[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #220833 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Dec 5 12:14:29 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, December 5, 2023 12:14:24 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #220833 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 220833
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
27779100 92597 9.1% 142.251.209.14
8398200 27994 2.8% 216.58.204.142
7194300 23981 2.4% 13.107.136.10
7063500 23545 2.3% 216.58.205.42
5301000 17670 1.7% 216.58.209.42
4889700 16299 1.6% 152.199.21.175
4494300 14981 1.5% 52.105.28.55
3725100 12417 1.2% 31.13.84.51
3656100 12187 1.2% 142.251.209.42
3564000 11880 1.2% 216.58.204.138
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
177867000 592890 58.4% 192.114.7.161
51895800 172986 17.1% 192.114.7.91
9108300 30361 3.0% 132.76.61.54
8575500 28585 2.8% 132.76.61.53
6756300 22521 2.2% 132.76.10.41
6416100 21387 2.1% 192.114.3.241
5608800 18696 1.8% 128.139.200.5
4956600 16522 1.6% 128.139.200.4
3984300 13281 1.3% 132.66.175.226
3962400 13208 1.3% 132.69.196.3
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
142.251.209.14 39361003500
142.251.209.14 443 39360953400
216.58.204.142 443 11045188200
216.58.204.142 11045188200
192.114.7.161 80 10389411600
192.114.7.161 10389411600
443 128.139.200.5 7714793400
128.139.200.5 7714793400
152.199.21.175 6909930600
152.199.21.175 80 6816522300
Further Details:
https://primary.nemo.geant.org/alerts/details/220833/
More information about the Nemo-ddos-list
mailing list