{"id":27,"date":"2008-06-26T18:02:26","date_gmt":"2008-06-26T16:02:26","guid":{"rendered":"http:\/\/www.alvaromarin.com\/?p=27"},"modified":"2008-06-26T18:02:26","modified_gmt":"2008-06-26T16:02:26","slug":"estadisticas-de-srizbi","status":"publish","type":"post","link":"http:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/","title":{"rendered":"Estad\u00edsticas de Srizbi"},"content":{"rendered":"

Ya hablaba en anteriores posts sobre Srizbi<\/a> la botnet<\/em> m\u00e1s grande existente y que mas spam genera.<\/p>\n

Tras mi llegada del MAAWG<\/a> en el que hubo una charla de IronPort<\/a> sobre este tema, segu\u00ed en contacto con ellos con el fin de facilitarles unas estad\u00edsticas sobre las conexiones realizadas por dicho bot a nuestros servidores. A continuaci\u00f3n, los resultados del d\u00eda 23 de Junio (24 horas) tras el an\u00e1lisis de las conexiones y fingerprints<\/em> de las m\u00e1quinas que se conectaban a nuestros sistemas:<\/p>\n

<\/p>\n


\nWindows 2000 : 47.44%
\nSrizbi Ethernet : 15.98%
\nLinux 2.6.8 : 15.81%
\nUNKNOWN : 11.77%
\nWindows XP : 3.96%
\nWindows XP\/2000 : 2.51%
\nLinux 2.5 : 0.93%
\nLinux 2.4\/2.6 : 0.76%
\nWindows 98 : 0.34%
\nSrizbi ADSL? : 0.25%
\nLinux 2.4 : 0.07%
\nWindows SP3 : 0.03%
\nSolaris 10 : 0.03%
\nSolaris 8 : 0.02%
\nSolaris 9 : 0.02%
\nLinux 2.0.3x : 0.02%
\nWindows 95 : 0.01%
\nWindows 95b : 0.01%
\nFreeBSD 4.4 : 0.01%
\nLinux 2.2 : 0.01%
\nWindows NT : 0.01%
\nNovell NetWare : 0.00%
\nNetBSD 1.6 : 0.00%
\nNMAP syn : 0.00%
\nNetCache Data : 0.00%
\nNovell Netware : 0.00%
\nPocketPC 2002 : 0.00%
\nCacheFlow CacheOS : 0.00%
\nLinux 2.5\/2.6 : 0.00%
\nMysterious NAT : 0.00%
\nNetBSD 1.6X : 0.00%
\nAIX 4.3.2 : 0.00%
\nTru64 v5.1a : 0.00%
\nNetBSD 1.3 : 0.00%
\nWindows 2003 : 0.00%
\nTru64 4.0 : 0.00%
\nNetBSD 1.6Z : 0.00%
\nEagle Secure : 0.00%
\nSymbianOS 7 : 0.00%
\nSolaris 7 : 0.00%
\nInktomi crawler : 0.00%
\nOpenVMS 7.2 : 0.00%
\nNovell IntranetWare : 0.00%
\nWindows ME : 0.00%
\nSymbianOS 6048 : 0.00%
\nWindows 3.11 : 0.00%
\nFreeMiNT 1 : 0.00%
\nRISC OS : 0.00%
\nQNX demodisk : 0.00%
\nNokia IPSO : 0.00%
\nTru64 5.0 : 0.00%
\nSony Playstation : 0.00%
\nWindows CE : 0.00%
\nULTRIX 4.5 : 0.00%
\nNetCache 5.2 : 0.00%
\nNovell BorderManager: 0.00%
\nDOS Arachne : 0.00%
\n<\/code><\/p>\n

Como se ve, Srizbi (entre sus dos versiones) suma m\u00e1s del 16% de las conexiones que se realizan a nuestros servidores. A destacar tambi\u00e9n el primer puesto de Windows2000, entre otros SSOO de lo m\u00e1s extra\u00f1os, ya que no es precisamente porque haya muchos servidores de correo sobre esta plataforma…ya me entend\u00e9is ;-)<\/p>\n

A partir de las IPs de Srizbi he sacado otra estad\u00edstica ordenada por pa\u00edses; el \u00abhonroso\u00bb top 10 es:<\/p>\n


\n--,N\/A : 27,22%
\nUS,UnitedStates : 10,90%
\nRU,RussianFederation : 7,9%
\nTR,Turkey : 7,06%
\nTH,Thailand : 3,36%
\nCN,China : 3,24%
\nPL,Poland : 3,08%
\nAU,Australia : 2,98%
\nBR,Brazil : 2,88%
\nES,Spain : 2,08%
\n<\/code><\/p>\n

M\u00e1s o menos, los de siempre…<\/p>\n","protected":false},"excerpt":{"rendered":"

Ya hablaba en anteriores posts sobre Srizbi la botnet m\u00e1s grande existente y que mas spam genera. Tras mi llegada del MAAWG en el que hubo una charla de IronPort sobre este tema, segu\u00ed en contacto con ellos con el … Sigue leyendo →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3],"tags":[111,23],"yoast_head":"\nEstad\u00edsticas de Srizbi - www.alvaromarin.com<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Estad\u00edsticas de Srizbi - www.alvaromarin.com\" \/>\n<meta property=\"og:description\" content=\"Ya hablaba en anteriores posts sobre Srizbi la botnet m\u00e1s grande existente y que mas spam genera. Tras mi llegada del MAAWG en el que hubo una charla de IronPort sobre este tema, segu\u00ed en contacto con ellos con el … Sigue leyendo →\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/\" \/>\n<meta property=\"og:site_name\" content=\"www.alvaromarin.com\" \/>\n<meta property=\"article:published_time\" content=\"2008-06-26T16:02:26+00:00\" \/>\n<meta name=\"author\" content=\"Alvaro Mar\u00edn Illera\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alvaro Mar\u00edn Illera\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minuto\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/\",\"url\":\"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/\",\"name\":\"Estad\u00edsticas de Srizbi - www.alvaromarin.com\",\"isPartOf\":{\"@id\":\"http:\/\/www.alvaromarin.com\/#website\"},\"datePublished\":\"2008-06-26T16:02:26+00:00\",\"dateModified\":\"2008-06-26T16:02:26+00:00\",\"author\":{\"@id\":\"http:\/\/www.alvaromarin.com\/#\/schema\/person\/287057c6a545a612badd5caa00bfd0bf\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"http:\/\/www.alvaromarin.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Estad\u00edsticas de Srizbi\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/www.alvaromarin.com\/#website\",\"url\":\"http:\/\/www.alvaromarin.com\/\",\"name\":\"www.alvaromarin.com\",\"description\":\"Blog sobre spam, sistemas antispam y correo electr\u00f3nico\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/www.alvaromarin.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"es\"},{\"@type\":\"Person\",\"@id\":\"http:\/\/www.alvaromarin.com\/#\/schema\/person\/287057c6a545a612badd5caa00bfd0bf\",\"name\":\"Alvaro Mar\u00edn Illera\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"http:\/\/www.alvaromarin.com\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/1.gravatar.com\/avatar\/d260aa4421f4ceb816fe98ba240bec2b?s=96&d=mm&r=g\",\"contentUrl\":\"http:\/\/1.gravatar.com\/avatar\/d260aa4421f4ceb816fe98ba240bec2b?s=96&d=mm&r=g\",\"caption\":\"Alvaro Mar\u00edn Illera\"},\"url\":\"http:\/\/www.alvaromarin.com\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Estad\u00edsticas de Srizbi - www.alvaromarin.com","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/","og_locale":"es_ES","og_type":"article","og_title":"Estad\u00edsticas de Srizbi - www.alvaromarin.com","og_description":"Ya hablaba en anteriores posts sobre Srizbi la botnet m\u00e1s grande existente y que mas spam genera. Tras mi llegada del MAAWG en el que hubo una charla de IronPort sobre este tema, segu\u00ed en contacto con ellos con el … Sigue leyendo →","og_url":"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/","og_site_name":"www.alvaromarin.com","article_published_time":"2008-06-26T16:02:26+00:00","author":"Alvaro Mar\u00edn Illera","twitter_misc":{"Escrito por":"Alvaro Mar\u00edn Illera","Tiempo de lectura":"1 minuto"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/","url":"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/","name":"Estad\u00edsticas de Srizbi - www.alvaromarin.com","isPartOf":{"@id":"http:\/\/www.alvaromarin.com\/#website"},"datePublished":"2008-06-26T16:02:26+00:00","dateModified":"2008-06-26T16:02:26+00:00","author":{"@id":"http:\/\/www.alvaromarin.com\/#\/schema\/person\/287057c6a545a612badd5caa00bfd0bf"},"breadcrumb":{"@id":"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.alvaromarin.com\/2008\/06\/26\/estadisticas-de-srizbi\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"http:\/\/www.alvaromarin.com\/"},{"@type":"ListItem","position":2,"name":"Estad\u00edsticas de Srizbi"}]},{"@type":"WebSite","@id":"http:\/\/www.alvaromarin.com\/#website","url":"http:\/\/www.alvaromarin.com\/","name":"www.alvaromarin.com","description":"Blog sobre spam, sistemas antispam y correo electr\u00f3nico","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.alvaromarin.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"es"},{"@type":"Person","@id":"http:\/\/www.alvaromarin.com\/#\/schema\/person\/287057c6a545a612badd5caa00bfd0bf","name":"Alvaro Mar\u00edn Illera","image":{"@type":"ImageObject","inLanguage":"es","@id":"http:\/\/www.alvaromarin.com\/#\/schema\/person\/image\/","url":"http:\/\/1.gravatar.com\/avatar\/d260aa4421f4ceb816fe98ba240bec2b?s=96&d=mm&r=g","contentUrl":"http:\/\/1.gravatar.com\/avatar\/d260aa4421f4ceb816fe98ba240bec2b?s=96&d=mm&r=g","caption":"Alvaro Mar\u00edn Illera"},"url":"http:\/\/www.alvaromarin.com\/author\/admin\/"}]}},"_links":{"self":[{"href":"http:\/\/www.alvaromarin.com\/wp-json\/wp\/v2\/posts\/27"}],"collection":[{"href":"http:\/\/www.alvaromarin.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.alvaromarin.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.alvaromarin.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.alvaromarin.com\/wp-json\/wp\/v2\/comments?post=27"}],"version-history":[{"count":0,"href":"http:\/\/www.alvaromarin.com\/wp-json\/wp\/v2\/posts\/27\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.alvaromarin.com\/wp-json\/wp\/v2\/media?parent=27"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.alvaromarin.com\/wp-json\/wp\/v2\/categories?post=27"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.alvaromarin.com\/wp-json\/wp\/v2\/tags?post=27"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}