January Third Week network security Report: Put horse site domain name 258

Intermediary transaction http://www.aliyun.com/zixun/aggregation/6858.html ">seo diagnose Taobao guest cloud host technology Hall

Recently, according to the Cncert sampling monitoring results and the national Information Security vulnerability Sharing Platform (CNVD) published data, from January 9 to January 15, China's Internet network Security index overall evaluation.

Among them, the territory by Trojans or zombies programmed to control the number of about 2.283 million, compared to the ring last week, increased by about 7.2%; The new network virus family 1, compared to last week, the number of new reduction of the number of government web site is 30, compared with the number of last week, increased by about 7.1% New information security vulnerabilities 104, a significant increase in the number of new last week about 1.5 times times, including 43 new high-risk vulnerabilities, the chain significantly increased by about 2.1 times times.

Below, IDC comments the network with everybody concerns in the period from January 9 to January 15, our country Internet network security condition:

I. Network virus activity

The number of hosts infected with the network virus in the territory is about 2.283 million, which has increased by about 7.2% compared with the chain last week. Among them, the territory by the Trojan or zombie program control of about 519,000, the chain rose about 23%; the host of the domestic infection of the Conficker worm is about 1.764 million, up from the number of the ring last week, increased by about 3.4%.

(1) According to the China Anti-Network Virus Alliance (ANVA) organized the release of active network virus to learn that the use of web-horse, software fake and bundled download to spread the proportion of network viruses, viruses are still more to exploit system vulnerabilities to attack the system. In this way, we come to understand the malicious virus TOP5 active on the network:

(Figure 1) January 9-January 15 malicious viruses active on the network TOP5

(2) in the network virus capture, Cncert captured a large number of new network virus files, which by the network virus name statistics added 120, compared to last week, the new number dropped by about 30.2%; According to the Network virus family statistics added 1, compared to last week's new number reduced 1. Below, we look at Cncert detected the top five active horse site domain name, active put horse site IP.

(Figure 2) Active horse-TOP5 site domain name

(Figure 3) Active horse-TOP5 site IP

(3) in the network of virus transmission, cncert monitoring found in the horse site, through the domain name access to a total of 258 domain names, direct access through IP a total of 55 IP. In 258 of the site domain name, registered in the territory of the number of domain names for 87 (about 33.7%), the number of domain names registered abroad 153 (about 59.3%), unknown registrar of the domestic and foreign information of 18 (about 7%). The following figure is the distribution of these site names by the top-level domain, the top three is. com (about 36%),. info (about 25.6%),. NET (about 10.1%).

(Figure 4) The top-level domain name of 258 horse-putting sites

In addition, the communications industry, the member units of the Internet communication to Cncert 1387 malicious domain name or IP (after the heavy), the units submitted to the number of statistics as shown in the following figure.

(Figure 5) The number of malicious top-level domains submitted by each unit

II. website Security

According to the Cncert monitoring data, during the statistical period, the number of sites tampered with 244, compared to last week, the number of the chain significantly reduced by about 41.4%. The number of tampered sites in the territory by type distribution as shown in the following figure, the largest number is still. com and. com.cn Domain name Web site. Among them, the gov.cn domain name class website has 30 (occupies the territory 12.3%), compared to last week's 28 month-on-month increase about 7.1%.

(Fig. 6) The Quantity distribution map of the tampered websites in mainland China

Summary: During the period from January 9 to January 16, China's Internet Security Index was evaluated as a whole and no network security incident was found to be more serious. However, users need to pay special attention to the need to strengthen the system in a timely manner to repair and reinforce the installation of security protection software. During the internet, do not easily open the network of unknown sources of pictures, music, video and other documents, do not download and install some unknown software, especially some so-called plug-in programs to prevent network virus infection.

Article by China IDC Review Net original edit, original address:

Http://www.idcps.com/News/20120121/36616.html (if you want to reprint, please specify the source)