Pace Solutions Blog

Web 2.0, e-Commerce, Joomla, WordPress, Facebook Applications, Drupal, Open Source, CMS, PHP, MySQL, AJAX

How to check DDOS Attack on Server

A quick and useful command for checking if a server is under DDOS:

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

This will list the IPs taking the most amounts of connections to a server.

To check active connections that are open to your server, if this number is more then 800 then you might be having an attack

netstat -n | grep :80 |wc -l

To check against SYN attacks, this number should not be more then 100.

netstat -n | grep :80 | grep SYN |wc -l

Tags: , , , ,

This entry was posted on Saturday, July 4th, 2009 at 9:03 PM and is filed under Dedicated Servers, Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

«
»

Leave a Reply

Copyright © 2009, Pace Solutions. All rights reserved.
Privacy Policy | Terms of Use | FAQ's | Feedback | Contact Us
www.arslanrauf.com