[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #282029 WARN: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Thu May 16 03:48:45 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Thursday, May 16, 2024 3:48:40 AM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #282029 WARN: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Please find the analysis details for the Alert ID: 282029
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
--------------------------------------------------
3860400 12868 7.2% 104.152.52.131
2109900 7033 3.9% 104.152.52.234
2109900 7033 3.9% 104.152.52.106
2091900 6973 3.9% 104.152.52.201
2084400 6948 3.9% 104.152.52.214
2081400 6938 3.9% 104.152.52.242
2081100 6937 3.9% 104.152.52.203
1923900 6413 3.6% 104.152.52.232
1288500 4295 2.4% 194.180.49.71
1275600 4252 2.4% 194.180.49.68
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
411600 1372 0.8% 128.139.7.33
142500 475 0.3% 199.232.210.172
39300 131 0.1% 132.76.61.54
36600 122 0.1% 132.76.61.53
31800 106 0.1% 128.139.225.245
15600 52 0.0% 132.68.239.54
13800 46 0.0% 199.232.214.172
7200 24 0.0% 132.75.25.104
6900 23 0.0% 128.139.197.119
6600 22 0.0% 128.139.15.15
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------
104.152.52.131 154416000
104.152.52.131 59697 84816000
104.152.52.234 59698 84396000
104.152.52.234 84396000
104.152.52.106 59754 84396000
104.152.52.106 84396000
104.152.52.201 59518 83676000
104.152.52.201 83676000
104.152.52.214 59674 83376000
104.152.52.214 83376000
Further Details:
https://primary.nemo.geant.org/alerts/details/282029/
More information about the Nemo-ddos-list
mailing list