[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #281255 CRIT: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Tue May 14 02:51:02 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Tuesday, May 14, 2024 2:50:56 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #281255 CRIT: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Please find the analysis details for the Alert ID: 281255
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
5246700 17489 8.0% 199.167.138.161
4893300 16311 7.5% 198.144.159.129
4513500 15045 6.9% 198.144.158.76
4227300 14091 6.5% 198.144.159.105
4051800 13506 6.2% 208.87.243.59
3766200 12554 5.8% 108.181.3.205
3555900 11853 5.4% 108.181.2.183
3094800 10316 4.7% 104.255.152.65
1273500 4245 1.9% 194.180.49.68
1271400 4238 1.9% 194.180.49.70
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
185400 618 0.3% 132.72.50.146
48300 161 0.1% 132.72.6.1
47400 158 0.1% 132.76.61.54
40200 134 0.1% 132.76.61.53
38100 127 0.1% 192.114.2.38
35100 117 0.1% 192.114.3.241
21300 71 0.0% 192.114.1.187
19200 64 0.0% 132.74.71.198
14400 48 0.0% 128.139.225.245
13800 46 0.0% 192.114.23.221
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
--------------------------------------------------------------
199.167.138.161 209868000
199.167.138.161 43122 204972000
198.144.159.129 43133 195732000
198.144.159.129 195732000
198.144.158.76 43143 180540000
198.144.158.76 180540000
198.144.159.105 43153 169092000
198.144.159.105 169092000
208.87.243.59 162072000
108.181.3.205 43173 150648000
Further Details:
https://primary.nemo.geant.org/alerts/details/281255/
More information about the Nemo-ddos-list
mailing list