[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #220523 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Mon Dec 4 18:23:22 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Monday, December 4, 2023 6:23:17 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #220523 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 220523
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
11508900 38363 5.4% 142.251.209.10
11478900 38263 5.3% 162.125.69.15
6592800 21976 3.1% 132.77.217.238
4921800 16406 2.3% 172.233.162.45
3706200 12354 1.7% 31.13.84.52
3562500 11875 1.7% 52.97.168.210
3389100 11297 1.6% 132.64.101.131
3120900 10403 1.5% 131.156.224.118
2501100 8337 1.2% 74.112.186.135
2436000 8120 1.1% 132.64.101.136
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-----------------------------------------------------
373993500 1246645 174.1% 192.114.3.10
17592600 58642 8.2% 132.76.61.54
16810800 56036 7.8% 132.76.61.53
9085800 30286 4.2% 128.139.225.245
6592800 21976 3.1% 54.230.106.83
3588600 11962 1.7% 132.67.252.201
3301800 11006 1.5% 132.70.2.148
3170400 10568 1.5% 128.139.200.4
3120900 10403 1.5% 132.64.145.251
3105300 10351 1.4% 128.139.200.5
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
192.114.3.10 44840340000
192.114.3.10 44461152000
192.114.3.10 44302752000
132.76.61.53 18028107600
443 132.76.61.53 18002705400
162.125.69.15 443 16376702700
162.125.69.15 16376702700
128.139.225.245 9223944300
132.77.217.238 443 9125411100
132.77.217.238 9125411100
Further Details:
https://primary.nemo.geant.org/alerts/details/220523/
More information about the Nemo-ddos-list
mailing list