[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #215424 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]

Hank Nussbacher hank at mail.iucc.ac.il
Sun Nov 19 20:40:16 IST 2023




________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, November 19, 2023 8:40:11 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #215424 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]

Please find the analysis details for the Alert ID: 215424

Top-10 Src IPs by Packets:
    Packets   Est. Rate   % of Total           Src IP
----------------------------------------------------
  108453300      361511        26.0%    92.63.196.170
   64213200      214044        15.4%   89.248.165.106
   64022100      213407        15.3%     92.63.196.57
   62719200      209064        15.0%     92.63.196.58
   28258500       94195         6.8%    89.248.165.83
   25727100       85757         6.2%     92.63.196.77
   13695600       45652         3.3%    92.63.196.176
    7441200       24804         1.8%     92.63.196.78
    5241000       17470         1.3%     92.63.196.76
    4806000       16020         1.2%     52.17.98.131

Top-10 Dst IPs by Packets:
  Packets   Est. Rate   % of Total           Dst IP
--------------------------------------------------
    46500         155         0.0%    104.22.48.147
    42600         142         0.0%     192.114.1.98
    39600         132         0.0%     132.76.61.54
    35100         117         0.0%     132.76.61.53
    32400         108         0.0%    132.74.73.159
    26400          88         0.0%   132.66.255.253
    21900          73         0.0%     132.65.12.77
    19500          65         0.0%   132.64.108.204
    18300          61         0.0%     132.64.176.8
    18000          60         0.0%     132.64.131.6

Top-10 Possible Targets by Bytes:
          Src IP   Src Port   Dst IP   Dst Port   Sampled Count
-------------------------------------------------------------
   92.63.196.170                                     4338132000
  89.248.165.106      58631                          2568528000
  89.248.165.106                                     2568528000
   92.63.196.170      58606                          2563152000
    92.63.196.57      58669                          2560884000
    92.63.196.57                                     2560884000
    92.63.196.58      58670                          2508768000
    92.63.196.58                                     2508768000
   92.63.196.170      58723                          1774980000
   89.248.165.83      58372                          1130340000

Further Details:
https://primary.nemo.geant.org/alerts/details/215424/


More information about the Nemo-ddos-list mailing list