[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #302016 WARN: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Fri Jul 5 19:48:47 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Friday, July 5, 2024 7:48:41 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #302016 WARN: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Please find the analysis details for the Alert ID: 302016
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
4162800 13876 8.1% 104.152.52.221
2130600 7102 4.1% 104.152.52.125
2110500 7035 4.1% 104.152.52.142
2081700 6939 4.0% 104.152.52.114
2081400 6938 4.0% 104.152.52.229
2046300 6821 4.0% 104.152.52.131
2041200 6804 4.0% 104.152.52.120
1423800 4746 2.8% 193.36.224.160
1419600 4732 2.8% 104.152.52.207
1310700 4369 2.5% 104.152.52.228
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
576300 1921 1.1% 192.114.91.244
55800 186 0.1% 128.139.225.245
45600 152 0.1% 132.76.61.54
42600 142 0.1% 3.160.185.69
40800 136 0.1% 192.114.3.241
39000 130 0.1% 132.76.61.53
37200 124 0.1% 132.65.240.60
21300 71 0.0% 192.114.1.187
20700 69 0.0% 132.68.238.2
13200 44 0.0% 132.76.61.52
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
---------------------------------------------------------------------
443 192.114.91.244 814554600
192.114.91.244 814554600
52.222.144.20 443 814536600
52.222.144.20 10401 814536600
52.222.144.20 814536600
192.114.91.244 10401 814536600
104.152.52.221 166512000
104.152.52.125 57414 85224000
104.152.52.125 85224000
104.152.52.142 57426 84420000
Further Details:
https://primary.nemo.geant.org/alerts/details/302016/
More information about the Nemo-ddos-list
mailing list