[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #215431 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sun Nov 19 20:44:15 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, November 19, 2023 8:44:09 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #215431 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 215431
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
128379600 427932 14.9% 92.63.196.77
124188000 413960 14.4% 92.63.196.78
85584300 285281 9.9% 92.63.196.170
66202200 220674 7.7% 92.63.196.76
65823600 219412 7.6% 89.248.165.87
63950700 213169 7.4% 92.63.196.176
49340400 164468 5.7% 92.63.196.58
48824100 162747 5.7% 92.63.196.57
32928600 109762 3.8% 89.248.165.106
29962200 99874 3.5% 92.63.196.80
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
9681000 32270 1.1% 128.139.225.245
5396700 17989 0.6% 132.65.52.16
5304900 17683 0.6% 192.114.3.241
4857300 16191 0.6% 132.65.52.18
2864700 9549 0.3% 128.139.16.77
2813700 9379 0.3% 132.76.61.54
2294700 7649 0.3% 128.139.200.4
1940700 6469 0.2% 132.72.44.112
1874400 6248 0.2% 128.139.200.5
1699800 5666 0.2% 132.64.72.110
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
128.139.225.245 11684900100
443 128.139.225.245 9631140900
443 132.65.52.16 7931811000
132.65.52.16 7931811000
443 132.65.52.18 7141968600
132.65.52.18 7141968600
92.63.196.77 5135184000
92.63.196.78 4967520000
142.251.209.42 443 4677398700
142.251.209.42 4677398700
Further Details:
https://primary.nemo.geant.org/alerts/details/215431/
More information about the Nemo-ddos-list
mailing list