[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #193810 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Fri Oct 6 16:35:21 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Friday, October 6, 2023 4:35:16 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #193810 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 193810
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
17566800 58556 10.3% 52.218.246.27
6937800 23126 4.1% 52.92.144.185
6643500 22145 3.9% 52.218.252.171
5928900 19763 3.5% 52.92.144.89
5524800 18416 3.2% 52.218.220.107
5394000 17980 3.2% 52.218.238.3
5295000 17650 3.1% 52.218.220.3
4465500 14885 2.6% 52.218.229.115
4434900 14783 2.6% 52.92.130.137
4290300 14301 2.5% 52.92.251.169
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
--------------------------------------------------
5436300 18121 3.2% 132.76.223.77
5341200 17804 3.1% 132.76.221.250
4820400 16068 2.8% 132.76.214.126
4530300 15101 2.6% 132.76.214.146
4014000 13380 2.3% 132.76.214.125
3977100 13257 2.3% 132.72.84.207
3801000 12670 2.2% 132.76.214.132
3684900 12283 2.2% 132.76.214.123
3574200 11914 2.1% 132.76.221.174
3424800 11416 2.0% 132.76.220.237
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
52.218.246.27 443 25845235500
52.218.246.27 25845235500
52.92.144.185 443 10203166200
52.92.144.185 10203166200
52.218.252.171 443 9774294900
52.218.252.171 9774294900
52.92.144.89 443 8722910700
52.92.144.89 8722910700
52.218.220.107 443 8130023700
52.218.220.107 8130023700
Further Details:
https://primary.nemo.geant.org/alerts/details/193810/
More information about the Nemo-ddos-list
mailing list