Diagnosing a dos Attack Under Linux

Q. How do I find out if I Linux box is under DoS attack or not form a shell prompt?

A. You can simply use netstat command to print out a list of all open connection to your Linux box. The list will be sorted out using sort command including total number of connections from a specific IP address.

Task: Looking at open connections (DoS)

Login as the root user

Type the following command
# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

See how to find out if your server is under attack or not. You can also list abusive IP address using this method.

Posted by: SXI ADMIN

The author is the creator of SXI LLC and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

How to Make Website WCAG Compliant?

Next Post

Link download Kali Linux 2020.1 (ISO + Torrent)

Related Posts