[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #194209 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sat Oct 7 18:40:31 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Saturday, October 7, 2023 6:40:26 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #194209 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 194209
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
40857000 136190 18.4% 162.250.121.54
14697600 48992 6.6% 52.218.232.26
6136800 20456 2.8% 52.92.194.225
5451300 18171 2.5% 52.92.240.97
5086200 16954 2.3% 52.92.136.145
4506900 15023 2.0% 52.92.195.145
4457400 14858 2.0% 52.218.169.147
4377300 14591 2.0% 52.92.136.169
4096500 13655 1.8% 52.92.128.97
3954900 13183 1.8% 52.218.201.146
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
9520500 31735 4.3% 132.76.220.213
6887700 22959 3.1% 132.76.220.75
6414000 21380 2.9% 132.76.221.251
5495400 18318 2.5% 132.76.10.41
5215800 17386 2.4% 132.76.214.82
4877700 16259 2.2% 132.76.214.128
4831200 16104 2.2% 128.139.225.245
4235100 14117 1.9% 132.76.221.157
4009500 13365 1.8% 132.66.52.85
3860700 12869 1.7% 132.76.214.104
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
52.218.232.26 443 21625425000
52.218.232.26 21625425000
443 132.76.220.213 13997623800
132.76.220.213 13997623800
443 132.76.220.75 10133394000
132.76.220.75 10133394000
443 132.76.221.251 9431158200
132.76.221.251 9431158200
52.92.194.225 443 9032244600
52.92.194.225 9032244600
Further Details:
https://primary.nemo.geant.org/alerts/details/194209/
More information about the Nemo-ddos-list
mailing list