[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #228691 WARN: IUCC (AS378) - [Email_Analysis] [Customer] [IUCC]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Dec 27 04:04:03 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, December 27, 2023 4:03:57 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #228691 WARN: IUCC (AS378) - [Email_Analysis] [Customer] [IUCC]
Please find the analysis details for the Alert ID: 228691
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
------------------------------------------------------
1382400 4608 8.5% 132.74.20.45
945000 3150 5.8% 162.243.137.4
328200 1094 2.0% 192.115.46.100
282600 942 1.7% 157.240.195.63
251100 837 1.6% 173.194.10.6
247500 825 1.5% 128.139.225.245
212400 708 1.3% 2001:4860:4812::1a
202200 674 1.2% 132.76.61.2
198900 663 1.2% 216.58.205.46
189900 633 1.2% 2001:bf8:900:7::5
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
48451500 161505 299.5% 192.114.7.11
2204700 7349 13.6% 192.115.46.100
1517100 5057 9.4% 132.76.61.2
1400700 4669 8.7% 128.139.225.245
1394400 4648 8.6% 132.76.61.1
1382400 4608 8.5% 51.17.3.162
455700 1519 2.8% 132.65.44.96
439200 1464 2.7% 132.65.44.95
374400 1248 2.3% 128.139.34.240
361200 1204 2.2% 128.139.35.5
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-----------------------------------------------------------------
192.114.7.11 63371427300
192.114.7.11 39277741200
192.114.7.11 39277741200
53 192.114.7.11 24086290800
132.74.20.45 4500 2030332800
132.74.20.45 4500 2030332800
132.74.20.45 2030332800
4500 51.17.3.162 2030332800
51.17.3.162 4500 2030332800
51.17.3.162 2030332800
Further Details:
https://primary.nemo.geant.org/alerts/details/228691/
More information about the Nemo-ddos-list
mailing list