[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #197731 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Oct 18 13:48:40 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, October 18, 2023 1:48:32 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #197731 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 197731
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
726600 2422 14.3% 40.99.213.34
715200 2384 14.1% 118.123.105.93
351000 1170 6.9% 87.248.202.1
194400 648 3.8% 178.79.208.1
165300 551 3.3% 157.240.221.63
140400 468 2.8% 163.70.147.23
123900 413 2.4% 52.112.215.159
116400 388 2.3% 157.240.221.16
108000 360 2.1% 52.97.233.2
107400 358 2.1% 157.240.214.63
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
829200 2764 16.3% 132.76.61.54
212400 708 4.2% 132.66.169.252
122700 409 2.4% 132.67.180.208
108000 360 2.1% 132.66.80.214
104100 347 2.0% 132.76.10.245
101100 337 2.0% 192.114.91.244
96600 322 1.9% 128.139.35.5
90000 300 1.8% 192.114.91.246
83400 278 1.6% 128.139.34.240
80400 268 1.6% 192.114.105.254
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------------
87.248.202.1 80 448665300
87.248.202.1 448665300
80 132.66.169.252 263376000
132.66.169.252 263376000
443 132.76.61.54 242562000
132.76.61.54 242562000
178.79.208.1 80 239336400
178.79.208.1 239336400
40.99.213.34 443 205612500
40.99.213.34 205612500
Further Details:
https://primary.nemo.geant.org/alerts/details/197731/
More information about the Nemo-ddos-list
mailing list