[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #193084 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Thu Oct 5 04:42:06 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Thursday, October 5, 2023 4:41:56 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #193084 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 193084
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
46269300 154231 41.2% 129.107.255.16
8974500 29915 8.0% 142.250.179.138
5387100 17957 4.8% 142.251.39.106
3174900 10583 2.8% 40.99.44.66
2916000 9720 2.6% 132.76.61.53
2845800 9486 2.5% 74.112.186.135
1725000 5750 1.5% 142.250.179.202
1658100 5527 1.5% 216.58.214.10
1178400 3928 1.0% 172.217.168.202
1145100 3817 1.0% 209.197.3.8
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
46269300 154231 41.2% 192.114.101.113
12376500 41255 11.0% 132.64.81.114
4337400 14458 3.9% 132.76.61.53
2847300 9491 2.5% 132.77.104.185
1884600 6282 1.7% 192.114.3.241
1583400 5278 1.4% 40.99.44.66
1520400 5068 1.4% 132.65.240.60
1460700 4869 1.3% 128.139.16.77
1432200 4774 1.3% 128.139.225.245
1122600 3742 1.0% 13.107.136.8
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-----------------------------------------------------------------------
129.107.255.16 1094 69020927700
129.107.255.16 69020927700
1094 192.114.101.113 69020927700
192.114.101.113 69020927700
443 132.64.81.114 17942685300
132.64.81.114 17942685300
142.250.179.138 443 12950125800
142.250.179.138 12950125800
142.251.39.106 443 7746009300
142.251.39.106 7746009300
Further Details:
https://primary.nemo.geant.org/alerts/details/193084/
More information about the Nemo-ddos-list
mailing list