[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #208274 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sun Nov 5 21:24:12 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, November 5, 2023 9:24:07 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #208274 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 208274
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
78839400 262798 28.0% 89.248.165.48
69598800 231996 24.7% 92.63.196.170
52198500 173995 18.5% 92.63.196.176
33348300 111161 11.8% 89.248.165.242
13735800 45786 4.9% 94.131.117.45
4907400 16358 1.7% 94.102.61.2
2793000 9310 1.0% 173.212.236.239
998700 3329 0.4% 94.102.61.47
958800 3196 0.3% 192.241.221.43
876300 2921 0.3% 192.241.235.25
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-------------------------------------------------
78300 261 0.0% 132.64.15.181
76500 255 0.0% 132.64.15.182
75300 251 0.0% 132.64.15.198
73800 246 0.0% 132.64.15.187
72600 242 0.0% 132.64.15.197
72300 241 0.0% 132.64.15.185
71700 239 0.0% 132.64.15.184
70800 236 0.0% 132.64.15.186
70200 234 0.0% 132.64.15.180
69300 231 0.0% 132.64.15.183
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
89.248.165.48 3153576000
92.63.196.170 2782974000
92.63.196.170 51606 2561928000
89.248.165.48 51575 2561304000
92.63.196.176 51667 2087940000
92.63.196.176 2087940000
89.248.165.242 51710 1333932000
89.248.165.242 1333932000
89.248.165.48 51750 592272000
94.131.117.45 51545 549432000
Further Details:
https://primary.nemo.geant.org/alerts/details/208274/
More information about the Nemo-ddos-list
mailing list