[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #254498 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Thu Feb 29 09:45:07 IST 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Thursday, February 29, 2024 9:45:00 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #254498 WARN: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 254498
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
2134800 7116 5.3% 104.152.52.117
2106900 7023 5.2% 104.152.52.242
2100300 7001 5.2% 104.152.52.148
2100000 7000 5.2% 104.152.52.99
2097300 6991 5.2% 104.152.52.233
2086800 6956 5.2% 104.152.52.244
2079900 6933 5.2% 104.152.52.176
2062500 6875 5.1% 104.152.52.101
894900 2983 2.2% 104.152.52.151
545700 1819 1.4% 94.156.189.228
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
425100 1417 1.1% 128.139.7.33
237900 793 0.6% 54.231.204.216
131700 439 0.3% 132.64.170.42
110400 368 0.3% 132.76.61.54
110400 368 0.3% 192.114.105.254
89100 297 0.2% 132.76.61.53
66000 220 0.2% 192.114.5.10
60000 200 0.1% 192.114.23.231
59100 197 0.1% 132.66.110.20
46500 155 0.1% 132.75.176.55
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
---------------------------------------------------------------------
192.114.7.2 350661300
192.114.7.2 443 350645700
192.114.7.2 59038 348557700
59038 54.231.204.216 348557700
54.231.204.216 443 348557700
54.231.204.216 348557700
104.152.52.117 51967 85392000
104.152.52.117 85392000
104.152.52.242 51987 84276000
104.152.52.242 84276000
Further Details:
https://primary.nemo.geant.org/alerts/details/254498/
More information about the Nemo-ddos-list
mailing list