[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #215426 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sun Nov 19 20:40:33 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, November 19, 2023 8:40:26 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #215426 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 215426
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
108453300 361511 21.7% 92.63.196.170
64219800 214066 12.9% 89.248.165.106
64022100 213407 12.8% 92.63.196.57
62719200 209064 12.6% 92.63.196.58
28303800 94346 5.7% 89.248.165.83
25727100 85757 5.2% 92.63.196.77
13695600 45652 2.7% 92.63.196.176
7441200 24804 1.5% 92.63.196.78
5241900 17473 1.1% 92.63.196.76
5170500 17235 1.0% 142.251.209.42
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
6987300 23291 1.4% 132.65.52.16
6692700 22309 1.3% 132.65.52.18
4687800 15626 0.9% 128.139.225.245
4365000 14550 0.9% 132.66.144.129
3798600 12662 0.8% 192.114.3.241
2158500 7195 0.4% 128.139.200.4
2055900 6853 0.4% 132.76.61.54
1815900 6053 0.4% 132.64.72.110
1786800 5956 0.4% 132.74.73.159
1570800 5236 0.3% 132.74.117.125
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
443 132.65.52.16 10272530100
132.65.52.16 10272530100
443 132.65.52.18 9838019100
132.65.52.18 9838019100
142.251.209.42 443 6072160200
142.251.209.42 6072160200
128.139.225.245 5946424200
443 132.66.144.129 5335242300
132.66.144.129 5335242300
443 128.139.225.245 5062271700
Further Details:
https://primary.nemo.geant.org/alerts/details/215426/
More information about the Nemo-ddos-list
mailing list