[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #212257 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]

Hank Nussbacher hank at mail.iucc.ac.il
Tue Nov 14 05:12:08 IST 2023




________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, November 14, 2023 5:12:03 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #212257 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]

Please find the analysis details for the Alert ID: 212257

Top-10 Src IPs by Packets:
    Packets   Est. Rate   % of Total            Src IP
-----------------------------------------------------
  119262000      397540        65.4%     79.124.58.218
   17849100       59497         9.8%     94.131.117.45
    6173100       20577         3.4%      52.17.98.131
    1010400        3368         0.6%   198.199.119.104
     915300        3051         0.5%      137.184.6.21
     694200        2314         0.4%    192.241.199.29
     636900        2123         0.3%       94.102.61.2
     619800        2066         0.3%    198.199.104.15
     588000        1960         0.3%       47.89.157.6
     587400        1958         0.3%      137.184.35.0

Top-10 Dst IPs by Packets:
  Packets   Est. Rate   % of Total           Dst IP
--------------------------------------------------
    57900         193         0.0%    194.63.239.88
    51600         172         0.0%   132.73.238.247
    50100         167         0.0%    132.73.238.12
    48300         161         0.0%   132.73.238.209
    47100         157         0.0%    132.73.238.93
    46500         155         0.0%   132.73.238.141
    46500         155         0.0%    132.73.238.31
    44700         149         0.0%     132.73.238.7
    44400         148         0.0%   132.73.238.113
    43800         146         0.0%   132.73.238.206

Top-10 Possible Targets by Bytes:
         Src IP   Src Port   Dst IP   Dst Port   Sampled Count
------------------------------------------------------------
  79.124.58.218                                     4770480000
  94.131.117.45                                      713964000
  79.124.58.218      65532                           604080000
  79.124.58.218      65529                           597876000
  79.124.58.218      65534                           597300000
  79.124.58.218      65531                           597084000
  79.124.58.218      65533                           596484000
  79.124.58.218      65530                           596268000
  79.124.58.218      65527                           591852000
  79.124.58.218      65528                           589536000

Further Details:
https://primary.nemo.geant.org/alerts/details/212257/


More information about the Nemo-ddos-list mailing list