[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #208272 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sun Nov 5 21:24:14 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, November 5, 2023 9:24:06 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #208272 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 208272
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
78839400 262798 20.5% 89.248.165.48
69600000 232000 18.1% 92.63.196.170
52199100 173997 13.5% 92.63.196.176
33348300 111161 8.7% 89.248.165.242
13735800 45786 3.6% 94.131.117.45
5058300 16861 1.3% 142.251.209.1
4907400 16358 1.3% 94.102.61.2
3546600 11822 0.9% 13.107.138.10
3464400 11548 0.9% 142.250.179.202
3377100 11257 0.9% 142.250.180.138
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
7625700 25419 2.0% 128.139.225.245
6047400 20158 1.6% 132.64.186.144
5031000 16770 1.3% 192.114.21.139
4879800 16266 1.3% 192.114.3.241
4044600 13482 1.0% 128.139.200.5
2952600 9842 0.8% 132.64.165.32
2283000 7610 0.6% 192.114.23.221
2151600 7172 0.6% 132.76.61.54
2120100 7067 0.6% 132.64.60.34
2097900 6993 0.5% 132.73.113.43
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
---------------------------------------------------------------------
128.139.225.245 8882975100
132.64.186.144 8776004400
443 132.64.186.144 8775968400
443 128.139.225.245 7350943200
142.251.209.1 443 7329704700
142.251.209.1 7329704700
443 192.114.21.139 7302022200
192.114.21.139 7302022200
142.251.209.1 56211 7302010200
192.114.21.139 56211 7302010200
Further Details:
https://primary.nemo.geant.org/alerts/details/208272/
More information about the Nemo-ddos-list
mailing list