[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #313523 WARN: IUCC (AS378) - [IUCC] [Email_Analysis] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Thu Aug 1 18:03:29 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Thursday, August 1, 2024 6:03:21 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #313523 WARN: IUCC (AS378) - [IUCC] [Email_Analysis] [Customer]
Please find the analysis details for the Alert ID: 313523
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
2162100 7207 5.7% 104.152.52.222
2125800 7086 5.6% 104.152.52.118
2103300 7011 5.5% 104.152.52.164
2092800 6976 5.5% 104.152.52.107
2080800 6936 5.4% 104.152.52.101
2077500 6925 5.4% 104.152.52.205
2050500 6835 5.4% 104.152.52.213
2025600 6752 5.3% 104.152.52.117
1354500 4515 3.5% 173.239.224.159
992700 3309 2.6% 185.242.226.54
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
66000 220 0.2% 132.76.61.53
60300 201 0.2% 132.76.61.54
54300 181 0.1% 104.22.48.147
51600 172 0.1% 192.114.105.254
51000 170 0.1% 132.74.56.80
46800 156 0.1% 128.139.225.245
45000 150 0.1% 192.114.1.187
42900 143 0.1% 132.76.10.41
36300 121 0.1% 132.69.200.72
30000 100 0.1% 132.65.240.60
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
104.152.52.222 43821 86484000
104.152.52.222 86484000
104.152.52.118 43813 85032000
104.152.52.118 85032000
104.152.52.164 43877 84132000
104.152.52.164 84132000
104.152.52.107 43837 83712000
104.152.52.107 83712000
104.152.52.205 43860 83100000
104.152.52.205 83100000
Further Details:
https://primary.nemo.geant.org/alerts/details/313523/
More information about the Nemo-ddos-list
mailing list