[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #291789 CRIT: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Wed Jun 12 10:37:53 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Wednesday, June 12, 2024 10:37:47 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #291789 CRIT: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Please find the analysis details for the Alert ID: 291789
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
----------------------------------------------------
28717500 95725 51.9% 213.109.202.127
1465500 4885 2.6% 185.242.226.44
1126500 3755 2.0% 95.214.27.8
992100 3307 1.8% 185.242.226.39
969000 3230 1.7% 185.242.226.23
960300 3201 1.7% 46.101.16.223
832500 2775 1.5% 192.241.197.16
576900 1923 1.0% 185.242.226.45
443700 1479 0.8% 89.248.163.168
412500 1375 0.7% 89.248.165.212
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
279600 932 0.5% 132.66.175.222
121200 404 0.2% 199.232.210.172
42600 142 0.1% 132.76.61.53
37800 126 0.1% 132.76.61.54
33300 111 0.1% 132.65.240.60
32700 109 0.1% 192.114.1.187
30600 102 0.1% 104.22.48.147
26700 89 0.0% 128.139.225.245
24000 80 0.0% 132.76.61.52
21300 71 0.0% 192.114.23.221
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
----------------------------------------------------------------------
213.109.202.127 1723050000
199.232.82.172 80 417131400
199.232.82.172 417131400
199.232.82.172 62298 398113800
80 132.66.175.222 398113800
132.66.175.222 62298 398113800
132.66.175.222 398113800
185.242.226.44 64482000
95.214.27.8 8081 49566000
95.214.27.8 49566000
Further Details:
https://primary.nemo.geant.org/alerts/details/291789/
More information about the Nemo-ddos-list
mailing list