[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #188289 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Sat Sep 23 04:11:34 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Saturday, September 23, 2023 4:11:23 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #188289 WARN: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 188289
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
4755300 15851 10.3% 52.17.98.131
2511000 8370 5.4% 86.48.31.20
1187100 3957 2.6% 195.160.220.98
1185000 3950 2.6% 195.160.220.107
1182600 3942 2.6% 195.160.220.104
1176600 3922 2.5% 84.16.251.143
1169400 3898 2.5% 195.160.220.48
1160100 3867 2.5% 84.16.251.186
1156500 3855 2.5% 37.48.77.89
1153200 3844 2.5% 195.160.220.96
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
87000 290 0.2% 192.114.1.98
56400 188 0.1% 185.199.111.133
51900 173 0.1% 162.125.64.22
43200 144 0.1% 132.76.61.53
36600 122 0.1% 132.76.61.54
33300 111 0.1% 52.233.133.164
31800 106 0.1% 104.22.49.147
24900 83 0.1% 172.67.24.1
22200 74 0.0% 132.64.194.190
21600 72 0.0% 132.64.117.75
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------
52.17.98.131 190215600
86.48.31.20 22 114143400
86.48.31.20 114143400
195.160.220.98 2077 47484000
195.160.220.98 47484000
195.160.220.107 20000 47400000
195.160.220.107 47400000
195.160.220.104 2050 47304000
195.160.220.104 47304000
84.16.251.143 32769 47064000
Further Details:
https://primary.nemo.geant.org/alerts/details/188289/
More information about the Nemo-ddos-list
mailing list