[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #214221 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Fri Nov 17 14:42:11 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Friday, November 17, 2023 2:42:05 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #214221 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 214221
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
708600 2362 2.4% 209.85.137.254
691500 2305 2.4% 31.13.84.52
435900 1453 1.5% 185.11.74.194
428400 1428 1.5% 200.91.143.27
388200 1294 1.3% 142.250.185.238
319200 1064 1.1% 213.13.24.76
303900 1013 1.0% 190.217.98.67
287400 958 1.0% 163.70.147.63
285900 953 1.0% 209.240.0.154
274500 915 0.9% 181.143.204.170
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
33877500 112925 116.0% 192.114.7.91
3549900 11833 12.2% 132.68.239.9
3545100 11817 12.1% 132.68.1.2
3407700 11359 11.7% 132.68.1.9
3370200 11234 11.5% 132.74.6.143
2602200 8674 8.9% 128.139.225.245
499800 1666 1.7% 128.139.35.5
447000 1490 1.5% 128.139.34.240
372300 1241 1.3% 132.71.85.155
357600 1192 1.2% 128.139.200.61
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------------
192.114.7.91 33647236800
192.114.7.91 23006638500
192.114.7.91 23004572700
19 192.114.7.91 4779762900
123 192.114.7.91 3688664400
128.139.225.245 2458925400
3702 192.114.7.91 1661073300
443 128.139.225.245 1492103100
31.13.84.52 443 835962600
31.13.84.52 835962600
Further Details:
https://primary.nemo.geant.org/alerts/details/214221/
More information about the Nemo-ddos-list
mailing list