[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #194211 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sat Oct 7 18:40:03 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Saturday, October 7, 2023 6:39:58 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #194211 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 194211
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
14697600 48992 9.0% 52.218.232.26
6136800 20456 3.7% 52.92.194.225
5451300 18171 3.3% 52.92.240.97
5086200 16954 3.1% 52.92.136.145
4506900 15023 2.7% 52.92.195.145
4457400 14858 2.7% 52.218.169.147
4377300 14591 2.7% 52.92.136.169
4096500 13655 2.5% 52.92.128.97
3954900 13183 2.4% 52.218.201.146
3885300 12951 2.4% 52.92.152.185
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
--------------------------------------------------
9520500 31735 5.8% 132.76.220.213
6887700 22959 4.2% 132.76.220.75
6414000 21380 3.9% 132.76.221.251
5455800 18186 3.3% 132.76.10.41
5215800 17386 3.2% 132.76.214.82
4877700 16259 3.0% 132.76.214.128
4235100 14117 2.6% 132.76.221.157
4009500 13365 2.4% 132.66.52.85
3860700 12869 2.4% 132.76.214.104
3454800 11516 2.1% 132.76.223.78
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
52.218.232.26 443 21625425000
52.218.232.26 21625425000
443 132.76.220.213 13997623800
132.76.220.213 13997623800
443 132.76.220.75 10133394000
132.76.220.75 10133394000
443 132.76.221.251 9431158200
132.76.221.251 9431158200
52.92.194.225 443 9032244600
52.92.194.225 9032244600
Further Details:
https://primary.nemo.geant.org/alerts/details/194211/
More information about the Nemo-ddos-list
mailing list