[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #234628 WARN: IUCC (AS378) - [Email_Analysis] [Customer] [IUCC]

Hank Nussbacher hank at mail.iucc.ac.il
Wed Jan 10 07:53:31 IST 2024




________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, January 10, 2024 7:53:25 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #234628 WARN: IUCC (AS378) - [Email_Analysis] [Customer] [IUCC]

Please find the analysis details for the Alert ID: 234628

Top-10 Src IPs by Packets:
  Packets   Est. Rate   % of Total           Src IP
--------------------------------------------------
  8351100       27837         3.5%    104.152.52.99
  6307800       21026         2.6%   104.152.52.178
  6304200       21014         2.6%   104.152.52.230
  6298800       20996         2.6%   104.152.52.203
  6254400       20848         2.6%   104.152.52.115
  6252000       20840         2.6%   104.152.52.225
  6222900       20743         2.6%    104.152.52.86
  6218400       20728         2.6%   104.152.52.220
  6204300       20681         2.6%   104.152.52.240
  6136800       20456         2.5%    104.152.52.87

Top-10 Dst IPs by Packets:
  Packets   Est. Rate   % of Total            Dst IP
---------------------------------------------------
   197400         658         0.1%     132.66.168.62
   125100         417         0.1%      132.68.26.64
    56700         189         0.0%      132.76.61.54
    56100         187         0.0%   128.139.225.245
    55800         186         0.0%    132.71.124.113
    47100         157         0.0%      132.76.61.53
    34500         115         0.0%    132.64.215.197
    33300         111         0.0%     132.71.160.97
    30600         102         0.0%     132.64.209.45
    26400          88         0.0%     104.22.48.147

Top-10 Possible Targets by Bytes:
          Src IP   Src Port          Dst IP   Dst Port   Sampled Count
--------------------------------------------------------------------
   104.152.52.99                                             333372000
  104.152.52.178                                             252312000
   104.152.52.86                                             248916000
  104.152.52.240                                             248172000
  104.152.52.220                                             246204000
   104.152.52.87                                             245304000
  178.79.238.128         80                                  244419600
  178.79.238.128                                 50872       244419600
  178.79.238.128                                             244419600
                         80   132.66.168.62                  244419600

Further Details:
https://primary.nemo.geant.org/alerts/details/234628/


More information about the Nemo-ddos-list mailing list