[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #212257 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Nov 14 05:12:08 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, November 14, 2023 5:12:03 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #212257 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 212257
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
-----------------------------------------------------
119262000 397540 65.4% 79.124.58.218
17849100 59497 9.8% 94.131.117.45
6173100 20577 3.4% 52.17.98.131
1010400 3368 0.6% 198.199.119.104
915300 3051 0.5% 137.184.6.21
694200 2314 0.4% 192.241.199.29
636900 2123 0.3% 94.102.61.2
619800 2066 0.3% 198.199.104.15
588000 1960 0.3% 47.89.157.6
587400 1958 0.3% 137.184.35.0
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
--------------------------------------------------
57900 193 0.0% 194.63.239.88
51600 172 0.0% 132.73.238.247
50100 167 0.0% 132.73.238.12
48300 161 0.0% 132.73.238.209
47100 157 0.0% 132.73.238.93
46500 155 0.0% 132.73.238.141
46500 155 0.0% 132.73.238.31
44700 149 0.0% 132.73.238.7
44400 148 0.0% 132.73.238.113
43800 146 0.0% 132.73.238.206
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
------------------------------------------------------------
79.124.58.218 4770480000
94.131.117.45 713964000
79.124.58.218 65532 604080000
79.124.58.218 65529 597876000
79.124.58.218 65534 597300000
79.124.58.218 65531 597084000
79.124.58.218 65533 596484000
79.124.58.218 65530 596268000
79.124.58.218 65527 591852000
79.124.58.218 65528 589536000
Further Details:
https://primary.nemo.geant.org/alerts/details/212257/
More information about the Nemo-ddos-list
mailing list