[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #212954 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Nov 15 17:44:19 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, November 15, 2023 5:44:12 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #212954 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 212954
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
40092000 133640 58.0% 89.248.163.197
2137500 7125 3.1% 94.131.117.45
1564800 5216 2.3% 138.199.62.33
1048200 3494 1.5% 94.102.61.27
944400 3148 1.4% 162.243.143.11
825000 2750 1.2% 198.199.115.29
763800 2546 1.1% 104.156.155.12
748200 2494 1.1% 192.241.226.52
740700 2469 1.1% 211.137.207.163
582900 1943 0.8% 2.56.247.171
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
249900 833 0.4% 132.72.168.27
210900 703 0.3% 132.70.152.110
143400 478 0.2% 132.72.6.1
116700 389 0.2% 132.66.251.11
82800 276 0.1% 132.72.8.247
71700 239 0.1% 132.76.61.54
61200 204 0.1% 132.65.44.95
59100 197 0.1% 192.114.105.254
56400 188 0.1% 132.76.61.53
36900 123 0.1% 192.114.1.98
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
89.248.163.197 1603680000
89.248.163.197 42346 1334604000
184.30.24.134 443 373809300
184.30.24.134 50844 373809300
184.30.24.134 373809300
443 132.72.168.27 373809300
132.72.168.27 50844 373809300
132.72.168.27 373809300
23.2.13.51 443 314747400
23.2.13.51 54363 314747400
Further Details:
https://primary.nemo.geant.org/alerts/details/212954/
More information about the Nemo-ddos-list
mailing list