[NeMo-DDoS-List] Kentik Alert: 1 changed to active, 0 changed to inactive [IUCC] (2023-12-06 09:46:38 UTC)

Hank Nussbacher hank at mail.iucc.ac.il
Wed Dec 6 12:08:15 IST 2023


Only the NOC staff have full access to all stats of Kentik.  Each university has what is known as “tenant access” which provides limited access to IP ranges of your institute:
https://kb.kentik.com/v3/Cb15.htm

Regards,
Hank

From: Nemo-ddos-list <nemo-ddos-list-bounces at nocvm.ilan.net.il> On Behalf Of Roman Safonov
Sent: Wednesday, 6 December 2023 12:00
To: nocplus at noc.ilan.net.il; Nemo-ddos-list at nocvm.ilan.net.il
Subject: Re: [NeMo-DDoS-List] Kentik Alert: 1 changed to active, 0 changed to inactive [IUCC] (2023-12-06 09:46:38 UTC)

Hi,

Maybe it’s only relevant for me but all links inside mail below have https://portal.kentik.com<https://portal.kentik.com/> prefix/domain and I can’t authenticate there.
Is it possible to see Alarm details in IUCC https://iucc.my.kentik.com<https://iucc.my.kentik.com/> tenant? With IUCC prefix/domain?

--
Regards,
Roman Safonov
Network and Security Engineer
Computer and Information Systems
Technion, Haifa
Tel. 07-3378-4992
Email: romans at technion.ac.il<mailto:romans at technion.ac.il>
Think before you ink.


From: Nemo-ddos-list <nemo-ddos-list-bounces at nocvm.ilan.net.il<mailto:nemo-ddos-list-bounces at nocvm.ilan.net.il>> on behalf of Kentik <no-reply at kentikalerts.com<mailto:no-reply at kentikalerts.com>>
Date: Wednesday, 6 December 2023 at 11:47
To: nocplus at noc.ilan.net.il<mailto:nocplus at noc.ilan.net.il> <nocplus at noc.ilan.net.il<mailto:nocplus at noc.ilan.net.il>>, Nemo-ddos-list at nocvm.ilan.net.il<mailto:Nemo-ddos-list at nocvm.ilan.net.il> <Nemo-ddos-list at nocvm.ilan.net.il<mailto:Nemo-ddos-list at nocvm.ilan.net.il>>
Subject: [NeMo-DDoS-List] Kentik Alert: 1 changed to active, 0 changed to inactive [IUCC] (2023-12-06 09:46:38 UTC)
Some people who received this message don't often get email from no-reply at kentikalerts.com<mailto:no-reply at kentikalerts.com>. Learn why this is important<https://protect.checkpoint.com/v2/___https://aka.ms/LearnAboutSenderIdentification___.YzJlOnRlY2huaW9uOmM6bzphODJkNGJjOGQyZWQ0NzZiNGU1NzFlNjZjMjJiNzkzMzo2OmFiNmM6OWI0ZTk0ZTg0ZmY5ZTg4ODc3NTUxMWI1MjliMTUyN2MyYzllOGRlYzA4YWUxNTkzZGIwODFjZjMxODllOTJkYTpoOkY>
[Kentik]
Kentik Alert for IUCC
2023-12-06 09:46:38 UTC
Alarm for DDoS: UDP Fragments Attack Active

  *   State: new → alarm
  *   Timeframe: 2023-12-06 09:46:35 UTC (start) → ongoing
  *   Severity: major
  *   Baseline Source Info: The key's current value exceeded the baseline value.
  *   IP_dst_cidr_16_128: 192.114.0.0/16
  *   Metrics:

     *   1574 Mbits/s
     *   149496.38 Packets/second
     *   28690 Unique Source IPs

Open Dashboard<https://protect.checkpoint.com/v2/___https://u2871016.ct.sendgrid.net/ls/click?upn=R4ohLrzAv67FQ4hNT7i4X4aJT4-2F2-2F1o0Zh9RTjGz98h4b5TBeE0LzKOHkPYtf-2B93-2FxtqB3mBrXVuNmviIRxu7Q-3D-3DJEtd_byRdaFF-2Fc7ni6-2F6PbQn7S-2BG9MA7h44d63pl43-2FSzrTJ4otIRGwKPYhNkjuthAteCyslhNKdeMKmgRqiwxauZ8ctvFR9tBgcyP3dgTTuZuxOi-2FTsqzcHla1qDO7-2FIP0FUhbFzEeFbBS48vI-2Fza3yjJxNfeLVYHcWFShgZUiP-2B4uGDEbJ9g5YG-2FcWYEjox05JaucOPsn4KZcZB50fCB2I0Ksuf5pmQwc-2BeBCYHj1p-2BluU-3D___.YzJlOnRlY2huaW9uOmM6bzphODJkNGJjOGQyZWQ0NzZiNGU1NzFlNjZjMjJiNzkzMzo2OmEyNGI6MTEyYWMyMmIyZjQ5YWNiYjUyZjEyYmQ4Yjg2MWFhMWQxOTU2MGZmOWNmMzc0YjJkYjM4OTM3NTI4Zjc1ZTYyMTpoOkY> | Open Details<https://protect.checkpoint.com/v2/___https://u2871016.ct.sendgrid.net/ls/click?upn=R4ohLrzAv67FQ4hNT7i4X4aJT4-2F2-2F1o0Zh9RTjGz98gce9YMzTsM4UeYh3765wBlXCv8IPIxVa5487lDUaQxGg-3D-3D4YfV_byRdaFF-2Fc7ni6-2F6PbQn7S-2BG9MA7h44d63pl43-2FSzrTJ4otIRGwKPYhNkjuthAteCyslhNKdeMKmgRqiwxauZ8f5BGPVJvj9y-2B4SKfY2ppJ7mTN8ZlTUnNXnzxl4YRr4bXTwT3ZZsqMq2uQrdLqFwziYUTq2HGs85gMJ452ZFHk45HbwLlFGT4AZxg6EcpezfCQP5jnMj6y8FdzFyOYbt6nhnV2uH4-2BWehPXdRYlP6rc-3D___.YzJlOnRlY2huaW9uOmM6bzphODJkNGJjOGQyZWQ0NzZiNGU1NzFlNjZjMjJiNzkzMzo2OmNhYTE6ZjdmYzY1ZjRjMjNiM2EyNWEzNWJhYWM3ODZiMjRmYTRjZjE4ODI4MzAzMTI0NjVjYTFhZThmOGFiNjVmNzMyYzpoOkY> | Open Alerting List<https://protect.checkpoint.com/v2/___https://u2871016.ct.sendgrid.net/ls/click?upn=R4ohLrzAv67FQ4hNT7i4X4aJT4-2F2-2F1o0Zh9RTjGz98iFaufLYQcIVFxe72b0hIHMuLOO-2F-2Bmxg-2BS1z0lWuNmM0w-3D-3D4yBt_byRdaFF-2Fc7ni6-2F6PbQn7S-2BG9MA7h44d63pl43-2FSzrTJ4otIRGwKPYhNkjuthAteCyslhNKdeMKmgRqiwxauZ8XAy7U-2FsYu1WLMllOx0XEYdE9Ij8rK-2FI6I0eaMzWsJLB60F2eiYdVPKrWZaxnuLvU-2BwLkRTndIbRY-2BY8TPzbUCazFuBFhtx9iWe33T1vPGha79DBbZrsY-2BzaCfe8thmIwPego4fh-2FCsBpmLPaVr4wno-3D___.YzJlOnRlY2huaW9uOmM6bzphODJkNGJjOGQyZWQ0NzZiNGU1NzFlNjZjMjJiNzkzMzo2OmQyNDI6ZDlmMThjMTBhMThkM2M1NmEzMTJjNzNjMDk5ZjYzMDgwMjA5ZjU0NmMxMDdlZjY4ZDU0NzE3ZTQwN2YxMzQyNDpoOkY>

To see DDoS Alerts dashboard, click here<https://protect.checkpoint.com/v2/___https://u2871016.ct.sendgrid.net/ls/click?upn=R4ohLrzAv67FQ4hNT7i4X4aJT4-2F2-2F1o0Zh9RTjGz98i-2FjHcKMUZGgjFaLNOencDi-2FFZkarVE4tiXhMEhKlVEZA-3D-3D9mtf_byRdaFF-2Fc7ni6-2F6PbQn7S-2BG9MA7h44d63pl43-2FSzrTJ4otIRGwKPYhNkjuthAteCyslhNKdeMKmgRqiwxauZ8QH2XryQqYhoVYWNhAyTxlum3Tdx7cUZX-2B0bXyC0e69fVB07sGkmS5IkHIxuRIZhUOpJmGGaStSV9swKkoRAgB-2FeWz3GEqq-2B36fIN-2F4zRDvIGTVeDI5vYgsITevHKesmxvHMRTTe5jy-2FFVsvvP59kXc-3D___.YzJlOnRlY2huaW9uOmM6bzphODJkNGJjOGQyZWQ0NzZiNGU1NzFlNjZjMjJiNzkzMzo2OmMzMjg6MGY1NjRhMGIyMjQ0YzRmNmRhMmQ2MGM0NTRkZWVmZDkxYjVmYTMxYWYwNGRlYzhkNDQ3OTZiOGU0NmU0ZjYzMTpoOkY>.
Manage your notification channels<https://protect.checkpoint.com/v2/___https://u2871016.ct.sendgrid.net/ls/click?upn=R4ohLrzAv67FQ4hNT7i4X4aJT4-2F2-2F1o0Zh9RTjGz98jiJU9-2BCVlQj5Fdy3kNMyDRcOgmXDMxDPrSYXKPFPFF4Q-3D-3DimyX_byRdaFF-2Fc7ni6-2F6PbQn7S-2BG9MA7h44d63pl43-2FSzrTJ4otIRGwKPYhNkjuthAteCyslhNKdeMKmgRqiwxauZ8ZvYRm-2BwRcVZZgwxbCGV8t2Wl2a515FTUbDRUi2Lb0Y5OuLYaLeo9PNJ-2BSowtCtCLVd4iEh-2Bu-2F21LUoENnVkHim3a-2BEWiB9qdnEiLptkR1mfEHRUkOsulOceGfOJlp2qq7CiYqANxZPH7Wn-2BOucyyFE-3D___.YzJlOnRlY2huaW9uOmM6bzphODJkNGJjOGQyZWQ0NzZiNGU1NzFlNjZjMjJiNzkzMzo2OjdhOTc6MDQxMmE3OWMzZjk1MmNjOWI3NThmNDI1ZjVmMDg4NzY0NjEwZDBlNDExMDExYThjYTc2NGJlZDQyOGNjMDE3YTpoOkY>
© 2023 Kentik | 548 Market St PMB 78595 | San Francisco, CA 94104


External e-mail, be judicious when opening attachments or links
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nocvm.iucc.ac.il/pipermail/nemo-ddos-list/attachments/20231206/6d129f57/attachment-0001.htm>


More information about the Nemo-ddos-list mailing list