[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #194210 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sat Oct 7 18:40:30 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Saturday, October 7, 2023 6:40:25 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #194210 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 194210
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
40857000 136190 19.1% 162.250.121.54
14697600 48992 6.9% 52.218.232.26
6136800 20456 2.9% 52.92.194.225
5451300 18171 2.5% 52.92.240.97
5086200 16954 2.4% 52.92.136.145
4506900 15023 2.1% 52.92.195.145
4457400 14858 2.1% 52.218.169.147
4377300 14591 2.0% 52.92.136.169
4096500 13655 1.9% 52.92.128.97
3954900 13183 1.8% 52.218.201.146
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
--------------------------------------------------
9520500 31735 4.4% 132.76.220.213
6887700 22959 3.2% 132.76.220.75
6414000 21380 3.0% 132.76.221.251
5456100 18187 2.5% 132.76.10.41
5215800 17386 2.4% 132.76.214.82
4877700 16259 2.3% 132.76.214.128
4235100 14117 2.0% 132.76.221.157
4009500 13365 1.9% 132.66.52.85
3860700 12869 1.8% 132.76.214.104
3454800 11516 1.6% 132.76.223.78
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
52.218.232.26 443 21625425000
52.218.232.26 21625425000
443 132.76.220.213 13997623800
132.76.220.213 13997623800
443 132.76.220.75 10133394000
132.76.220.75 10133394000
443 132.76.221.251 9431158200
132.76.221.251 9431158200
52.92.194.225 443 9032244600
52.92.194.225 9032244600
Further Details:
https://primary.nemo.geant.org/alerts/details/194210/
More information about the Nemo-ddos-list
mailing list