[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #236853 WARN: IUCC (AS378) - [Email_Analysis] [Customer] [IUCC]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Jan 16 17:44:36 IST 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, January 16, 2024 5:44:31 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #236853 WARN: IUCC (AS378) - [Email_Analysis] [Customer] [IUCC]
Please find the analysis details for the Alert ID: 236853
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
42055500 140185 57.4% 79.124.62.82
11817000 39390 16.1% 104.156.155.14
797700 2659 1.1% 198.199.107.93
663000 2210 0.9% 162.243.135.4
536100 1787 0.7% 94.156.189.228
498300 1661 0.7% 89.248.163.168
457500 1525 0.6% 89.248.165.212
429300 1431 0.6% 62.204.41.170
351600 1172 0.5% 162.254.196.24
350700 1169 0.5% 107.170.224.30
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
351600 1172 0.5% 132.64.244.21
155400 518 0.2% 193.236.39.153
106500 355 0.1% 192.114.105.254
88200 294 0.1% 192.114.91.249
73200 244 0.1% 132.76.61.54
69300 231 0.1% 132.76.61.53
68400 228 0.1% 132.76.214.164
62400 208 0.1% 192.114.91.243
61800 206 0.1% 192.114.91.245
61800 206 0.1% 192.114.91.248
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
79.124.62.82 59323 1682220000
79.124.62.82 1682220000
162.254.196.24 443 527400000
162.254.196.24 10400 527400000
162.254.196.24 527400000
443 132.64.244.21 527400000
132.64.244.21 10400 527400000
132.64.244.21 527400000
104.156.155.14 53408 472680000
104.156.155.14 472680000
Further Details:
https://primary.nemo.geant.org/alerts/details/236853/
More information about the Nemo-ddos-list
mailing list