[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #197728 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Oct 18 13:48:33 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, October 18, 2023 1:48:29 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #197728 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 197728
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
726600 2422 17.7% 40.99.213.34
715200 2384 17.5% 118.123.105.93
351000 1170 8.6% 87.248.202.1
194400 648 4.7% 178.79.208.1
123900 413 3.0% 52.112.215.159
108000 360 2.6% 52.97.233.2
74400 248 1.8% 157.240.221.60
71400 238 1.7% 183.136.225.42
69300 231 1.7% 39.106.39.193
69300 231 1.7% 23.236.174.242
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
829200 2764 20.2% 132.76.61.54
212400 708 5.2% 132.66.169.252
122700 409 3.0% 132.67.180.208
108000 360 2.6% 132.66.80.214
79800 266 1.9% 192.114.105.254
66900 223 1.6% 132.66.62.119
62100 207 1.5% 132.71.100.41
61800 206 1.5% 132.71.100.169
60300 201 1.5% 192.114.91.215
50400 168 1.2% 132.65.240.60
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------------
87.248.202.1 80 448665300
87.248.202.1 448665300
80 132.66.169.252 263376000
132.66.169.252 263376000
178.79.208.1 80 249933600
178.79.208.1 249933600
443 132.76.61.54 242562000
132.76.61.54 242562000
40.99.213.34 443 205612500
40.99.213.34 205612500
Further Details:
https://primary.nemo.geant.org/alerts/details/197728/
More information about the Nemo-ddos-list
mailing list