[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #187150 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Sep 20 23:36:43 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, September 20, 2023 11:36:39 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #187150 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 187150
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
127804500 426015 37.5% 89.248.165.31
9860100 32867 2.9% 132.74.74.113
8562300 28541 2.5% 89.248.165.207
8171100 27237 2.4% 178.159.42.216
6199800 20666 1.8% 67.43.15.203
5633400 18778 1.7% 13.107.138.8
4326600 14422 1.3% 129.107.255.17
3796800 12656 1.1% 192.114.3.241
3725700 12419 1.1% 192.114.2.49
3426900 11423 1.0% 142.251.36.10
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
----------------------------------------------------
23470200 78234 6.9% 132.65.60.73
14208600 47362 4.2% 13.107.138.8
9697200 32324 2.8% 132.76.61.53
9556200 31854 2.8% 128.139.225.245
7563900 25213 2.2% 192.114.101.113
4436100 14787 1.3% 192.114.3.241
4256700 14189 1.3% 128.139.16.77
3154200 10514 0.9% 132.66.150.114
3135300 10451 0.9% 52.16.105.95
3081600 10272 0.9% 192.111.5.0
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
---------------------------------------------------------------------
443 132.65.60.73 34226492400
132.65.60.73 34226492400
13.107.138.8 443 18374268900
13.107.138.8 18374268900
132.74.74.113 443 14446410000
132.74.74.113 14446410000
1094 192.114.101.113 11300085900
192.114.101.113 11300085900
128.139.225.245 10549897500
132.76.61.53 9586932000
Further Details:
https://primary.nemo.geant.org/alerts/details/187150/
More information about the Nemo-ddos-list
mailing list