[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #187148 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Sep 20 23:36:00 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, September 20, 2023 11:35:55 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #187148 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 187148
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
74670000 248900 76.6% 89.248.165.31
2734200 9114 2.8% 86.48.31.20
1947300 6491 2.0% 94.102.61.41
987300 3291 1.0% 94.102.61.44
913500 3045 0.9% 107.170.236.29
639900 2133 0.7% 192.241.200.4
387900 1293 0.4% 94.102.50.103
301500 1005 0.3% 77.90.185.71
272700 909 0.3% 45.155.91.23
263700 879 0.3% 193.35.18.15
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
--------------------------------------------------
118800 396 0.1% 132.73.18.28
101100 337 0.1% 192.114.5.10
95400 318 0.1% 192.114.1.98
44700 149 0.0% 132.76.61.53
41400 138 0.0% 17.252.76.198
36900 123 0.0% 132.76.61.54
36600 122 0.0% 192.114.23.221
34800 116 0.0% 194.63.239.88
29100 97 0.0% 172.67.24.1
28800 96 0.0% 132.66.166.68
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
------------------------------------------------------------------
89.248.165.31 2986800000
89.248.165.31 41053 2551260000
89.248.165.31 41178 435540000
37.77.186.175 443 177015600
37.77.186.175 38400 177015600
37.77.186.175 177015600
443 132.73.18.28 177015600
132.73.18.28 38400 177015600
132.73.18.28 177015600
443 192.114.5.10 127867500
Further Details:
https://primary.nemo.geant.org/alerts/details/187148/
More information about the Nemo-ddos-list
mailing list