Friday, 13 April 2012

DoS Attack Detection In Linux

You can simply use netstat command to print out a list of all open connection to your Linux box. The list will be sorted out using sort command including total number of connections from a specific IP address.
Login as the root user and type the following command,
[root@station1 ~]# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
      1 Address
      1 servers)

No comments:

Post a Comment