[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #220272 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Mon Dec 4 01:02:54 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Monday, December 4, 2023 1:02:49 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #220272 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 220272
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
5691900 18973 18.0% 52.17.98.131
1400700 4669 4.4% 192.114.7.91
821100 2737 2.6% 162.243.151.35
732000 2440 2.3% 77.90.185.182
691500 2305 2.2% 77.90.185.188
689400 2298 2.2% 77.90.185.183
639900 2133 2.0% 77.90.185.158
604200 2014 1.9% 77.90.185.191
601500 2005 1.9% 77.90.185.186
599100 1997 1.9% 77.90.185.155
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-----------------------------------------------------
106457100 354857 335.8% 192.114.7.10
64880100 216267 204.6% 192.114.7.91
47100 157 0.1% 132.76.61.53
35100 117 0.1% 172.67.24.1
34500 115 0.1% 192.114.1.98
29100 97 0.1% 132.76.61.54
19500 65 0.1% 128.139.225.245
17400 58 0.1% 132.76.61.55
17400 58 0.1% 84.91.204.214
13500 45 0.0% 132.65.240.60
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------------
192.114.7.10 80 6387426000
192.114.7.10 6387426000
192.114.7.91 3892806000
192.114.7.91 80 3892770000
52.17.98.131 227683200
192.114.7.91 80 84042000
192.114.7.91 84042000
162.243.151.35 2181 32844000
162.243.151.35 32844000
77.90.185.182 54319 29280000
Further Details:
https://primary.nemo.geant.org/alerts/details/220272/
More information about the Nemo-ddos-list
mailing list