HostOnNet Blog

How to check ddos attack on server

ddos attack
How to check number of active conection that are open to your server in server.

root@serverxx [/etc]# netstat -n | grep :80 |wc -l
120
root@serverxx [/etc]#

If you are much above 500 you are probably having problems.

root@serverxx [/etc]# netstat -n | grep :80 | grep SYN |wc -l
5
root@serverxx [/etc]#

You get over 100 you are having trouble with a syn attack.

To Block a certain IP address that on server . Please use following commands

use follwoing command to block a ip with iptables on server

iptables -A INPUT 1 -s IPADRESS -j DROP/REJECT

service iptables restart

service iptables save

Then KILL all httpd connection and restarted httpd service by using following command


killall -KILL httpd

service httpd startssl


About Annie

I've been working in Technical Section for over 10 years in a wide range of tech jobs from Tech Support to Software Testing. I started writing blog for my future reference and useful for all.