[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #206066 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]

Hank Nussbacher hank at mail.iucc.ac.il
Wed Nov 1 23:54:56 IST 2023




________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, November 1, 2023 11:54:49 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #206066 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]

Please find the analysis details for the Alert ID: 206066

Top-10 Src IPs by Packets:
   Packets   Est. Rate   % of Total           Src IP
---------------------------------------------------
  14378100       47927        17.8%     192.36.57.35
   6316500       21055         7.8%     176.120.74.5
   5060100       16867         6.3%     52.17.98.131
   3841800       12806         4.8%   94.158.245.153
   1491000        4970         1.8%    23.95.186.171
   1175700        3919         1.5%   195.160.222.40
   1173300        3911         1.5%    46.17.102.166
   1172100        3907         1.5%    46.17.102.157
   1171800        3906         1.5%    46.17.102.163
   1164900        3883         1.4%   195.160.222.23

Top-10 Dst IPs by Packets:
  Packets   Est. Rate   % of Total          Dst IP
-------------------------------------------------
    66600         222         0.1%   132.77.62.140
    57900         193         0.1%   132.77.62.236
    51900         173         0.1%   132.77.62.125
    50400         168         0.1%    132.77.62.79
    50100         167         0.1%   132.77.62.212
    48900         163         0.1%    132.77.62.48
    48300         161         0.1%   132.77.62.150
    48300         161         0.1%   132.77.62.124
    47400         158         0.1%    132.77.62.67
    47400         158         0.1%   132.77.62.255

Top-10 Possible Targets by Bytes:
          Src IP   Src Port   Dst IP   Dst Port   Sampled Count
-------------------------------------------------------------
    192.36.57.35      54231                           575124000
    192.36.57.35                                      575124000
    176.120.74.5      54289                           252660000
    176.120.74.5                                      252660000
    52.17.98.131                                      202411200
  94.158.245.153      54451                           153672000
  94.158.245.153                                      153672000
   23.95.186.171      58016                            59640000
   23.95.186.171                                       59640000
   46.17.102.166                          50011        46932000

Further Details:
https://primary.nemo.geant.org/alerts/details/206066/


More information about the Nemo-ddos-list mailing list