[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #226976 WARN: IUCC (AS378) - [Email_Analysis] [Customer] [IUCC]
Hank Nussbacher
hank at mail.iucc.ac.il
Fri Dec 22 16:09:59 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Friday, December 22, 2023 4:09:52 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #226976 WARN: IUCC (AS378) - [Email_Analysis] [Customer] [IUCC]
Please find the analysis details for the Alert ID: 226976
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
11302800 37676 37.4% 104.156.155.8
824400 2748 2.7% 186.211.1.7
621600 2072 2.1% 103.77.214.248
598200 1994 2.0% 107.170.245.9
505500 1685 1.7% 94.156.189.228
417900 1393 1.4% 89.248.165.212
216600 722 0.7% 62.204.41.63
196800 656 0.7% 183.136.225.42
176400 588 0.6% 46.165.242.73
174600 582 0.6% 77.90.185.12
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
94229700 314099 311.9% 192.114.5.142
109200 364 0.4% 132.72.6.1
45900 153 0.2% 132.76.61.53
39000 130 0.1% 132.76.61.54
36300 121 0.1% 132.64.3.119
24300 81 0.1% 132.65.40.89
22200 74 0.1% 132.76.61.55
16200 54 0.1% 192.114.23.221
15600 52 0.1% 128.139.225.245
14400 48 0.0% 192.114.91.214
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
192.114.5.142 5653393200
192.114.5.142 443 5653018800
104.156.155.8 46198 452112000
104.156.155.8 452112000
186.211.1.7 62584 36273600
186.211.1.7 36273600
443 132.65.40.89 32778000
132.65.40.89 32778000
103.77.214.248 52964 24864000
103.77.214.248 3389 24864000
Further Details:
https://primary.nemo.geant.org/alerts/details/226976/
More information about the Nemo-ddos-list
mailing list