[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #212252 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Nov 14 05:11:37 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, November 14, 2023 5:11:32 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #212252 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 212252
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
87559200 291864 57.9% 79.124.58.218
17919900 59733 11.8% 94.131.117.45
6221100 20737 4.1% 52.17.98.131
1045500 3485 0.7% 94.102.61.2
915300 3051 0.6% 137.184.6.21
901800 3006 0.6% 192.241.199.29
850800 2836 0.6% 198.199.119.104
836100 2787 0.6% 198.199.104.15
590400 1968 0.4% 47.89.157.6
573000 1910 0.4% 47.252.18.116
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
--------------------------------------------------
65400 218 0.0% 132.73.238.12
63300 211 0.0% 194.63.239.88
61500 205 0.0% 132.73.238.209
60600 202 0.0% 132.73.238.93
60300 201 0.0% 132.73.238.31
59700 199 0.0% 132.73.238.141
58500 195 0.0% 132.73.238.113
57900 193 0.0% 132.73.238.149
57600 192 0.0% 132.73.238.172
57000 190 0.0% 132.73.238.206
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
------------------------------------------------------------
79.124.58.218 3502368000
94.131.117.45 716796000
94.131.117.45 50679 562116000
79.124.58.218 65532 446556000
79.124.58.218 65533 441936000
79.124.58.218 65530 438624000
79.124.58.218 65529 436284000
79.124.58.218 65534 435996000
79.124.58.218 65531 435072000
79.124.58.218 65528 434244000
Further Details:
https://primary.nemo.geant.org/alerts/details/212252/
More information about the Nemo-ddos-list
mailing list