[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #220436 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Mon Dec 4 11:49:18 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Monday, December 4, 2023 11:49:10 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #220436 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 220436
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
996600 3322 3.0% 94.102.61.2
973200 3244 2.9% 192.241.230.57
750600 2502 2.2% 192.114.7.91
721500 2405 2.2% 77.90.185.188
706200 2354 2.1% 77.90.185.185
698400 2328 2.1% 77.90.185.182
678900 2263 2.0% 118.123.105.92
676500 2255 2.0% 77.90.185.183
665400 2218 2.0% 77.90.185.155
633900 2113 1.9% 77.90.185.158
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-----------------------------------------------------
66001500 220005 197.7% 192.114.7.10
62352600 207842 186.7% 192.114.7.91
129000 430 0.4% 132.76.61.54
123000 410 0.4% 132.76.61.53
76800 256 0.2% 192.114.105.246
66300 221 0.2% 192.114.105.254
50100 167 0.2% 2620:1ec:8f8::10
43800 146 0.1% 132.76.214.120
39300 131 0.1% 192.114.1.98
32700 109 0.1% 192.114.7.2
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
192.114.7.10 80 3960090000
192.114.7.10 3960090000
192.114.7.91 80 3741156000
192.114.7.91 3741156000
192.114.105.246 94044600
443 192.114.105.246 94026600
17.253.122.205 443 80463600
17.253.122.205 50487 80463600
17.253.122.205 80463600
192.114.105.246 50487 80463600
Further Details:
https://primary.nemo.geant.org/alerts/details/220436/
More information about the Nemo-ddos-list
mailing list