[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #254120 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Feb 28 15:17:21 IST 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, February 28, 2024 3:01:28 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #254120 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 254120
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
24345900 81153 4.6% 162.125.69.12
12143700 40479 2.3% 31.13.84.52
11794800 39316 2.2% 68.232.34.200
11129400 37098 2.1% 31.13.84.51
8726100 29087 1.6% 216.58.204.234
8696100 28987 1.6% 137.74.17.22
8602200 28674 1.6% 52.105.150.41
8079900 26933 1.5% 17.253.122.197
8073900 26913 1.5% 31.13.84.4
7827300 26091 1.5% 52.222.144.51
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-----------------------------------------------------
648130200 2160434 122.4% 128.139.199.9
409209600 1364032 77.3% 132.77.150.157
53213100 177377 10.0% 128.139.199.2
45597600 151992 8.6% 192.114.102.100
45379800 151266 8.6% 132.74.123.113
44017800 146726 8.3% 132.70.153.251
43890600 146302 8.3% 147.233.249.20
19581900 65273 3.7% 132.72.90.20
17185500 57285 3.2% 192.114.5.10
12828900 42763 2.4% 192.114.91.249
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
128.139.199.9 830107370100
132.77.150.157 525468728400
128.139.199.9 476018264700
128.139.199.9 475852983600
128.139.199.9 443 353875871100
53 128.139.199.9 353813607000
132.77.150.157 302152687800
132.77.150.157 302091034800
132.77.150.157 443 222464280300
53 132.77.150.157 222434269800
Further Details:
https://primary.nemo.geant.org/alerts/details/254120/
More information about the Nemo-ddos-list
mailing list