[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #195187 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]

Hank Nussbacher hank at mail.iucc.ac.il
Wed Oct 11 04:38:13 IDT 2023




________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, October 11, 2023 4:38:06 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #195187 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]

Please find the analysis details for the Alert ID: 195187

Top-10 Src IPs by Packets:
    Packets   Est. Rate   % of Total            Src IP
-----------------------------------------------------
  127808400      426028        66.8%     89.248.165.48
   26689800       88966        14.0%    89.248.165.242
    5223600       17412         2.7%      45.9.149.205
    4677000       15590         2.4%      52.17.98.131
    3658800       12196         1.9%      45.9.149.193
    1907100        6357         1.0%       45.9.148.60
    1155300        3851         0.6%      45.9.149.217
     965700        3219         0.5%    192.241.224.15
     848400        2828         0.4%      45.9.148.144
     821400        2738         0.4%   198.199.115.123

Top-10 Dst IPs by Packets:
  Packets   Est. Rate   % of Total           Dst IP
--------------------------------------------------
    43200         144         0.0%   132.67.248.102
    33000         110         0.0%     132.76.61.53
    27900          93         0.0%     132.76.61.54
    27000          90         0.0%   132.64.154.186
    24000          80         0.0%    132.64.23.106
    20700          69         0.0%   132.67.248.170
    20100          67         0.0%   132.64.175.152
    19800          66         0.0%   132.64.102.128
    19800          66         0.0%    132.64.124.65
    19800          66         0.0%    132.64.42.120

Top-10 Possible Targets by Bytes:
          Src IP   Src Port   Dst IP   Dst Port   Sampled Count
-------------------------------------------------------------
   89.248.165.48                                     5112336000
   89.248.165.48      47555                          2557236000
   89.248.165.48      47550                          2555100000
  89.248.165.242      47517                          1067592000
  89.248.165.242                                     1067592000
    45.9.149.205      47331                           208944000
    45.9.149.205                                      208944000
    52.17.98.131                                      187084800
    45.9.149.193      47538                           145332000
    45.9.149.193                                      145332000

Further Details:
https://primary.nemo.geant.org/alerts/details/195187/


More information about the Nemo-ddos-list mailing list