[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #190549 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Sep 27 21:35:30 IDT 2023
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, September 27, 2023 9:35:26 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #190549 CRIT: IUCC (AS378) - [IUCC] [Customer] [Email_Analysis]
Please find the analysis details for the Alert ID: 190549
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
29040600 96802 34.7% 103.134.145.31
21766500 72555 26.0% 139.180.129.34
3789300 12631 4.5% 103.134.145.71
2069100 6897 2.5% 94.102.61.50
1953000 6510 2.3% 94.102.61.38
1938000 6460 2.3% 144.22.195.95
1937100 6457 2.3% 139.180.138.223
878100 2927 1.0% 192.241.225.27
835200 2784 1.0% 165.227.32.227
813900 2713 1.0% 165.22.10.75
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
--------------------------------------------------
268800 896 0.3% 132.71.23.6
258300 861 0.3% 132.71.17.88
254100 847 0.3% 132.71.220.147
251100 837 0.3% 132.70.226.244
250200 834 0.3% 132.69.237.139
243300 811 0.3% 132.70.125.180
241200 804 0.3% 132.71.229.94
237600 792 0.3% 132.71.86.146
233700 779 0.3% 132.70.255.247
228900 763 0.3% 132.71.95.16
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
---------------------------------------------------------------------
103.134.145.31 1858598400
139.180.129.34 1393056000
103.134.145.31 25565 435379200
103.134.145.31 30120 365587200
157.240.221.10 443 348722100
157.240.221.10 57919 348722100
157.240.221.10 348722100
443 132.69.237.139 348722100
132.69.237.139 57919 348722100
132.69.237.139 348722100
Further Details:
https://primary.nemo.geant.org/alerts/details/190549/
More information about the Nemo-ddos-list
mailing list