How Can i tell if my server is being DoS/DDoS'd (denial of service ) ?

You can use this command to see the number of connections per IP. It's a bit easier on the eye that the raw output of netstat.

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

 

If you suspect any IPs there with too many connections you can obviously add the IP to the deny list in your firewall

APF: apf -d xx.xx.xx.xx
CSF: csf -d xx.xx.xx.xx

OR if you dont use APF or CSF, just add it straight into iptables

iptables -I INPUT 1 -s -j DROP xx.xx.xx.xx

  • 63 Users Found This Useful
Was this answer helpful?

Related Articles

How can i show my cpu info (linux)?

How can i show my cpu info? Log in to your server via SSH then typ;e the following command...

How do i fix - 4gb seg fixup on debian (lenny)?

Some clients have had problems when upgrading their vps from Debian Etch to Debian Lenny.  After...

How do i fix - There is no public key available for the following key IDs: 9AA38DCD55BE302B

When i run apt-get update on my debian system i get the following error :- Thereisnopublic key...

How do I install Lua 5.0 on a debian system?

How do I install Lua 5.0 on a debian server?   You can do this by simply logging in to your...