[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #208273 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sun Nov 5 21:24:11 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, November 5, 2023 9:24:06 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #208273 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 208273
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
78839400 262798 21.1% 89.248.165.48
69600000 232000 18.6% 92.63.196.170
52199100 173997 14.0% 92.63.196.176
33348300 111161 8.9% 89.248.165.242
13735800 45786 3.7% 94.131.117.45
5055000 16850 1.4% 142.251.209.1
4907400 16358 1.3% 94.102.61.2
3546600 11822 0.9% 13.107.138.10
3446400 11488 0.9% 142.250.179.202
3294000 10980 0.9% 142.250.180.138
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
6047400 20158 1.6% 132.64.186.144
5031000 16770 1.3% 192.114.21.139
4786800 15956 1.3% 192.114.3.241
4472400 14908 1.2% 128.139.225.245
4036200 13454 1.1% 128.139.200.5
2951100 9837 0.8% 132.64.165.32
2151600 7172 0.6% 132.76.61.54
2118300 7061 0.6% 132.64.60.34
2097900 6993 0.6% 132.73.113.43
2047200 6824 0.5% 132.74.73.159
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
132.64.186.144 8776004400
443 132.64.186.144 8775968400
142.251.209.1 443 7326466200
142.251.209.1 7326466200
443 192.114.21.139 7302022200
192.114.21.139 7302022200
142.251.209.1 56211 7302010200
192.114.21.139 56211 7302010200
443 128.139.200.5 5128818600
128.139.200.5 5128818600
Further Details:
https://primary.nemo.geant.org/alerts/details/208273/
More information about the Nemo-ddos-list
mailing list