Check DDOS

Are you under attack by DDOS. We can find out it in awesome linux command netstat!

Command

netstat -tlanp

Check in netstat and display all active collection

netstat -an |grep :80 |sort

Show only active connection port 80 and sort result

netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1

List IP and its number active connection port 80 and sort

netstat -n -p |grep SYN_REC |wc -l

Find out how many active SYN_REC. The number should be low, less than 5. If DDOS attack incidents on mail bombs, then number will raise to pretty high.

netstat -n -p |grep SYN_REC |sort -u

List all active SYN_REC and sort

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr

To listand check out the maximum connection per IP connected.



Server is hosted by Alanstudio
Linux Operating System

Recommend screen resolution 1024 x 768 / IE / FireFox
Alan Studio © 2007 by Alan Cheung Hin Lun. All rights reserved.