Is my Server under DDOS attack?

Denial of Service – DDOS – means that you have so many requests of your server, that the server cannot even manage to say “no” to all of the requests

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

What this does;

  • Show all current connections
  • Take the 5th column – origin IP address
  • Remove the port they are accessing – leaving only the IP address proper
  • Sort the results
  • Group the results and provide a count
  • Sort by the number of conections from each IP – consider each word as a number (not word)

Leave a comment

Your email address will not be published. Required fields are marked *