[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #221081 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Dec 6 02:49:02 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, December 6, 2023 2:48:56 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #221081 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 221081
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
-----------------------------------------------------
1565700 5219 8.7% 132.74.20.45
679500 2265 3.8% 118.123.105.93
624000 2080 3.5% 209.85.137.254
492900 1643 2.7% 31.13.84.52
407400 1358 2.3% 173.194.10.6
366600 1222 2.0% 31.13.84.4
366000 1220 2.0% 216.58.204.142
356100 1187 2.0% 31.13.84.15
219300 731 1.2% 216.58.205.46
217500 725 1.2% 2001:bf8:900:7::5
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
52225800 174086 290.0% 192.114.7.10
1866000 6220 10.4% 128.139.225.245
1565400 5218 8.7% 51.16.175.215
626700 2089 3.5% 132.65.44.96
583800 1946 3.2% 132.65.44.95
502500 1675 2.8% 128.139.35.5
394200 1314 2.2% 128.139.34.240
314100 1047 1.7% 128.139.200.60
303000 1010 1.7% 128.139.200.61
298200 994 1.7% 128.139.12.156
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
------------------------------------------------------------------
192.114.7.10 68592154500
192.114.7.10 42512995800
192.114.7.10 42512995800
53 192.114.7.10 26071686900
132.74.20.45 4500 2259817200
132.74.20.45 4500 2259817200
132.74.20.45 2259817200
4500 51.16.175.215 2259780000
51.16.175.215 4500 2259780000
51.16.175.215 2259780000
Further Details:
https://primary.nemo.geant.org/alerts/details/221081/
More information about the Nemo-ddos-list
mailing list