[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #212254 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Nov 14 05:24:08 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, November 14, 2023 5:24:03 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #212254 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 212254
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
87559200 291864 40.0% 79.124.58.218
17919900 59733 8.2% 94.131.117.45
6221100 20737 2.8% 52.17.98.131
4685700 15619 2.1% 154.62.137.34
2613300 8711 1.2% 13.107.138.10
2017800 6726 0.9% 13.107.136.10
1974900 6583 0.9% 142.250.179.202
1956000 6520 0.9% 142.250.180.170
1891800 6306 0.9% 142.250.180.138
1800000 6000 0.8% 3.5.28.236
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
4953300 16511 2.3% 132.70.2.148
4920300 16401 2.2% 192.114.3.241
4688100 15627 2.1% 132.64.58.79
2021400 6738 0.9% 132.74.73.159
2002500 6675 0.9% 132.74.121.228
1654200 5514 0.8% 132.76.61.53
1420800 4736 0.6% 128.139.225.245
1230300 4101 0.6% 132.66.174.70
1200900 4003 0.5% 132.76.61.54
982800 3276 0.4% 132.66.251.11
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
443 132.70.2.148 7259523000
132.70.2.148 7259523000
79.124.58.218 3502368000
443 132.74.73.159 2893437000
132.74.73.159 2893437000
443 132.74.121.228 2878606800
132.74.121.228 2878606800
142.250.179.202 443 2835940500
142.250.179.202 2835940500
3.5.28.236 443 2648481600
Further Details:
https://primary.nemo.geant.org/alerts/details/212254/
More information about the Nemo-ddos-list
mailing list