[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #221072 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Dec 6 01:24:57 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, December 6, 2023 1:24:52 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #221072 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 221072
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
1499400 4998 6.8% 31.13.84.52
1353900 4513 6.2% 132.74.20.45
745800 2486 3.4% 209.85.137.254
609600 2032 2.8% 107.170.243.33
575400 1918 2.6% 31.13.84.4
506400 1688 2.3% 95.90.237.169
429600 1432 2.0% 31.13.84.15
399900 1333 1.8% 96.44.142.14
289800 966 1.3% 173.194.10.7
275400 918 1.3% 162.19.136.138
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
44337600 147792 202.2% 192.114.7.10
36995100 123317 168.7% 192.114.7.91
2896800 9656 13.2% 128.139.225.245
1353900 4513 6.2% 51.16.175.215
528600 1762 2.4% 132.65.44.96
506400 1688 2.3% 132.66.50.226
478500 1595 2.2% 128.139.35.5
471300 1571 2.1% 132.65.44.95
450000 1500 2.1% 128.139.200.60
408300 1361 1.9% 128.139.34.240
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------
192.114.7.10 58065147000
192.114.7.91 48427401900
192.114.7.10 36819711600
192.114.7.10 36819711600
192.114.7.91 30511517100
192.114.7.91 30511517100
53 192.114.7.10 21240704100
53 192.114.7.91 17907803100
128.139.225.245 3306059100
443 128.139.225.245 2498154900
Further Details:
https://primary.nemo.geant.org/alerts/details/221072/
More information about the Nemo-ddos-list
mailing list