[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #196474 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sat Oct 14 06:46:32 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Saturday, October 14, 2023 6:46:25 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #196474 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 196474
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
57794100 192647 47.2% 129.107.255.18
10490700 34969 8.6% 20.38.118.132
3668100 12227 3.0% 216.58.204.138
1929300 6431 1.6% 142.251.209.10
1804800 6016 1.5% 216.58.205.42
1725300 5751 1.4% 142.250.179.170
1716300 5721 1.4% 52.222.144.51
1477800 4926 1.2% 129.107.255.17
1281900 4273 1.0% 209.197.3.8
1271700 4239 1.0% 129.107.255.16
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
60543600 201812 49.4% 192.114.101.113
10491000 34970 8.6% 132.70.19.4
4770900 15903 3.9% 132.66.52.85
2844300 9481 2.3% 132.66.50.195
2565900 8553 2.1% 132.66.253.21
2250600 7502 1.8% 132.68.108.108
1958700 6529 1.6% 128.139.16.77
1828800 6096 1.5% 132.74.1.32
1526400 5088 1.2% 132.66.137.254
1149600 3832 0.9% 132.74.242.91
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
1094 192.114.101.113 90619585200
192.114.101.113 90619585200
129.107.255.18 1094 86508063900
129.107.255.18 86508063900
443 132.66.52.85 5890375200
132.66.52.85 5890375200
216.58.204.138 443 3551843700
216.58.204.138 3551843700
443 132.66.253.21 3168013500
132.66.253.21 3168013500
Further Details:
https://primary.nemo.geant.org/alerts/details/196474/
More information about the Nemo-ddos-list
mailing list