[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #187152 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]

Hank Nussbacher hank at mail.iucc.ac.il
Wed Sep 20 23:39:15 IDT 2023




________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, September 20, 2023 11:39:08 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #187152 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]

Please find the analysis details for the Alert ID: 187152

Top-10 Src IPs by Packets:
    Packets   Est. Rate   % of Total           Src IP
----------------------------------------------------
  128486100      428287        12.8%   89.248.163.130
  120973800      403246        12.1%    89.248.165.48
  111676800      372256        11.1%   89.248.165.207
  109751700      365839        10.9%   89.248.165.213
   92093400      306978         9.2%    89.248.165.58
   89500800      298336         8.9%   89.248.165.163
   64195200      213984         6.4%     89.248.165.2
   54863700      182879         5.5%    89.248.165.80
   35394900      117983         3.5%    89.248.165.55
   17781300       59271         1.8%   89.248.163.202

Top-10 Dst IPs by Packets:
   Packets   Est. Rate   % of Total            Dst IP
----------------------------------------------------
  17120700       57069         1.7%      132.65.60.73
  13806900       46023         1.4%      132.76.61.53
   6701400       22338         0.7%   192.114.101.113
   6180600       20602         0.6%      13.107.138.8
   5824200       19414         0.6%      132.76.61.54
   5691000       18970         0.6%     192.114.3.241
   4926300       16421         0.5%   128.139.225.245
   3463800       11546         0.3%    132.74.121.228
   3216600       10722         0.3%      52.16.105.95
   2473800        8246         0.2%     132.77.67.198

Top-10 Possible Targets by Bytes:
        Src IP   Src Port            Dst IP   Dst Port   Sampled Count
--------------------------------------------------------------------
                      443      132.65.60.73                24936775200
                               132.65.60.73                24936775200
                               132.76.61.53                15473557200
                       80      132.76.61.53                15185402100
  67.43.15.203         80                                  15142070400
  67.43.15.203                                             15142070400
                            192.114.101.113                10027591500
                     1094   192.114.101.113                 8373825900
  67.43.15.203                                   49367      7743812400
                               132.76.61.53      49367      7743812400

Further Details:
https://primary.nemo.geant.org/alerts/details/187152/


More information about the Nemo-ddos-list mailing list