[NeMo-DDoS-List] FW: [Geant NeMo] Analysis for Alert #285214 CRIT: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Hank Nussbacher
hank at mail.iucc.ac.il
Fri May 24 20:30:14 IDT 2024
________________________________________
From: nemo-ddos at geant.org <nemo-ddos at geant.org>
Sent: Friday, May 24, 2024 8:30:08 PM (UTC+02:00) Jerusalem
To: soc at geant.org
Subject: [Geant NeMo] Analysis for Alert #285214 CRIT: IUCC (AS378) - [Email_Analysis] [IUCC] [Customer]
Please find the analysis details for the Alert ID: 285214
Top-10 Src IPs by Packets:
Packets Est. Rate % of Total Src IP
---------------------------------------------------
37415100 124717 54.0% 45.125.66.171
1263300 4211 1.8% 194.180.49.68
1253700 4179 1.8% 194.180.49.69
1224300 4081 1.8% 194.180.49.70
1212000 4040 1.7% 194.180.49.72
1156500 3855 1.7% 194.180.49.71
1101600 3672 1.6% 2.57.149.142
958800 3196 1.4% 194.180.49.64
913500 3045 1.3% 194.180.49.67
892800 2976 1.3% 107.170.240.42
Top-10 Dst IPs by Packets:
Packets Est. Rate % of Total Dst IP
---------------------------------------------------
53700 179 0.1% 128.139.199.2
48600 162 0.1% 128.139.225.245
38400 128 0.1% 132.76.61.53
35400 118 0.1% 132.76.61.54
34500 115 0.0% 104.22.49.147
24300 81 0.0% 192.114.7.2
23400 78 0.0% 192.114.23.221
19800 66 0.0% 128.139.15.15
15900 53 0.0% 128.139.200.5
14400 48 0.0% 132.66.251.11
Top-10 Possible Targets by Bytes:
Src IP Src Port Dst IP Dst Port Sampled Count
-------------------------------------------------------------------
45.125.66.171 48144 1496604000
45.125.66.171 1496604000
2.19.126.227 443 74805600
2.19.126.227 37082 74805600
2.19.126.227 74805600
443 128.139.199.2 74805600
128.139.199.2 37082 74805600
128.139.199.2 74805600
194.180.49.68 57479 50532000
194.180.49.68 50532000
Further Details:
https://primary.nemo.geant.org/alerts/details/285214/
More information about the Nemo-ddos-list
mailing list