[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #215145 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sun Nov 19 05:27:10 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, November 19, 2023 5:27:02 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #215145 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 215145
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
7540200 25134 15.2% 193.37.213.15
5547600 18492 11.2% 52.17.98.131
1511100 5037 3.0% 192.3.154.58
1099800 3666 2.2% 192.114.7.10
993900 3313 2.0% 94.102.61.28
952500 3175 1.9% 129.107.255.16
847500 2825 1.7% 198.199.115.21
711300 2371 1.4% 162.243.146.62
583200 1944 1.2% 2.56.247.170
571800 1906 1.1% 47.89.134.184
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
69343500 231145 139.4% 192.114.7.10
952500 3175 1.9% 192.114.101.113
125700 419 0.3% 132.71.98.19
42300 141 0.1% 192.114.1.98
33600 112 0.1% 132.64.134.150
33300 111 0.1% 132.64.134.215
33000 110 0.1% 132.64.134.196
31200 104 0.1% 132.64.134.106
31200 104 0.1% 132.64.134.185
30900 103 0.1% 132.64.134.195
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
192.114.7.10 80 3604891200
192.114.7.10 3604891200
129.107.255.16 1094 1426022100
129.107.255.16 57656 1426022100
129.107.255.16 1426022100
1094 192.114.101.113 1426022100
192.114.101.113 57656 1426022100
192.114.101.113 1426022100
193.37.213.15 43520 301608000
193.37.213.15 301608000
Further Details:
https://primary.nemo.geant.org/alerts/details/215145/
More information about the Nemo-ddos-list
mailing list