[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #194083 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sat Oct 7 07:18:07 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Saturday, October 7, 2023 7:18:01 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #194083 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 194083
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
18850200 62834 26.0% 162.250.121.54
6939900 23133 9.6% 52.17.98.131
1490700 4969 2.1% 45.9.149.127
1194000 3980 1.7% 195.160.220.44
1178100 3927 1.6% 195.160.220.25
1177800 3926 1.6% 195.160.220.28
1173000 3910 1.6% 79.133.57.2
1172100 3907 1.6% 195.160.220.23
1171200 3904 1.6% 195.160.220.62
1169700 3899 1.6% 79.133.57.14
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
--------------------------------------------------
97800 326 0.1% 192.114.1.98
30300 101 0.0% 132.76.61.54
29700 99 0.0% 172.67.24.1
28500 95 0.0% 104.22.49.147
26700 89 0.0% 132.76.61.53
24300 81 0.0% 135.148.151.29
22800 76 0.0% 103.73.219.236
21300 71 0.0% 104.22.48.147
19800 66 0.0% 132.66.251.11
18900 63 0.0% 132.64.49.44
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
162.250.121.54 51204 754008000
162.250.121.54 754008000
52.17.98.131 277598400
45.9.149.127 59628000
45.9.149.127 51048 54600000
195.160.220.44 94 46944000
195.160.220.44 46944000
79.133.57.2 88 46920000
79.133.57.2 46920000
195.160.220.23 99 46884000
Further Details:
https://primary.nemo.geant.org/alerts/details/194083/
More information about the Nemo-ddos-list
mailing list