check total connection to our server

Posted by cikul | Posted in Linux | Posted on 25-05-2008-05-2008

0

To check total connection to our server, we can use command :

root@server [~]# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

That command useful if you want to check any DDOS attack to your server.
example :

root@server [~]# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
1
1 190.82.48.157
1 69.221.235.133
1 70.188.18.63
1 74.195.17.164
1 75.84.249.134
1 78.172.142.25
1 88.105.153.211
1 91.33.233.182
1 Address
1 servers)
2 125.164.222.101
2 206.128.211.104
2 24.64.223.204
2 66.249.73.187
2 70.104.146.102
2 84.127.106.163
2 89.240.154.238
2 89.82.219.12
3 84.253.219.80
4 201.223.248.217
4 75.46.197.84
4 81.83.90.157
4 85.243.111.6
4 90.154.206.252
5 222.124.142.66
6 24.126.166.9
7 84.68.96.236
8 88.111.189.78

while you found some DDOS attack, you can drop with this following command :

root@server [~]# route add 67.159.5.102 reject

Write a comment

*