[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #291584 CRIT: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue Jun 11 20:59:45 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, June 11, 2024 8:59:44 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #291584 CRIT: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Please find the analysis details for the Alert ID: 291584
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
22143000 73810 51.6% 213.109.202.127
969300 3231 2.3% 172.206.142.122
900600 3002 2.1% 192.241.238.28
577800 1926 1.3% 185.242.226.45
474600 1582 1.1% 3.125.17.226
466200 1554 1.1% 89.248.163.168
431700 1439 1.0% 89.248.165.212
409200 1364 1.0% 4.151.220.185
354600 1182 0.8% 2.57.122.107
258000 860 0.6% 47.109.182.195
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
108900 363 0.3% 128.139.225.245
48300 161 0.1% 132.76.61.53
42300 141 0.1% 192.114.1.187
37200 124 0.1% 192.114.23.221
37200 124 0.1% 132.76.61.54
33000 110 0.1% 104.22.48.147
32400 108 0.1% 132.65.240.60
19800 66 0.0% 132.73.113.121
18300 61 0.0% 132.76.10.44
16200 54 0.0% 199.232.214.172
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-----------------------------------------------------------------------
213.109.202.127 1328580000
128.139.225.245 86640000
443 128.139.225.245 86487600
134.224.89.119 443 41804400
134.224.89.119 58639 41804400
134.224.89.119 41804400
128.139.225.245 58639 41804400
172.206.142.122 443 38778000
172.206.142.122 38778000
149.154.167.223 443 38349600
Further Details:
https://primary.nemo.geant.org/alerts/details/291584/
More information about the Nemo-ddos-list
mailing list