[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #215423 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sun Nov 19 20:37:14 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, November 19, 2023 8:37:06 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #215423 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 215423
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
57219000 190730 46.2% 89.248.165.83
24804900 82683 20.0% 92.63.196.57
4693800 15646 3.8% 52.17.98.131
2755200 9184 2.2% 37.120.234.65
2010000 6700 1.6% 94.102.61.5
1591800 5306 1.3% 192.3.154.58
1010100 3367 0.8% 192.241.196.33
984600 3282 0.8% 94.102.61.42
916500 3055 0.7% 162.243.128.5
620400 2068 0.5% 192.241.216.15
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
46500 155 0.0% 192.114.1.98
44700 149 0.0% 104.22.48.147
39000 130 0.0% 132.76.61.53
36300 121 0.0% 132.76.61.54
26400 88 0.0% 128.139.225.245
22200 74 0.0% 192.114.3.241
18000 60 0.0% 132.64.131.6
18000 60 0.0% 132.64.7.205
17100 57 0.0% 132.64.56.8
16500 55 0.0% 132.64.77.111
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
------------------------------------------------------------
89.248.165.83 58372 2288760000
89.248.165.83 2288760000
92.63.196.57 58215 992196000
92.63.196.57 992196000
52.17.98.131 187753200
37.120.234.65 57374 110208000
37.120.234.65 110208000
94.102.61.5 88440000
192.3.154.58 40078 63672000
192.3.154.58 63672000
Further Details:
https://primary.nemo.geant.org/alerts/details/215423/
More information about the Nemo-ddos-list
mailing list