[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #212248 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Nov 14 05:20:15 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, November 14, 2023 5:20:09 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #212248 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 212248
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
87559200 291864 38.8% 79.124.58.218
17919900 59733 7.9% 94.131.117.45
6224100 20747 2.8% 52.17.98.131
4685700 15619 2.1% 154.62.137.34
2613300 8711 1.2% 13.107.138.10
2091600 6972 0.9% 142.250.180.170
2017800 6726 0.9% 13.107.136.10
2012400 6708 0.9% 142.250.180.138
1974900 6583 0.9% 142.250.179.202
1800000 6000 0.8% 3.5.28.236
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
5015700 16719 2.2% 192.114.3.241
4953300 16511 2.2% 132.70.2.148
4688100 15627 2.1% 132.64.58.79
2021400 6738 0.9% 132.74.73.159
2002500 6675 0.9% 132.74.121.228
1826700 6089 0.8% 128.139.225.245
1654200 5514 0.7% 132.76.61.53
1230300 4101 0.5% 132.66.174.70
1200900 4003 0.5% 132.76.61.54
1083600 3612 0.5% 128.139.200.4
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
443 132.70.2.148 7259523000
132.70.2.148 7259523000
79.124.58.218 3502368000
443 132.74.73.159 2893437000
132.74.73.159 2893437000
443 132.74.121.228 2878606800
132.74.121.228 2878606800
142.250.179.202 443 2835940500
142.250.179.202 2835940500
3.5.28.236 443 2648481600
Further Details:
https://primary.nemo.geant.org/alerts/details/212248/
More information about the Nemo-ddos-list
mailing list