[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #199743 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]

Hank Nussbacher hank at mail.iucc.ac.il
Sun Oct 22 04:28:37 IDT 2023




________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Sunday, October 22, 2023 4:28:31 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #199743 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]

Please find the analysis details for the Alert ID: 199743

Top-10 Src IPs by Packets:
  Packets   Est. Rate   % of Total            Src IP
---------------------------------------------------
  5615400       18718        11.4%      52.17.98.131
  3814200       12714         7.8%   185.254.198.188
  2118000        7060         4.3%       45.12.2.102
  1165800        3886         2.4%    78.159.115.244
  1163100        3877         2.4%      78.159.114.5
  1161300        3871         2.4%     78.159.114.52
  1157700        3859         2.4%    78.159.115.229
  1153800        3846         2.4%      78.159.114.1
  1153800        3846         2.4%     78.159.114.16
  1152900        3843         2.3%     78.159.114.20

Top-10 Dst IPs by Packets:
  Packets   Est. Rate   % of Total           Dst IP
--------------------------------------------------
    38700         129         0.1%     132.76.61.54
    32700         109         0.1%     132.76.61.53
    21600          72         0.0%    132.64.107.46
    20700          69         0.0%     132.64.237.9
    18000          60         0.0%    132.68.239.85
    17700          59         0.0%   132.64.127.226
    17400          58         0.0%   132.64.149.236
    17100          57         0.0%      132.64.12.9
    14700          49         0.0%    132.64.71.246
    14400          48         0.0%    132.64.138.88

Top-10 Possible Targets by Bytes:
           Src IP   Src Port   Dst IP   Dst Port   Sampled Count
--------------------------------------------------------------
     52.17.98.131                                      224623200
  185.254.198.188      56230                           152568000
  185.254.198.188                                      152568000
      45.12.2.102      56348                            84720000
      45.12.2.102                                       84720000
   78.159.115.244                          20000        46632000
   78.159.115.244                                       46632000
     78.159.114.5                          32769        46524000
     78.159.114.5                                       46524000
    78.159.114.52                           2077        46452000

Further Details:
https://primary.nemo.geant.org/alerts/details/199743/


More information about the Nemo-ddos-list mailing list