[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #220827 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Dec 5 12:19:27 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, December 5, 2023 12:19:21 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #220827 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 220827
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
6982200 23274 2.4% 216.58.205.42
6327600 21092 2.2% 142.251.209.42
5503500 18345 1.9% 152.199.21.175
5251500 17505 1.8% 46.228.144.2
4653600 15512 1.6% 13.107.136.10
4127400 13758 1.4% 93.184.221.240
4010100 13367 1.4% 52.105.28.55
3505200 11684 1.2% 31.13.84.51
3261000 10870 1.1% 52.84.45.37
2963400 9878 1.0% 18.161.97.103
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
118127400 393758 41.4% 192.114.7.10
79855200 266184 28.0% 192.114.7.91
8487600 28292 3.0% 132.76.61.54
7747800 25826 2.7% 132.76.61.53
6715500 22385 2.4% 132.76.10.41
5545800 18486 1.9% 128.139.200.4
5501700 18339 1.9% 128.139.200.5
4853400 16178 1.7% 192.114.3.241
3895200 12984 1.4% 132.72.80.116
3809700 12699 1.3% 192.114.1.109
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
152.199.21.175 7553217300
152.199.21.175 80 7405969800
128.139.200.4 7387036200
443 128.139.200.4 7381170600
128.139.200.5 7379233500
443 128.139.200.5 7378783500
192.114.7.10 80 7084507200
192.114.7.10 7084507200
46.228.144.2 7067238900
52.105.28.55 443 5710149300
Further Details:
https://primary.nemo.geant.org/alerts/details/220827/
More information about the Nemo-ddos-list
mailing list