Diagnosing a dos Attack Under Linux

by on February 17, 2008 · 0 comments· LAST UPDATED March 17, 2008

in , ,

Q. How do I find out if I Linux box is under DoS attack or not form a shell prompt?

A. You can simply use netstat command to print out a list of all open connection to your Linux box. The list will be sorted out using sort command including total number of connections from a specific IP address.

Task: Looking at open connections (DoS)

Login as the root user

Type the following command
# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

See how to find out if your server is under attack or not. You can also list abusive IP address using this method.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 0 comments… add one now }

Leave a Comment

Tagged as: , , , , , , , ,

Previous Faq:

Next Faq: