[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #228799 CRIT: IUCC (AS378) - [Email_Analysis] [Customer] [IUCC]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Dec 27 12:44:04 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, December 27, 2023 12:43:46 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #228799 CRIT: IUCC (AS378) - [Email_Analysis] [Customer] [IUCC]
Please find the analysis details for the Alert ID: 228799
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------------------------
3108000 10360 4.7% 159.124.38.182
2328900 7763 3.5% 31.13.84.52
2233200 7444 3.4% 157.240.196.63
2228100 7427 3.4% 157.240.195.63
2039400 6798 3.1% 2a03:2880:f207:c4:face:b00c:0:43fe
1869900 6233 2.8% 31.13.84.4
1404900 4683 2.1% 31.13.84.51
1403100 4677 2.1% 157.240.196.15
1384500 4615 2.1% 2a03:2880:f007:8:face:b00c:0:1
1316100 4387 2.0% 142.251.209.1
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
97123500 323745 146.3% 192.114.7.11
3972000 13240 6.0% 128.139.225.245
1405800 4686 2.1% 192.114.23.221
1130400 3768 1.7% 192.114.91.248
1124100 3747 1.7% 192.114.3.241
859800 2866 1.3% 51.17.3.162
823200 2744 1.2% 192.114.91.247
716100 2387 1.1% 132.70.66.14
664200 2214 1.0% 192.114.91.249
642600 2142 1.0% 192.114.91.246
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
192.114.7.11 127011968100
192.114.7.11 78626019000
192.114.7.11 78626019000
53 192.114.7.11 48371235300
128.139.225.245 4173885900
443 128.139.225.245 3484373700
31.13.84.52 443 2774281800
31.13.84.52 2774281800
157.240.196.63 443 2747137200
157.240.196.63 2747137200
Further Details:
https://primary.nemo.geant.org/alerts/details/228799/
More information about the Nemo-ddos-list
mailing list