[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #313866 WARN: IUCC (AS378) - [IUCC] [Email_Analysis] [Customer]

Hank Nussbacher hank at mail.iucc.ac.il
Fri Aug 2 05:21:26 IDT 2024




________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Friday, August 2, 2024 5:21:21 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #313866 WARN: IUCC (AS378) - [IUCC] [Email_Analysis] [Customer]

Please find the analysis details for the Alert ID: 313866

Top-10 Src IPs by Packets:
  Packets   Est. Rate   % of Total            Src IP
---------------------------------------------------
  4650300       15501         6.1%   128.199.202.109
  3966600       13222         5.2%     64.227.156.12
  3716400       12388         4.9%     157.245.99.12
  3281400       10938         4.3%    143.244.134.69
  3192000       10640         4.2%    142.93.218.218
  3033300       10111         4.0%    64.227.169.111
  2736300        9121         3.6%    165.22.208.159
  2348700        7829         3.1%      139.59.41.83
  2113800        7046         2.8%    139.59.232.118
  2052300        6841         2.7%    143.110.241.85

Top-10 Dst IPs by Packets:
  Packets   Est. Rate   % of Total          Dst IP
-------------------------------------------------
    88200         294         0.1%   192.114.52.15
    79800         266         0.1%     192.114.7.2
    62100         207         0.1%    192.114.52.6
    51900         173         0.1%    132.71.79.35
    45900         153         0.1%   192.114.1.187
    45300         151         0.1%   104.22.49.147
    37200         124         0.0%    132.76.61.53
    34200         114         0.0%   132.71.160.97
    31800         106         0.0%     172.67.24.1
    27000          90         0.0%    132.76.61.54

Top-10 Possible Targets by Bytes:
           Src IP   Src Port   Dst IP   Dst Port   Sampled Count
--------------------------------------------------------------
  128.199.202.109                                      204613200
    64.227.156.12                                      174530400
    157.245.99.12                                      163521600
   143.244.134.69                                      144381600
   142.93.218.218                                      140448000
   64.227.169.111                                      133465200
   165.22.208.159                                      119473200
     139.59.41.83                                      103342800
   139.59.232.118                                       93007200
   143.110.241.85                                       90301200

Further Details:
https://primary.nemo.geant.org/alerts/details/313866/


More information about the Nemo-ddos-list mailing list