[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #219894 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sat Dec 2 20:30:52 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Saturday, December 2, 2023 8:30:45 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #219894 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 219894
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
1835100 6117 4.0% 8.209.68.216
1783800 5946 3.9% 47.254.143.210
1180500 3935 2.6% 47.254.173.222
1047900 3493 2.3% 47.254.143.85
1014600 3382 2.2% 132.74.20.45
1011000 3370 2.2% 8.209.65.37
1009800 3366 2.2% 47.254.176.249
1009800 3366 2.2% 8.211.0.126
1003500 3345 2.2% 8.209.106.54
994500 3315 2.2% 8.211.0.165
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
3119400 10398 6.8% 128.139.225.245
1010700 3369 2.2% 51.16.175.215
673800 2246 1.5% 132.65.44.96
531300 1771 1.2% 192.114.23.221
474000 1580 1.0% 128.139.35.5
465000 1550 1.0% 132.65.44.95
462900 1543 1.0% 132.72.87.162
416700 1389 0.9% 128.139.34.240
251100 837 0.5% 157.240.196.62
218400 728 0.5% 128.139.200.61
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
128.139.225.245 3398793000
443 128.139.225.245 2902930500
132.74.20.45 4500 1457922000
132.74.20.45 4500 1457922000
132.74.20.45 1457922000
4500 51.16.175.215 1456486800
51.16.175.215 4500 1456486800
51.16.175.215 1456486800
31.13.84.52 443 1123599300
31.13.84.52 1123599300
Further Details:
https://primary.nemo.geant.org/alerts/details/219894/
More information about the Nemo-ddos-list
mailing list