[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #202034 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Thu Oct 26 14:13:17 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Thursday, October 26, 2023 2:13:11 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #202034 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 202034
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
19142700 63809 5.2% 142.250.186.155
16971000 56570 4.6% 142.250.186.91
14463300 48211 4.0% 172.217.18.27
12812100 42707 3.5% 142.250.181.251
12323700 41079 3.4% 142.250.186.187
12285600 40952 3.4% 172.217.168.202
11262300 37541 3.1% 142.250.185.187
10899600 36332 3.0% 142.250.185.123
9156900 30523 2.5% 172.217.23.123
6893100 22977 1.9% 142.250.184.219
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
134836500 449455 36.9% 132.76.220.214
12998100 43327 3.6% 132.71.20.87
10497300 34991 2.9% 132.74.242.32
7937100 26457 2.2% 128.139.200.4
7052700 23509 1.9% 132.76.61.53
6755700 22519 1.9% 132.66.253.21
6618900 22063 1.8% 132.76.61.54
4838700 16129 1.3% 128.139.200.5
4661400 15538 1.3% 192.114.3.241
4034400 13448 1.1% 132.64.165.32
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
443 132.76.220.214 194654726100
132.76.220.214 194654726100
142.250.186.155 443 27629023500
142.250.186.155 27629023500
142.250.186.91 443 24596026800
142.250.186.91 24596026800
172.217.18.27 443 20880870000
172.217.18.27 20880870000
132.71.20.87 19035214500
443 132.71.20.87 19025764500
Further Details:
https://primary.nemo.geant.org/alerts/details/202034/
More information about the Nemo-ddos-list
mailing list