Diagnosing a dos Attack Under Linux
Q. How do I find out if I Linux box is under DoS attack or not form a shell prompt?
A. You can simply use netstat command to print out a list of all open connection to your Linux box. The list will be sorted out using sort command including total number of connections from a specific IP address.
Task: Looking at open connections (DoS)
Login as the root user
Type the following command
# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
Subscribe to our free e-mail newsletter or RSS feed to get all updates.
You can Email this page to a friend.
Related Other Helpful FAQs:
- Sendmail Limiting Denial of Service (DOS) Attack
- Securing MySQL server
- FTP Maximum number of clients exceeded error and solution
- Warning: Remote Host Identification Has Changed error and solution
- Linux Password Cracking: Explain unshadow and john commands ( john the ripper tool )
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: awk print, dos attack, ip address, Linux, netstat command, open connections, root user, shell, sort command
Recent Comments
Today ~ 3 Comments
Today ~ 57 Comments
Yesterday ~ 9 Comments
Yesterday ~ 7 Comments
Yesterday ~ 1 Comment