[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #197727 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Oct 18 13:48:17 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, October 18, 2023 1:48:10 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #197727 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 197727
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
726600 2422 25.5% 40.99.213.34
351000 1170 12.3% 87.248.202.1
194400 648 6.8% 178.79.208.1
123900 413 4.3% 52.112.215.159
108000 360 3.8% 52.97.233.2
74400 248 2.6% 157.240.221.60
66300 221 2.3% 46.228.144.128
62100 207 2.2% 170.72.30.17
60000 200 2.1% 91.231.239.154
54000 180 1.9% 157.240.214.18
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
828900 2763 29.0% 132.76.61.54
212400 708 7.4% 132.66.169.252
122700 409 4.3% 132.67.180.208
108000 360 3.8% 132.66.80.214
79800 266 2.8% 192.114.105.254
66900 223 2.3% 132.66.62.119
62100 207 2.2% 132.71.100.41
61800 206 2.2% 132.71.100.169
60300 201 2.1% 192.114.91.215
49500 165 1.7% 132.65.240.60
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------------
87.248.202.1 80 448665300
87.248.202.1 448665300
80 132.66.169.252 263376000
132.66.169.252 263376000
178.79.208.1 80 249933600
178.79.208.1 249933600
443 132.76.61.54 242550000
132.76.61.54 242550000
40.99.213.34 443 205612500
40.99.213.34 205612500
Further Details:
https://primary.nemo.geant.org/alerts/details/197727/
More information about the Nemo-ddos-list
mailing list