[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #289641 CRIT: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Thu Jun 6 09:47:44 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Thursday, June 6, 2024 9:47:38 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #289641 CRIT: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Please find the analysis details for the Alert ID: 289641
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
16450800 54836 9.8% 109.74.194.226
16386600 54622 9.8% 172.232.43.141
16376400 54588 9.8% 172.232.60.4
15497700 51659 9.3% 172.234.236.11
14970900 49903 9.0% 23.239.30.180
14377500 47925 8.6% 172.104.248.118
13881300 46271 8.3% 109.74.194.237
13284300 44281 8.0% 172.233.62.88
13049400 43498 7.8% 172.104.145.194
12342900 41143 7.4% 172.233.62.134
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
-----------------------------------------------------
165888600 552962 99.3% 132.66.251.11
194100 647 0.1% 128.139.199.6
185700 619 0.1% 128.139.199.5
15600 52 0.0% 157.240.196.34
6000 20 0.0% 128.139.225.245
6000 20 0.0% 128.139.197.81
6000 20 0.0% 157.240.195.34
5700 19 0.0% 159.124.4.35
5100 17 0.0% 128.139.208.6
4800 16 0.0% 128.139.199.8
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------------
132.66.251.11 4644897600
132.66.251.11 2048 4644897600
132.66.251.11 4644897600
109.74.194.226 460622400
109.74.194.226 2048 460622400
109.74.194.226 460622400
172.232.43.141 458824800
172.232.43.141 2048 458824800
172.232.43.141 458824800
172.232.60.4 458539200
Further Details:
https://primary.nemo.geant.org/alerts/details/289641/
More information about the Nemo-ddos-list
mailing list