[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #291586 WARN: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Jun 11 20:51:42 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, June 11, 2024 8:51:38 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #291586 WARN: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Please find the analysis details for the Alert ID: 291586
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
30329400 101098 59.0% 213.109.202.127
1011000 3370 2.0% 3.125.17.226
1005600 3352 2.0% 192.241.238.28
969300 3231 1.9% 172.206.142.122
772800 2576 1.5% 222.186.13.133
611700 2039 1.2% 4.151.220.185
461400 1538 0.9% 89.248.163.168
426300 1421 0.8% 89.248.165.212
354300 1181 0.7% 2.57.122.107
253200 844 0.5% 18.221.241.234
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
114300 381 0.2% 128.139.225.245
41400 138 0.1% 132.76.61.53
41400 138 0.1% 192.114.1.187
40200 134 0.1% 192.114.23.221
38400 128 0.1% 132.76.61.54
35100 117 0.1% 104.22.48.147
31200 104 0.1% 132.65.240.60
20400 68 0.0% 132.73.113.121
18600 62 0.0% 132.76.10.44
16500 55 0.0% 192.114.3.241
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-----------------------------------------------------------------------
213.109.202.127 1819764000
128.139.225.245 90640200
443 128.139.225.245 89541000
3.125.17.226 443 44503200
3.125.17.226 44503200
134.224.89.119 443 43614600
134.224.89.119 58639 43614600
134.224.89.119 43614600
128.139.225.245 58639 43614600
192.241.238.28 8090 40224000
Further Details:
https://primary.nemo.geant.org/alerts/details/291586/
More information about the Nemo-ddos-list
mailing list