SSH Command :: Netstat -alpn?

Dec 25, 2008

what does the below command actually means I mean when we use it? and in which case it help us? and up to what value there is nothing to worry about? Waiting for detailed reply

netstat -alpn | grep :80 | awk '{print $4}' | cut -d: -f1 |sort |uniq -c

View 10 Replies


ADVERTISEMENT

-bash: Netstat: Command Not Found

Apr 2, 2008

i got a new sever and was looking at few thing.

just ran netstat and saw this -bash: netstat: command not found

how can i correct it?

View 7 Replies View Related

Netstat -an Or -tln

Aug 9, 2008

netstat -tln shows my port 80 is listening.

tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN

but netstat -an shows nothing about port 80

actually my web can not be accessed. it shows "Cannot find server or DNS Error " under Internet Explorer.

View 4 Replies View Related

Netstat, Csf

Jun 11, 2007

I am not shure if this is a configuration problem or it's bacause netstat has it's own way to display things.

Recently csf blocked an IP address for flooding.

My server ip address is something like 192.168.1.201.

The ip that csf blocked was 192.168.1.20.

That IP belongs to an other server that is not ours.

netstat was showing a lot of connections from 192.168.1.20 (the ip that is not ours) but the guys that manage the server with that ip (192.168.1.20) did not saw any connection from them to us. So I thought it's just a spoofed flood. But, the thing is I've blocked that ip and still connections were made.

My conclusion was that netstat was showing 192.168.1.20 "flooding" instead of 192.168.1.201. (the server was connectiong to itself).

iptraf also was showing the server was connecting to itself on the lo interface.

My questions are:
csf is based on netstat for tracking connections?
has anyone had ths type of problem before?
If netstat is showing something else isn't this a bad thing for all (a lot) the scripts that use netstat?

View 0 Replies View Related

Netstat & APF Cron Job

Oct 28, 2008

Netstat & APF cron job ...

View 7 Replies View Related

Netstat :: How To List IP Addresses?

May 19, 2009

My site is under attack, when i run this command
[php]netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -[/php
it show

1 116.xxx

1 118.xxx

1 203.xx

1 222.xxx

1 Address

1 servers)

3 115.xxx

3 123.xxx

4 58.xxx

10 127.0.0.1

694

What 694 connections mean ? Why netstat don't list their IP ? How can i know which IP is attacking my site ?

View 5 Replies View Related

Netstat Results Show 3 Ips In Same Location With Several Connections

Mar 13, 2008

I'm new to server administration/security/troubleshooting, so I have included a lot of info here hoping it will help.

This started because a Linux VPS with CentOS and Exim crashed after only 3000 emails were sent (of 30000) total

I ran a netstat and several times I get three separate ips with the only difference being the last two digits and the port number:
86.104.230.29:59009
86.104.117.45:18065
89.37.137.157:41593

As far as I can tell they are from Romania, and there are several connections.

I have posted a lot of information below, if someone can take a look and give some ideas, it would be very much appreciated.

netstat:

Code:
tcp 0 0 mydomain.com:http 86.104.117.98:34060 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.82:59022 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.219:52276 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.163:25383 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.154:20794 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.235:39094 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.127:61711 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.127:5748 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.37:63424 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.228:54121 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.226:39605 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.91:6446 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.10:54841 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.100:22842 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.118:32674 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.80:16559 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.64:47817 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.136:21718 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.246:37288 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.28:62119 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.190:4468 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.8:25247 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.100:35503 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.199:20896 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.237:saft SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.199:47952 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.118:60561 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.181:10844 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.125:50584 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.253:17855 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.10:25740 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.109:29528 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.62:47349 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.55:4614 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.226:22001 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.163:11790 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.44:8911 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.46:telnets SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.190:27377 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.181:34031 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.19:41722 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.100:57151 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.145:61402 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.53:52461 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.26:42463 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.217:35530 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.35:63414 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.154:56638 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.26:43972 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.172:6922 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.17:3683 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.210:2397 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.46:18754 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.244:4032 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.235:8602 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.82:39495 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.19:28848 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.163:47624 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.8:2683 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.55:43300 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.37:1664 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.118:36892 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.17:7317 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.109:56229 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.217:45257 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.73:15278 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.64:14076 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.116:14567 SYN_RECV

View 3 Replies View Related

Listing/banning Ipv6 Addresses From Netstat Output

Jan 19, 2008

I've been happily banning ip's using the output from

netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1

for over a year now, with iptables. However recently, after upgrading to apache 2.2, the connections in netstat get listed as ipv6. A row can look like this for example:

tcp6 0 0 ::ffff:12.123.123.123:80 ::ffff:12.123.12.:12382 ESTABLISHED-

(actual ip addresses changed)

As you can see, the remote ip address isn't complete, it's cut off, so the script used to sum up connections and insert into iptables isnt doing anything.

View 0 Replies View Related

Command To Stop The Wget Command

Apr 30, 2007

Is there a command i can type into the ssh console to stop a current transfer that i started wit the wget command?

the file im wgeting always stuffs up at 51% but then the server just retries and starts again, its done it 3 times so far and i just want to completely cancle the process if possible....

View 9 Replies View Related

Netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1

Feb 1, 2007

What does this string do? I copy and paste it into my SSH Shell and i get ip addresses and numbers next to them.

Each number means one connection?

netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1

View 1 Replies View Related

Meaning Of "netstat"

Dec 17, 2007

Maybe someone would be kind enough to enlighten me of the meaning of a netstat output. I know netstat is supposed to tell you the current active connections but would like some more details(what does each column mean?):

Code:
[root@]# netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address Stat
I notice that often times I see my ISP's mail server connecting to domains I didin't even set up yet. Sometimes I see google(I guess indexing my sites). But in addition some times I see some scary foreign addresses like from nigeria or one really common one, one which I see pretty often when I run netstat is:

Quote:

tcp 0 0 mydomain.com:http [somehostname].amenworld.com:40867 TIME_WAIT

I can't seem to make any sense of it, what are they doing and why are they always "connected' to my server?

I could just be over reacting on some of this stuff but just curious about what this all means.

View 2 Replies View Related

SSH: What Does The 'last' Command Do

Jul 16, 2008

I tried to look up tutorials for basic commands, but none listed "last"

View 4 Replies View Related

Regarding Cp Command

May 3, 2007

i have a problem

for example my current path in server is
root@server [/home/user1/public_html/upload]#
and i wanna copy every thing inside directory upload to /home/user1/public_html/
but when i used this command
root@server [/home/user1/public_html/upload]#cp -r -f *.* /home/user1/public_html/

then it just copy files . is there is any way to copy folder as well?

View 8 Replies View Related

Top Command

Sep 14, 2007

Im using the 'top' command on my server to view the memory and cpu usage, to save me sitting in front of my pc for hours looking at it, is there any way I can save it to a text file for viewing later on

its a 1and1 business server 1

View 3 Replies View Related

Ssh Command To Do This

May 13, 2007

I want to delete all files named .ftpquota from the server, what's the ssh command to accomplish this?

View 3 Replies View Related

Ssh Command

May 11, 2007

Whats the command to search inside files on a server....

i know locate <name> locates files.

but how do i actually search inside all files...

i know it can take a while/resources....

View 5 Replies View Related

I/O Command

Feb 12, 2007

Can anyone please tell me if there is another command to get I/O HDD stats for FreeBSD except gstat?

View 3 Replies View Related

Command To See What Is Using All Of RAM

Jun 5, 2007

My server's ram keeps on spiking to 100%. And this causes this error:

Code:
SQL error: Out of memory

So far, the only way I can sort this problem out is to reboot it.

Is there any commands to find out what is eating up all of the ram?

View 5 Replies View Related

Command Not Foundline 438: KN:q?

Nov 17, 2006

i tried installing the APF firewall by following this thread:

http://www.webhostingtalk.com/showthread.php?t=327478

After configuring all the ports, i start the firewall with this command /usr/local/sbin/apf -s

and I got:

: command not foundline 438: kN:q
: command not foundline 438: kN:q
: command not foundline 438: kN:q
Development mode enabled!; firewall will flush every 5 minutes.
: command not foundline 438: kN:q

Is this normal?

View 4 Replies View Related

SSH Memory_limit - Command

May 20, 2009

how could I increase the memory limit on my server via SSH?

I have it currently on 30MB and need to increase it to 50MB.

View 3 Replies View Related

Clamscan Command

Apr 21, 2009

Can you please provide a clamscan ssh command for scan all sites public_html folder?
I know "clamscan -i -r --remove /home/" can scan all /home directrory and sub-directory, but its can have a heavy cpu process and serer load!

View 1 Replies View Related

Zip From Command Line

Feb 15, 2009

Im trying to zip up an sqlite database backup.

I execute this command

Code:
zip ../d/db/backup.zip ../d/db/09-02-15.sqlite
backup.zip never appears. Instead, I get some random filename in the directory. Like ziOHokOw

If I try to zip a smaller file(last weeks backup) everything runs fine?

Code:
zip ../d/db/backup.zip ../d/db/09-02-08.sqlite
So the 134mb file zips fine, but the 200mb one seems like its failing and im left with some type of temporary file. I tried downloading the weird filename and unzipping it. It has partial info like directory structure, the filename but the actual file inside is corrupt.

View 1 Replies View Related

Gzip Command

Jul 31, 2008

i am use to zip command but on this server gzip is only installed.

So I ran this command

gzip -r /domains/

instead of this

gzip -r /domains/ > backup.gz

Now wat it has done is instead of creating a single file with all the files in compressed format, it has created their gz copy there in the recursion.

How can I delete all those files in recursion? I have tried

rm -Rf /domains/*.gz

View 3 Replies View Related

Pscan2 Command

Aug 6, 2008

What is pscan2 command?

Its take a long process and cpu load on my server.

8986 root 25 0 1516 484 408 R 64 0.0 5:36.97 pscan2

View 1 Replies View Related

Apt-get Command Not Found

Apr 27, 2008

I have recently brought a VPS hosting package. At the moment I am going through the tutoritals on the net that I have researched before getting a VPS package to give me some understanding on what I need to do to securior the server and also how to install the software that I require.

For most of today, I have been trying to sort out a problem that I am currently having.

Of which is I am trying to sort out a part of the tutorial from a website that requires the use of apt commands.

But for every command I am getting the message back apt..... Command not found. I am currently using the ubuntu operating system. And through some research, I have got the feeling that I might have the bare installation done on my server to just make it work.

Would I be right, and with the bare installation apt commands wouldn't be installed?

If I am, how would I go about installing the Apt commands and anything else that I might require?

View 7 Replies View Related

Yum Remove Command

Jul 29, 2008

I had some issues with PHP compilation seems to be issue with zlib. So I decided to remove it. What happened then is something like nightmare...

The command yum remove zlib removed zlib + all dependencies without asking me what to remove. So it removed majority of packages including yum itself.

How can I force yum to not remove dependencies when I uninstall some package?

View 5 Replies View Related

Delete Command

Feb 24, 2008

can i activate the deletion command for 10 or 30 mins and then stop it? i think by this way we cant delete some files from the dir and not all the files so i can edit my files

i want to do this because my server doesnt respond to any file system command because my hardisk is full! so i need to remove some files by any way

View 13 Replies View Related

About TOP Command - Linux

Nov 12, 2008

is there a way to look which process/user used the most cpu in last 30min or in last hour.

View 3 Replies View Related

What Is The Command Line

May 10, 2008

What is the Command Line, hoe do I get to it, when I do how do I update Perl to 5.88

View 5 Replies View Related

Bash SSH Command

Jun 30, 2007

I've just about got my mysqldump script ready,

Here is what it looks like:

Code:
#!/bin/sh
mysqldump -uusr -ppwd --opt db > /home/usr/dbs/1.sql
mysqldump -uusr -ppwd --opt db2 > /home/usr/dbs/2.sql

cd /home/usr/dbs
tar -zcvf sqldata.tgz *.sql

How would I make my finished gzipped file's filename to include the date?

Would I add any tags infront of sqldata.tgz *.sql?

Or would I have to run another command after the last line?

View 14 Replies View Related

Crontab -e Command

Aug 23, 2007

I can't edit or add anything when using this command

crontab -e

all the jobs appears but I can't edit

View 3 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved