[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #254631 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Hank Nussbacher
hank at mail.iucc.ac.il
Thu Feb 29 17:52:13 IST 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Thursday, February 29, 2024 5:52:08 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #254631 CRIT: IUCC (AS378) - [Customer] [IUCC] [Email_Analysis]
Please find the analysis details for the Alert ID: 254631
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------------------------
3300900 11003 4.9% 31.13.84.52
2510100 8367 3.7% 2a03:2880:f207:c4:face:b00c:0:43fe
1440000 4800 2.1% 31.13.84.4
1406400 4688 2.1% 216.58.204.142
1336200 4454 2.0% 157.240.195.63
1216800 4056 1.8% 31.13.84.51
900000 3000 1.3% 157.240.196.63
740700 2469 1.1% 163.70.147.63
649500 2165 1.0% 2a03:2880:f007:8:face:b00c:0:1
597000 1990 0.9% 157.240.221.63
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-----------------------------------------------------
679146300 2263821 1000.6% 128.139.199.6
582677400 1942258 858.4% 192.114.5.57
291027900 970093 428.8% 192.114.5.56
6384600 21282 9.4% 132.67.252.234
4218900 14063 6.2% 128.139.225.245
1272900 4243 1.9% 132.70.66.13
1236900 4123 1.8% 192.114.91.244
1182000 3940 1.7% 132.73.236.160
1180200 3934 1.7% 192.114.91.248
1044000 3480 1.5% 192.114.91.243
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
------------------------------------------------------------
128.139.199.6 882818384700
192.114.5.57 759376904100
128.139.199.6 528609493500
128.139.199.6 528609493500
192.114.5.57 459208305900
192.114.5.57 459208305900
128.139.199.6 443 354204720900
53 128.139.199.6 354140218800
192.114.5.57 443 300114080100
53 192.114.5.57 300055396800
Further Details:
https://primary.nemo.geant.org/alerts/details/254631/
More information about the Nemo-ddos-list
mailing list