ids.alfacom.it/attached_assets/Pasted--forward-in-pppoe-1511-1179-comunedisa-out-sfp-sfpplus2-VS-AS-connection-state-new-proto-TCP-SY-1763801791531_1763801791531.txt

 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:15256->108.55.41.22:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:15256->108.55.41.22:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:24416->185.114.48.212:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:24416->185.114.48.212:445, len 52
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-856_gianluca.carmellino>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 178.22.24.64:53707->185.203.25.160:10401, len 44
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-856_gianluca.carmellino>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 178.22.24.64:53707->185.203.25.160:10401, len 44
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 183.147.162.78:42369->185.203.24.153:23, len 60
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 183.147.162.78:42369->185.203.24.153:23, len 60
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-datev.router>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 38.242.148.189:51558->185.203.25.199:53, len 69
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:59956->185.114.64.51:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:59956->185.114.64.51:445, len 52
 forward: in:<pppoe-1496_1143_demartinog> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:38:83:be:c8:60, proto UDP, 10.0.254.250:64924->216.58.205.46:443, len 1228
 forward: in:<pppoe-1496_1143_demartinog> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:38:83:be:c8:60, proto UDP, 10.0.254.250:64924->216.58.205.46:443, len 1228
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:26015->85.39.11.225:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:26015->85.39.11.225:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:21538->216.0.0.11:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:21538->216.0.0.11:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:48075->108.55.66.212:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:48075->108.55.66.212:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:23250->78.107.87.197:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:23250->78.107.87.197:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:62934->172.121.122.57:445, len 52
 forward: in:<pppoe-1511_1179_comunedisa> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:62934->172.121.122.57:445, len 52
 forward: in:<pppoe-1641_1395_hlukhnatal> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.64:35308->168.138.169.206:443, len 60
 forward: in:<pppoe-1641_1395_hlukhnatal> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.64:35308->168.138.169.206:443, len 60
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.24.204:4499, len 44
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.28.229:20400->185.203.24.25:443, len 52
 forward: in:<pppoe-gennaro.cibelli.sala> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 84:d8:1b:68:7e:07, proto UDP, 185.203.25.162:57994->17.253.53.73:443, len 1378
 forward: in:<pppoe-gennaro.cibelli.sala> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 84:d8:1b:68:7e:07, proto UDP, 185.203.25.162:57994->17.253.53.73:443, len 1378
 forward: in:<pppoe-gennaro.cibelli.sala> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 84:d8:1b:68:7e:07, proto UDP, 185.203.25.162:57994->17.253.53.73:443, len 700
 forward: in:<pppoe-gennaro.cibelli.sala> out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 84:d8:1b:68:7e:07, proto UDP, 185.203.25.162:57994->17.253.53.73:443, len 700
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.25:27540->185.203.24.94:443, len 52
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.25:27540->185.203.24.94:443, len 52
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-alfonso.santonicola>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 103.102.230.4:33260->185.203.25.227:8728, len 44
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:<pppoe-alfonso.santonicola>, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 103.102.230.4:33260->185.203.25.227:8728, len 44
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:sfp-sfpplus1_VS_FTTO, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 68.183.27.223:43452->185.203.26.33:29092, len 52
 detected-ddos forward: in:sfp-sfpplus2_VS_AS out:sfp-sfpplus1_VS_FTTO, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 68.183.27.223:43452->185.203.26.33:29092, len 52
 forward: in:<pppoe-891_mariagiovanna.morrone> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.214:39490->44.212.216.137:443, len 60
 forward: in:<pppoe-891_mariagiovanna.morrone> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.214:39490->44.212.216.137:443, len 60
 forward: in:<pppoe-1024_maria.granato> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.94:47860->216.239.36.223:443, len 60
 forward: in:<pppoe-1024_maria.granato> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.94:47860->216.239.36.223:443, len 60
 forward: in:<pppoe-1024_maria.granato> out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.94:47864->216.239.36.223:443, len 60