Am I being Dos/DDoS'd? Print

  • 1

Heres a nifty command you can use in order to see the number of connections per IP. It's a bit easier on the eye that the raw output of netstat.

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

If you suspect any IPs there with too many connections you can obviously add the IP to the deny list in your firewall

APF: apf -d xx.xx.xx.xx
CSF: csf -d xx.xx.xx.xx

OR if you dont use APF or CSF, just add it straight into iptables

iptables -I INPUT 1 -s -j DROP xx.xx.xx.xx

Was this answer helpful?

« Back

Powered by WHMCompleteSolution