[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #197007 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sun Oct 15 15:01:32 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, October 15, 2023 3:01:23 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #197007 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 197007
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------------------------
1543500 5145 3.7% 31.13.84.15
841500 2805 2.0% 31.13.84.4
760200 2534 1.8% 31.13.84.52
696900 2323 1.7% 142.251.209.46
649500 2165 1.6% 157.240.221.16
507900 1693 1.2% 52.112.225.33
488400 1628 1.2% 209.85.137.254
480300 1601 1.2% 31.13.84.51
470700 1569 1.1% 163.70.147.23
427500 1425 1.0% 2a03:2880:f258:cb:face:b00c:0:43fe
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
52212000 174040 126.2% 192.114.5.114
2417100 8057 5.8% 128.139.225.245
1349400 4498 3.3% 192.114.23.221
824400 2748 2.0% 192.114.3.241
651600 2172 1.6% 132.64.158.35
507000 1690 1.2% 128.139.35.5
468600 1562 1.1% 128.139.34.240
406800 1356 1.0% 132.68.237.250
401700 1339 1.0% 192.114.91.239
363600 1212 0.9% 192.114.91.213
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------------
192.114.5.114 68126741100
192.114.5.114 40843245300
192.114.5.114 40843245300
192.114.5.114 8010 27283399800
53 192.114.5.114 27276745800
128.139.225.245 2080974000
31.13.84.15 443 1908464400
31.13.84.15 1908464400
443 128.139.225.245 1217109600
192.114.23.221 1181820300
Further Details:
https://primary.nemo.geant.org/alerts/details/197007/
More information about the Nemo-ddos-list
mailing list