[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #195187 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Oct 11 04:38:13 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, October 11, 2023 4:38:06 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #195187 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 195187
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
-----------------------------------------------------
127808400 426028 66.8% 89.248.165.48
26689800 88966 14.0% 89.248.165.242
5223600 17412 2.7% 45.9.149.205
4677000 15590 2.4% 52.17.98.131
3658800 12196 1.9% 45.9.149.193
1907100 6357 1.0% 45.9.148.60
1155300 3851 0.6% 45.9.149.217
965700 3219 0.5% 192.241.224.15
848400 2828 0.4% 45.9.148.144
821400 2738 0.4% 198.199.115.123
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
--------------------------------------------------
43200 144 0.0% 132.67.248.102
33000 110 0.0% 132.76.61.53
27900 93 0.0% 132.76.61.54
27000 90 0.0% 132.64.154.186
24000 80 0.0% 132.64.23.106
20700 69 0.0% 132.67.248.170
20100 67 0.0% 132.64.175.152
19800 66 0.0% 132.64.102.128
19800 66 0.0% 132.64.124.65
19800 66 0.0% 132.64.42.120
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
89.248.165.48 5112336000
89.248.165.48 47555 2557236000
89.248.165.48 47550 2555100000
89.248.165.242 47517 1067592000
89.248.165.242 1067592000
45.9.149.205 47331 208944000
45.9.149.205 208944000
52.17.98.131 187084800
45.9.149.193 47538 145332000
45.9.149.193 145332000
Further Details:
https://primary.nemo.geant.org/alerts/details/195187/
More information about the Nemo-ddos-list
mailing list