[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #213238 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Thu Nov 16 05:25:31 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Thursday, November 16, 2023 5:25:17 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #213238 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 213238
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
6643500 22145 16.4% 52.17.98.131
5866500 19555 14.5% 94.102.61.46
2583900 8613 6.4% 94.131.117.45
1022100 3407 2.5% 94.102.61.53
966600 3222 2.4% 168.80.174.100
771600 2572 1.9% 198.98.57.135
730500 2435 1.8% 198.199.118.94
710100 2367 1.8% 118.123.105.93
473700 1579 1.2% 116.153.1.110
402300 1341 1.0% 45.56.111.60
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
99377400 331258 245.0% 192.114.7.161
154200 514 0.4% 132.72.6.1
44700 149 0.1% 192.114.1.98
31800 106 0.1% 132.76.61.53
29100 97 0.1% 132.76.61.54
26100 87 0.1% 172.67.24.1
20700 69 0.1% 132.67.180.208
17400 58 0.0% 132.76.150.110
15300 51 0.0% 132.76.61.55
14700 49 0.0% 132.66.108.154
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------------
192.114.7.161 443 3975096000
192.114.7.161 3975096000
52.17.98.131 265749600
94.102.61.46 258126000
94.131.117.45 44144 103356000
94.131.117.45 103356000
94.102.61.53 8411 44972400
94.102.61.53 44972400
94.102.61.46 2195 44853600
94.102.61.46 2130 43243200
Further Details:
https://primary.nemo.geant.org/alerts/details/213238/
More information about the Nemo-ddos-list
mailing list