[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #218569 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Nov 28 21:27:10 IST 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, November 28, 2023 9:27:04 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #218569 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 218569
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
-------------------------------------------------
2211000 7370 5.1% 31.13.84.52
1410000 4700 3.3% 132.66.52.232
1162500 3875 2.7% 132.74.20.45
1093800 3646 2.5% 8.209.68.216
1005000 3350 2.3% 101.37.80.212
984600 3282 2.3% 8.211.0.165
981000 3270 2.3% 94.102.61.32
961200 3204 2.2% 47.89.153.27
882600 2942 2.0% 47.252.54.176
877500 2925 2.0% 47.252.50.36
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
3463500 11545 8.0% 128.139.225.245
1587600 5292 3.7% 132.66.52.232
1155600 3852 2.7% 51.16.175.215
984600 3282 2.3% 95.189.151.236
807000 2690 1.9% 192.114.23.221
549600 1832 1.3% 132.65.44.95
530400 1768 1.2% 192.114.91.214
526500 1755 1.2% 128.139.35.5
441600 1472 1.0% 128.139.34.240
337800 1126 0.8% 192.114.91.215
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
128.139.225.245 3634487700
443 128.139.225.245 3063908100
31.13.84.52 443 2697948900
31.13.84.52 2697948900
132.74.20.45 4500 1663473600
132.74.20.45 4500 1663473600
132.74.20.45 1663473600
4500 51.16.175.215 1661928000
51.16.175.215 4500 1661928000
51.16.175.215 1661928000
Further Details:
https://primary.nemo.geant.org/alerts/details/218569/
More information about the Nemo-ddos-list
mailing list