[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #215424 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sun Nov 19 20:40:16 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, November 19, 2023 8:40:11 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #215424 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 215424
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
108453300 361511 26.0% 92.63.196.170
64213200 214044 15.4% 89.248.165.106
64022100 213407 15.3% 92.63.196.57
62719200 209064 15.0% 92.63.196.58
28258500 94195 6.8% 89.248.165.83
25727100 85757 6.2% 92.63.196.77
13695600 45652 3.3% 92.63.196.176
7441200 24804 1.8% 92.63.196.78
5241000 17470 1.3% 92.63.196.76
4806000 16020 1.2% 52.17.98.131
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
--------------------------------------------------
46500 155 0.0% 104.22.48.147
42600 142 0.0% 192.114.1.98
39600 132 0.0% 132.76.61.54
35100 117 0.0% 132.76.61.53
32400 108 0.0% 132.74.73.159
26400 88 0.0% 132.66.255.253
21900 73 0.0% 132.65.12.77
19500 65 0.0% 132.64.108.204
18300 61 0.0% 132.64.176.8
18000 60 0.0% 132.64.131.6
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
92.63.196.170 4338132000
89.248.165.106 58631 2568528000
89.248.165.106 2568528000
92.63.196.170 58606 2563152000
92.63.196.57 58669 2560884000
92.63.196.57 2560884000
92.63.196.58 58670 2508768000
92.63.196.58 2508768000
92.63.196.170 58723 1774980000
89.248.165.83 58372 1130340000
Further Details:
https://primary.nemo.geant.org/alerts/details/215424/
More information about the Nemo-ddos-list
mailing list