HostOnNet Blog

How to check ddos attack on server

ddos attack
How to check number of active conection that are open to your server in server.

root@serverxx [/etc]# netstat -n | grep :80 |wc -l
root@serverxx [/etc]#

If you are much above 500 you are probably having problems.

root@serverxx [/etc]# netstat -n | grep :80 | grep SYN |wc -l
root@serverxx [/etc]#

You get over 100 you are having trouble with a syn attack.

To Block a certain IP address that on server . Please use following commands

use follwoing command to block a ip with iptables on server


service iptables restart

service iptables save

Then KILL all httpd connection and restarted httpd service by using following command

killall -KILL httpd

service httpd startssl

About Annie

I've been working in Technical Section for over 10 years in a wide range of tech jobs from Tech Support to Software Testing. I started writing blog for my future reference and useful for all.