
202.116.92.181
202.116.95.60
202.116.27.83
202.116.26.237
202.116.26.236
202.116.26.176
202.116.18.45
202.204.73.238
202.104.64.113
202.104.105.149
202.103.63.121
202.103.35.103
202.103.35.112
202.112.136.22
202.111.95.71
202.114.17.23
202.115.5.186
202.115.5.199
202.115.18.233
202.120.240.71
202.120.107.102
202.38.240.211
202.38.241.149
202.38.237.40
202.103.237.30
209.10.218.251
209.10.218.131
209.10.218.250
166.111.162.155
128.2.203.19
210.78.139.166

扫描TCP3128端口:
202.112.104.219

扫描TCP6000端口:
202.103.136.179
202.114.69.168

扫描TCP7306端口:
202.96.77.157
202.99.75.13
202.99.209.164
202.96.185.119
202.96.191.124
202.102.32.39
202.103.29.136
202.102.34.142
202.103.30.238
202.103.42.15
202.103.42.17
202.103.42.77
202.103.42.143
202.103.42.107
202.103.105.223
202.103.107.21
202.103.124.194
202.103.124.217
202.103.136.4
202.103.153.181
202.103.161.112
202.103.161.167
202.103.161.168
202.103.173.113
202.104.98.122
202.104.148.154
202.104.150.211
202.104.208.19
202.105.18.238
202.105.36.199
202.105.232.229
202.106.12.7
202.106.215.246
202.108.20.32
202.110.185.11
202.111.134.86
202.111.134.130
202.115.6.30
202.130.227.74

扫描TCP7308端口:
202.102.202.50
202.102.202.35

扫描TCP7626端口:
61.130.1.170
202.96.50.178
202.102.58.55
202.103.125.28
202.103.137.215
202.103.138.33
202.103.225.204
202.103.237.30
202.103.239.241
202.104.150.211
202.104.240.138
202.108.0.13
202.109.26.185
202.116.65.1

扫描TCP8000端口:
202.103.136.179

扫描TCP8010端口:
202.103.136.179

扫描TCP8080端口:
202.38.196.0/24
202.38.201.0/24
202.38.214.0/24
202.38.222.0/24
202.38.228.0/24
202.38.231.0/24
202.38.241.0/24
202.38.248.0/24
202.38.249.0/23
202.116.93.199
202.116.197.102
202.116.26.162
202.116.27.83
202.116.26.78
202.116.80.109
202.116.37.59
202.116.201.37
202.103.31.0/24
202.103.76.193
202.103.136.179
202.103.120.25
202.103.237.30
202.103.235.0/24
202.112.151.167
202.112.104.219
202.96.190.63
202.96.190.124
202.106.239.224
202.192.1.77
162.105.50.198
162.105.18.150
166.111.56.112
202.115.9.25
202.115.15.122
202.114.11.20
202.114.72.38
202.114.202.237
202.114.127.9
202.204.73.101
143.89.95.59

扫描TCP9100端口:
202.103.136.179

扫描TCP10080端口:
202.116.95.60
202.115.5.199
202.115.5.186
202.96.190.112

扫描TCP12345端口:
202.103.136.179

连接TCP25867端口:
202.103.136.179

连接TCP27374端口:
202.104.36.101

连接TCP31337端口:
202.103.90.77

连接TCP33434端口:
206.251.19.80
206.251.19.89
206.251.19.88
216.33.87.10
216.33.87.8
167.8.29.52
209.67.29.10

连接TCP33449端口:
207.168.234.203

扫描UDP137端口:
202.103.235.194
202.103.136.179
198.66.88.1
202.38.250.16
205.205.110.3
202.103.35.117
202.99.48.21

扫描UDP161端口:
213.36.17.43
202.103.35.5

攻击UDP137端口:
216.2.32.107
202.104.116.229
61.129.0.127
202.104.116.229
202.103.136.179
202.85.15.77
202.98.117.111
130.246.75.141
202.99.48.21

攻击(利用)UDP371端口:
206.251.4.210

攻击(利用)ICMP端口:
209.36.43.2
202.104.36.101
202.103.136.179
202.38.196.154

另外还有一些WEB站点,当你访问时,会试图获取一些不该得到的信息,
这里没有列出。该地址在不断增长中。

以上列表错误之处在所难免,如果有异议,请回帖。
回复

使用道具 举报

poot
发表于 2007-1-9 11:10:20 | 显示全部楼层
网络时代,该情况纯属正常。。。。
回复

使用道具 举报

ghostorc
发表于 2007-1-9 16:17:11 | 显示全部楼层
很多的代理地址网站上的IP地址难道不是通过扫描得来的吗?
回复

使用道具 举报

返回列表 发帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | CSNA会员注册

本版积分规则

快速回复 返回顶部 返回列表