[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #304600 WARN: IUCC (AS378) - [IUCC] [Email_Analysis] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Thu Jul 11 07:45:29 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Thursday, July 11, 2024 7:45:22 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #304600 WARN: IUCC (AS378) - [IUCC] [Email_Analysis] [Customer]
Please find the analysis details for the Alert ID: 304600
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
3449100 11497 8.5% 104.152.52.240
2128200 7094 5.2% 104.152.52.228
2118300 7061 5.2% 104.152.52.233
2100600 7002 5.2% 104.152.52.118
2098800 6996 5.2% 104.152.52.209
2097900 6993 5.2% 104.152.52.204
2084100 6947 5.1% 104.152.52.108
2061300 6871 5.1% 104.152.52.220
2040000 6800 5.0% 104.152.52.127
972300 3241 2.4% 185.242.226.40
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
60000 200 0.1% 132.77.172.130
58500 195 0.1% 192.114.52.10
48300 161 0.1% 132.76.61.54
47700 159 0.1% 132.76.61.53
37500 125 0.1% 132.65.240.60
36300 121 0.1% 192.114.1.187
33300 111 0.1% 172.67.24.1
21000 70 0.1% 192.114.3.241
18600 62 0.0% 128.139.225.245
16500 55 0.0% 128.139.200.4
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
104.152.52.240 137964000
104.152.52.228 51957 85128000
104.152.52.228 85128000
104.152.52.233 51947 84732000
104.152.52.233 84732000
104.152.52.118 51962 84024000
104.152.52.118 84024000
104.152.52.209 51952 83952000
104.152.52.209 83952000
104.152.52.204 51952 83916000
Further Details:
https://primary.nemo.geant.org/alerts/details/304600/
More information about the Nemo-ddos-list
mailing list