[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #220829 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Dec 5 12:22:45 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, December 5, 2023 12:22:40 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #220829 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 220829
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
28979400 96598 7.9% 142.251.209.14
8818500 29395 2.4% 216.58.204.142
7828200 26094 2.1% 216.58.205.42
6501900 21673 1.8% 13.107.136.10
5874600 19582 1.6% 31.13.84.51
5676600 18922 1.5% 142.251.209.42
5564100 18547 1.5% 31.13.84.52
5250000 17500 1.4% 152.199.21.175
5044200 16814 1.4% 31.13.84.4
5027100 16757 1.4% 216.58.209.42
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-----------------------------------------------------
283098000 943660 76.9% 192.114.7.161
186870600 622902 50.7% 192.114.7.10
167928000 559760 45.6% 192.114.7.91
9008100 30027 2.4% 132.76.61.54
8133300 27111 2.2% 132.76.61.53
7871100 26237 2.1% 128.139.225.245
7247100 24157 2.0% 192.114.3.241
6821400 22738 1.9% 132.76.10.41
5994600 19982 1.6% 128.139.200.5
4939800 16466 1.3% 128.139.200.4
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
142.251.209.14 40025168400
142.251.209.14 443 40025118300
192.114.7.161 17123627700
192.114.7.161 80 17122293300
192.114.7.10 11211240000
192.114.7.10 80 11208494400
216.58.204.142 443 11149176600
216.58.204.142 11149176600
192.114.7.91 10073581200
192.114.7.91 80 10071679200
Further Details:
https://primary.nemo.geant.org/alerts/details/220829/
More information about the Nemo-ddos-list
mailing list