[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #220939 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Dec 5 22:04:07 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, December 5, 2023 10:04:02 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #220939 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 220939
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
------------------------------------------------------
2508000 8360 9.3% 31.13.84.52
1422000 4740 5.3% 31.13.84.4
1298700 4329 4.8% 132.74.20.45
732600 2442 2.7% 142.250.180.161
725400 2418 2.7% 216.58.204.142
459900 1533 1.7% 31.13.84.15
427800 1426 1.6% 128.139.225.245
411600 1372 1.5% 2a00:1450:4812::1a
390300 1301 1.5% 2001:bf8:900:7::4
354300 1181 1.3% 176.233.67.87
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-------------------------------------------------------
45523500 151745 169.6% 192.114.7.91
5107800 17026 19.0% 128.139.225.245
1298700 4329 4.8% 51.16.175.215
739800 2466 2.8% 132.72.202.170
660900 2203 2.5% 132.68.237.250
652800 2176 2.4% 132.65.44.96
600900 2003 2.2% 128.139.12.156
585300 1951 2.2% 2a00:1450:4812::1a
538500 1795 2.0% 128.139.225.228
471300 1571 1.8% 128.139.35.5
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
192.114.7.91 59931471600
192.114.7.91 37268013600
192.114.7.91 37268013600
53 192.114.7.91 22657460400
128.139.225.245 5396304000
443 128.139.225.245 4205937300
31.13.84.52 443 3062965500
31.13.84.52 3062965500
132.74.20.45 4500 1862461200
132.74.20.45 4500 1862461200
Further Details:
https://primary.nemo.geant.org/alerts/details/220939/
More information about the Nemo-ddos-list
mailing list