HostOnNet Blog

How to check ddos attack on server

Posted on September 9, 2014 by Annie

Looking for Linux Server Admin or WordPress Expert? We can help.

Contact Us

ddos attack
How to check number of active conection that are open to your server in server.

root@serverxx [/etc]# netstat -n | grep :80 |wc -l
120
root@serverxx [/etc]#

If you are much above 500 you are probably having problems.

root@serverxx [/etc]# netstat -n | grep :80 | grep SYN |wc -l
5
root@serverxx [/etc]#

You get over 100 you are having trouble with a syn attack.

To Block a certain IP address that on server . Please use following commands

use follwoing command to block a ip with iptables on server

iptables -A INPUT 1 -s IPADRESS -j DROP/REJECT

service iptables restart

service iptables save

Then KILL all httpd connection and restarted httpd service by using following command


killall -KILL httpd

service httpd startssl

About Annie

I've been working in Technical Section for over 10 years in a wide range of tech jobs from Tech Support to Software Testing. I started writing blog for my future reference and useful for all.
Posted in Linux Administration

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.