How can i tell if my vps is being DoS/DDoS'd (denial of service ) ?

You can use this command to see the number of connections per IP. It's a bit easier on the eye that the raw output of netstat.

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n


If you suspect any IPs there with too many connections you can obviously add the IP to the deny list in your firewall

APF: apf -d xx.xx.xx.xx
CSF: csf -d xx.xx.xx.xx


OR if you dont use APF or CSF, just add it straight into iptables

iptables -I INPUT 1 -s -j DROP xx.xx.xx.xx

  • 43 Users Found This Useful
Was this answer helpful?

Related Articles

How To Help Protect Against DNS Reflection DDoS

More and more each day DNS servers are getting exploited and abused.  Hackers able to use...

Zombie Process Slayer - Script to kill defunct processes

Here is a small script that you can use to show you which processes are zombies and which user is...

What Program do i use to connect via SSH?

What Program do i use to connect to SSH? We recommend that you use Putty. This can be...

What Program do i use to connect via SSH?

What Program do i use to connect via SSH? We recommend that you use Putty. This can be...