[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #253764 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]

Tue Feb 27 14:15:52 IST 2024



________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, February 27, 2024 2:05:20 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #253764 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]

Please find the analysis details for the Alert ID: 253764

Top-10 Src IPs by Packets:
  Packets   Est. Rate   % of Total            Src IP
---------------------------------------------------
  8855100       29517         3.9%      137.74.17.22
  7047900       23493         3.1%   142.250.180.155
  6566700       21889         2.9%     216.58.205.42
  6150900       20503         2.7%       31.13.84.52
  5824200       19414         2.6%     162.125.69.12
  3710700       12369         1.6%     52.222.144.20
  3292500       10975         1.4%       31.13.84.51
  3117300       10391         1.4%      3.160.188.67
  2805300        9351         1.2%    52.222.144.118
  2559000        8530         1.1%   128.139.225.245

Top-10 Dst IPs by Packets:
    Packets   Est. Rate   % of Total            Dst IP
-----------------------------------------------------
  803362500     2677875       353.2%   192.114.102.100
  590096700     1966989       259.4%     192.114.5.199
  332213400     1107378       146.1%     132.75.251.45
   46523700      155079        20.5%     192.114.5.186
   45750300      152501        20.1%   128.139.197.156
   40683000      135610        17.9%    132.74.189.100
   27432600       91442        12.1%      132.66.7.210
   21538800       71796         9.5%     192.114.5.142
   17897100       59657         7.9%     192.114.5.213
   15206100       50687         6.7%   128.139.225.245

Top-10 Possible Targets by Bytes:
  Src IP   Src Port            Dst IP   Dst Port   Sampled Count
--------------------------------------------------------------
                      192.114.102.100              1066452869700
                        192.114.5.199               781788820200
                      192.114.102.100               639816694500
                      192.114.102.100               639734880900
                        192.114.5.199               475602531900
                        192.114.5.199               475534048800
                        132.75.251.45               440691181800
                 53   192.114.102.100               424943963400
                      192.114.102.100        443    424116855900
                        192.114.5.199        443    306175252200

Further Details:
https://primary.nemo.geant.org/alerts/details/253764/