[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #220275 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Mon Dec 4 01:02:53 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Monday, December 4, 2023 1:02:49 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #220275 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 220275
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
16407300 54691 10.3% 132.68.74.52
8000400 26668 5.0% 132.74.20.45
5692800 18976 3.6% 52.17.98.131
4032000 13440 2.5% 142.250.180.170
3731400 12438 2.3% 142.251.209.10
3595200 11984 2.3% 162.125.69.12
3028800 10096 1.9% 209.85.137.254
2950200 9834 1.8% 216.58.204.138
2513400 8378 1.6% 20.150.125.161
2333100 7777 1.5% 142.250.180.138
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-----------------------------------------------------
106479000 354930 66.7% 192.114.7.10
64937100 216457 40.7% 192.114.7.91
7997400 26658 5.0% 51.16.175.215
6648900 22163 4.2% 128.139.225.245
5442600 18142 3.4% 132.67.252.201
4317600 14392 2.7% 132.68.74.52
3356700 11189 2.1% 132.76.61.53
3212400 10708 2.0% 192.114.2.38
2536800 8456 1.6% 132.74.10.101
2513400 8378 1.6% 132.70.19.4
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
132.68.74.52 443 23545634700
132.68.74.52 23545634700
132.74.20.45 4500 11628771600
132.74.20.45 4500 11628771600
132.74.20.45 11628771600
4500 51.16.175.215 11628104400
51.16.175.215 4500 11628104400
51.16.175.215 11628104400
128.139.225.245 6471432900
192.114.7.10 6388505700
Further Details:
https://primary.nemo.geant.org/alerts/details/220275/
More information about the Nemo-ddos-list
mailing list