[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #254531 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Thu Feb 29 13:24:35 IST 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Thursday, February 29, 2024 1:24:29 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #254531 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 254531
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
64712700 215709 7.4% 129.107.255.17
13956900 46523 1.6% 142.250.180.138
12174900 40583 1.4% 162.125.69.12
11449200 38164 1.3% 31.13.84.51
11249100 37497 1.3% 31.13.84.52
10358400 34528 1.2% 129.107.255.18
10220700 34069 1.2% 216.58.209.42
10137900 33793 1.2% 216.58.204.142
7301400 24338 0.8% 52.222.144.51
6882900 22943 0.8% 52.222.144.118
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-----------------------------------------------------
551054700 1836849 63.2% 192.114.5.84
461375400 1537918 52.9% 132.74.189.250
350718300 1169061 40.2% 132.77.150.17
151345500 504485 17.4% 132.74.189.71
124125000 413750 14.2% 132.74.189.237
78561600 261872 9.0% 132.74.6.1
75094200 250314 8.6% 192.114.101.113
13246800 44156 1.5% 132.66.43.6
11410800 38036 1.3% 128.139.225.245
11309400 37698 1.3% 192.114.105.254
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
192.114.5.84 723107664000
132.74.189.250 628821078600
132.74.189.250 532987676400
132.74.189.250 532950173700
132.77.150.17 460411933500
192.114.5.84 437631009900
192.114.5.84 437564436900
132.77.150.17 282055344300
132.77.150.17 282005362200
192.114.5.84 443 278019756000
Further Details:
https://primary.nemo.geant.org/alerts/details/254531/
More information about the Nemo-ddos-list
mailing list