Tracking Forums, Newsgroups, Maling Lists
Home Submit Tracker Forums
  Advanced Search
  HOME    TRACKER    Web Hosting

Advertisements: & have generously sponsored dedicated servers and web hosting to ensure a reliable and scalable dedicated hosting solution for

How Can Check Ddos

How can we be sure that we are facing ddos attacks any good command which will make me 100 percent sure that there is ddos attacks on server ?

View Complete Thread with Replies

Sponsored Links:

Related Forum Messages:
Check And Prevent Ddos Attack
While working with different issues, I have seen that many clients complaining about ddos attack on their server. So, I am posting here some useful commands to check and prevent ddos attack.

First of all when you see that your site's or server speed is very slow even though there is not much load on your server, you can guess it might be ddos. Then run 'top' command and see which processes is more, if those are httpd then fire following command
which will show how many active connections your server is currently processing.
netstat -n | grep :80 | wc -l
netstat -n | grep :80 | grep SYN |wc -l

The first command will show the number of active connections that are open to your server. The number of active connections from the first command is going to vary widely but if you are much above 500 you are probably having problems.If the second command is over 100 you are having trouble with a syn attack.

netstat -anp |grep ‘tcp|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

That will list the IPs taking the most amounts of connections to a server.

use follwoing command to block a ip with iptables on server


service iptables restart

service iptables save

You can place ip's which you want to block in hosts.deny

vi /etc/hosts.deny

httpd: IP

write and quit


Then KILL all httpd connection and restarted httpd service by using following command

killall -KILL httpd

service httpd startssl


This are all the step to check and prevent ddos on your server.

View Replies!   View Related
Check And Verify DDOS Attack?
in the last couple of days we really have problem accessing web service, while ftp, ssh, work fine. While we getting connection time out, the load on the server is really load around .2 and get numerous e-mail from Cpanel that httpd is failling and try to restart.

How can i do to check and verify that there a DDOS attack?

What step can i do to possibly minimize DDOS attack?

View Replies!   View Related
Being Ddos'd By A U.K Ddos Protection Company -
it's come under my attention that has been ddosing me today since morning from the ip:

What's so ironic about it is that the ip is from a UK DDOS protection site so i'm expecting some email with their services in the next hour or so. Stay clear of them they are fakes and e-terrorists.

View Replies!   View Related
How To Check Load Via Ssh And Check Files Causing Load
I would like to know how to check load via ssh and check files causing load?

I want the ssh codes for 2 different set of control panels, one with cpanel+whm and other with kloxo+hypervm

and I would also know how to check the files causing the load, such as some files could have been interrupted while processing, so they could be causing load some times, so I want to stop such processes if any are running on the vps on my friends accounts

View Replies!   View Related
DDoS Protection Providers Vs DDoS Protection Scripts
I am looking for some good ddos protection providers, via protected dns. I've searched on internet, but most of them are really expensive.

Please tell me some ddos protection providers what could help me.(gige is too expensive btw).

And I found some ddos protection scripts. How can a script protected a server from ddos? A sript like CSF or DDoS deflate?

View Replies!   View Related
How To Check VPS Os
i recently purchased a VPS from, but im not sure what OS of linux it is. How can you check the OS of the server?

View Replies!   View Related
How To Check Ram
Let's say I have a VPS with 512 MBs of RAM.

How do I check in shell that this is indeed the case?

I read in some places that "top" and "free -m" and such can help.

But these gave me way more than 512.

Here is the output from my "free -m". Total shows here 3886 MBs of MEM??? That is almost 4 Gigs. Please someone explain this.

total used free shared buffers cached
Mem: 3886 3721 164 0 17 542
-/+ buffers/cache: 3161 724
Swap: 6142 2020 4121

View Replies!   View Related
Nobody Check

Nobody Check 1.0.3 Current on cPanel

Tue Mar 20 16:00:02 SGT 2007 on
Server Load: 16:00:02 up 21 days, 14:02, 0 users, load average: 2.73, 2.20, 2.08
Warning: Malicious Nobody Process Found
Options: kill bad proc=1 logging lvl=1


Clean Processes: 57
DETECTED Malicious Processes: 1


DETECTION: Process 4221 with name php and path /usr/bin/php

Process ID: 4221 has been killed
Restuls for PID: 4221
total 0
dr-xr-xr-x 3 easyzz easyzz 0 Mar 20 16:00 .
dr-xr-xr-x 291 root root 0 Feb 27 10:01 ..
dr-xr-xr-x 2 easyzz easyzz 0 Mar 20 16:00 attr
-r-------- 1 easyzz easyzz 0 Mar 20 16:00 auxv
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 cmdline
lrwxrwxrwx 1 easyzz easyzz 0 Mar 20 16:00 cwd -> /home/easyzz/public_html
-r-------- 1 easyzz easyzz 0 Mar 20 16:00 environ
lrwxrwxrwx 1 easyzz easyzz 0 Mar 20 16:00 exe -> /usr/bin/php
dr-x------ 2 easyzz easyzz 0 Mar 20 16:00 fd
-rw-r--r-- 1 easyzz easyzz 0 Mar 20 16:00 loginuid
-r-------- 1 easyzz easyzz 0 Mar 20 16:00 maps
-rw------- 1 easyzz easyzz 0 Mar 20 16:00 mem
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 mounts
lrwxrwxrwx 1 easyzz easyzz 0 Mar 20 16:00 root -> /
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 stat
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 statm
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 status
dr-xr-xr-x 3 easyzz easyzz 0 Mar 20 16:00 task
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 wchan



Hello, I got this notification from the 'Nobody Check'.

Is there anything I need to be aware of? ..

View Replies!   View Related
Mem Check
confirm this is only 1gig of ram?

Mem: 1034096 985128 48968 0 157944 559136
-/+ buffers/cache: 268048 766048
Swap: 2040212 160 2040052
Total: 3074308 985288 2089020

View Replies!   View Related
CSF Security Check
I'm running CSF on a Cpanel server and have questions about new features in CSF

Apache Check

Check Apache weak SSL/TLS Ciphers (SSLCipherSuite)


Cipher list []. Due to weaknesses in the SSLv2 cipher you should disable SSLv2 in WHM > Apache Configuration > Global Configuration > SSLCipherSuite > Add -SSLv2 to SSLCipherSuite and/or remove +SSLv2. Do not forget to Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf

Can someone explain this in laymen terms? I know this is new in Cpanel. I'm already running Apache 2.2, PHP 5.2.9 with suPHP enabled and mod_security as well (these rules: [url]

Also, what exactly are these CSF checks?

Check csf PT_SKIP_HTTP option
This option disables checking of processes running under apache and can limit false-positives but may then miss running exploits

Check csf SAFECHAINUPDATE option
This option closes a window of opportunity that opens when dynamic chain updates occur

View Replies!   View Related
How To Check If The HD Is SSD Drive
how to check using SSH if the HD is SSD drive in a linux box?

View Replies!   View Related
Possible To Run A Hardware Check On My VPS?
Is it possible to run a hardware check on my VPS?

For instance DFT (Drive Fitness Test) or Memtest?

I'm running HyperVM and WHM.

View Replies!   View Related
How To Check IP If It Can See My Server
I have one client who cannot see my server and all domains on it. I;ve checked if his IP is block or not and I didn't see his IP on the apf deny host file. How to you check IP if it can see my server? I just want to make sure before calling the ISP.

View Replies!   View Related
How To Check Flv/encoders
I used this script

Now, via command line how can I check that ALL these work and are enabled for example? I'm not talking about visually seeing the files there, I mean actually enabled.

View Replies!   View Related
Unsubscore Check
I recently added to my email server. I only have that one and the SpamHaus (Zen) activated.

I am able to see the SpamHaus listed on DNSStuff and on SpamHaus website that the person trying to email me is not listed.

So I have to think that it is list. But what domain name can I enter into the browser to check this list? does not work. A little searching led me to lashback, but the IP is not listed there either.

View Replies!   View Related
BGP4 Check
You know, maybe, how to check if my provider has bgp4?

Via unix command or somnething...

View Replies!   View Related
How Can I Check Logs
How can I check the logs to see if there are any errors? Can I check this via WHM?

View Replies!   View Related
CPU Usage Check
Few days ago I had a problem with my httpd. I finally nailed it down and came on a conclusion that my MaxClients were set too low so I had to set it to high number and it seems like that the proble of "Network Timeout" had been resolved but now the problem is still continued. Here is what I think is wrong

Cpu(s): 1.5%us, 0.4%sy, 0.0%ni, 96.7%id, 0.3%wa, 0.3%hi, 0.8%si, 0.0%st
The 96.7%id always stays above 90% is that bad and how do i fix it?

View Replies!   View Related
How To Check Who Is Using MySQL
I have a problem where mysqld is using 95 - 97% CPU usage all the time.

How can I see what user is causing this ? I have installed mytop but when I use it I get


[root@server1 ~]# mytop
Cannot connect to MySQL server. Please check the:

* database you specified "test" (default is "test")
* username you specified "root" (default is "root")
* password you specified "" (default is "")
* hostname you specified "localhost" (default is "localhost")
* port you specified "3306" (default is 3306)
* socket you specified "" (default is "")

The options my be specified on the command-line or in a ~/.mytop
config file. See the manual (perldoc mytop) for details.

Here's the exact error from DBI. It might help you debug:

Access denied for user 'root'@'localhost' (using password: NO)

I really need to track down the culprit!

View Replies!   View Related
How To Check Logfile
i just don't remember what was the command to check logfile in linux to see what was going on in my server, since i think someone hacked in to my server and i was ddos last couple days.

View Replies!   View Related
Where To Check Name Servers And Do Who Is
Where to check name servers and do who is as
is a paid service now.

View Replies!   View Related
Check Limits In A Vps
as a vps customer, how can i check processor, memory and each others resource limits in my vps which allocated for me?

View Replies!   View Related
Root Kit Check On Vps
Am am running through a checklist of to-do's on a new VPS I just received. I haven't used it in a production environment yet.

While doing a root kit check I got these lines back that perturb me.

Checking `bindshell'... INFECTED (PORTS: 465)
Checking `lkm'... You have 103 process hidden for readdir command
chkproc: Warning: Possible LKM Trojan installed

how serious the implications are of those lines? And should I expect this on a machine that has no traffic and is a fresh install?

View Replies!   View Related
Ports Check
Which command can I verify if a port is opened?

View Replies!   View Related
How To Check Security In My VPS
I have 1 VPS from vpsland

Plesk 8.1 , how to check my VPS security?

View Replies!   View Related
How To Check If An IP Is Blocked
One of my hosted user complained that he can't access his website nor he can ping the website. When I asked him to access my 2nd server (same datacenter), it went fine. I could be thinking that my server is blocking his IP.

How do I check if his IP is blocked?

I am using APF+BFD Iptables firewall (i don't know but i hope this make sense)

View Replies!   View Related
Virtuozzo Check Resources
Is there a way on a Virtuozzo server (via. SSH) to check how much CPU or load/cpu-resources each container is using? Or some other way?

View Replies!   View Related
How Do You Check Your Hosting Speed
Is there a quick way to check out how fast you are from the web host your buying..

View Replies!   View Related
How To Check Connections To My Server
There use to be a thread on here but because of the wht hack, it didn't get now I can't go back to it.

It was a command in ssh that printed out a number of connections. Like 12,000 or something.

View Replies!   View Related
HDD Check On Dedicated Server
What is the best way to check the HDD on new Dedicated server?

I would like to see if there is a bad sectors, etc.

fsck? or ? what is the full command that would do the job the best.

OS is Centos.

View Replies!   View Related
Tool To Check Permissions
Is there any tool available which can be used to check permissions of the folders and files. For example, if we run the tool on the server it gives the list of files or folders which have write/modify permissions for everyone or other anonymous users in Windows.

View Replies!   View Related
How To Check VPS Port Speed In SSH
How can I check the post speed using SSH

so I can know if the server is on 10mbps or 20 or 100mbps?

View Replies!   View Related
Check Server For Dos Attack
How can check server for dos/ddos/syn attack?

Because my server load is high, perfromance is low, but i dont have any high process.

View Replies!   View Related
How To Check If You've Really Given The Correct Guaranteed RAM
let's say the package was 512mb ram guaranteed and burstable, how would I check if I was given the correct guaranteed RAM?

i have this 2 vps with the ff 1GB/2GB burst and 512mb/2gb burst

I'm asking because in HyperVM, I can see the max ram for the 2 packages as 2GB. how to check the guaranteed ram?

Also both of these are quad core but the other is showing 2.7Ghz per cpu while the other it's 0.5GHz.

View Replies!   View Related
Check Domains With Different IPs On Same Server
I'm not sure where to ask this but probably this section is the closest. I'm sorry if I use the wrong section.

Anyway I was wondering about checking using a reverse ip address tool which is available for free on the internet.

It seems that anyone can just check other domains which share the same IP address on a server.

However, I have a question.

Is it possible for anyone to check other domains which have different and unique IP addresses (for each domain) BUT all reside on a same server?

(meaning the person who is searching this only checks using one IP address/domain name to find out other domain names that reside on the SAME server)

Is there a 'free tool' out there that is capable of checking this?

View Replies!   View Related
Check And Mark Bad HD Sectors
Loaded Ubuntu 9.10 last night and on first boot it tells me my HD have bad sectors. Which is nice, good reporting from the new Ubuntu edition.

So I kicked off "badblocks -f -v -s /dev/sda" this morning before I took off to work using SystemRescue CD. Came home during lunch and it is still running, looks like it is going to take forever.

This is a 500GB HD, I don't intend to buy a new one. I just want all the bad sectors marked so OS don't ever use them again. Is there a better utility than *nix badblocks?

View Replies!   View Related
How Can I Check Out Server Stability?
How can I check out server stability of the hosting company?

I mean hostingsource company, their servers seem nice for me and I'd like to know more of their reliability and scalability.

View Replies!   View Related
How To Check Which Version Of Cent Os Is Used
how to check which version of cent os is used?

my friend ordered an vps with a host, he ordered 5.3 - 32bit but some how I feel he has been provided with 5.0 version by the host, I didn't know how to confirm it, when I checked his hypervm, this was the cent os details provided:

Ostemplate: centos-5-i386-hostinabox576

there is rebuild option in the hypervm and in tht when I look out,here it shows the following:

what my friend exactly needs is a cent os 5.3 - 32bit system, so if he selects cent os 5.3-ix386 (full) will it install with cent os 5.3 ?? he doesn't want kloxo to b in there auto, he/I can install tht,

View Replies!   View Related
How Do I Check For An Open Port
we have a new windows 2008 server

How do i enable a port

I tried adding a TCP under the control panel, firewall exceptions

but its not working, how do i open port 1533 or check to see if its open

I tried running netsta- an in cmd prompt

View Replies!   View Related
How To Check Ports In Server
i have problem with ports in server

how may i check ports?

for example 37549,53377,17235 and ...

i want know this ports are AVAILABLE or no

View Replies!   View Related
Check Websites Before Dns Propogation
I used to check new websites before dns propagation by adding an entry to windows/system32/drivers/etc/hosts file and used to work perfectly. But now days I think IE7 and Firefox 2 is bypassing the hosts file and the method is not working.

any alternative method to check the website before dns propagation?

View Replies!   View Related
File Integrity Check
I use tripwire for a long time on my FreeBSD servers

one thing that's bugging me is that it takes like 20 minutes to check the system with the default config:

so I'd like to know:
1) is there currently some other tool that does tripwire job better?

2) anyone has a list of "probably changed files when a server is hacked", or something like that?

I mean, I'll be happy if tests can take 2 minutes instead of 20 and I detect intrusion 99% of the times instead of 99,9%

so "key files/dirs" would probably be enough instead of checking a lot of dirs with recursion

View Replies!   View Related
File Integrity Check
Are the following file from Cpanel? Cpanel just update itself (set to automatic update to stable release) and got the following file integrity check.

/usr/bin/chattr: FAILED
/usr/bin/encode_keychange: FAILED
/usr/bin/gdb: FAILED
/usr/bin/gdbserver: FAILED
/usr/bin/gdbtui: FAILED
/usr/bin/lsattr: FAILED
/usr/bin/snmpbulkget: FAILED
/usr/bin/snmpbulkwalk: FAILED
/usr/bin/snmpdelta: FAILED
/usr/bin/snmpdf: FAILED
/usr/bin/snmpget: FAILED
/usr/bin/snmpgetnext: FAILED
/usr/bin/snmpinform: FAILED
/usr/bin/snmpnetstat: FAILED
/usr/bin/snmpset: FAILED
/usr/bin/snmpstatus: FAILED
/usr/bin/snmptable: FAILED
/usr/bin/snmptest: FAILED
/usr/bin/snmptranslate: FAILED
/usr/bin/snmptrap: FAILED
/usr/bin/snmpusm: FAILED
/usr/bin/snmpvacm: FAILED
/usr/bin/snmpwalk: FAILED
/usr/bin/uuidgen: FAILED
/usr/bin/wbemexec: FAILED
/usr/bin/xmlcatalog: FAILED
/usr/bin/xmllint: FAILED
/usr/sbin/ext2online: FAILED
/usr/sbin/filefrag: FAILED
/usr/sbin/mklost+found: FAILED
/usr/sbin/snmpd: FAILED
/sbin/badblocks: FAILED
/sbin/blkid: FAILED
/sbin/debugfs: FAILED
/sbin/dumpe2fs: FAILED
/sbin/e2fsck: FAILED
/sbin/e2image: FAILED
/sbin/e2label: FAILED
/sbin/findfs: FAILED
/sbin/fsck: FAILED
/sbin/fsck.ext2: FAILED
/sbin/fsck.ext3: FAILED
/sbin/logsave: FAILED
/sbin/mke2fs: FAILED
/sbin/mkfs.ext2: FAILED
/sbin/mkfs.ext3: FAILED
/sbin/resize2fs: FAILED
/sbin/tune2fs: FAILED

View Replies!   View Related
What Command To Check For Bad Sector
I am using linux centos.

Not sure how to check the bad sector for my harddisk.

View Replies!   View Related
Which Logs To Check If Dns Crashes
I have a VPS and almost once per day PIM has to restart the DNS service. I think it is because of the high volume of sites on it.

Could someone point me to which log files I could have a look at and maybe get a clue why it crashes?

View Replies!   View Related
Check How Much Hard Disk I Have?
how can i check how much hardisk i have with ssh/directadmin?

View Replies!   View Related
Command To Check The CPU Temperature
if there is a command to check the CPU temperature. Is the following the right way?

cat /proc/acpi/thermal_zone/THRM/temperature always gives 30 C.

I recently got a Intel Quad Core with 8 GB RAM. When the load is nearing 1.00, the kernel flashes the message below. It is always CPU1 and CPU2 while CPU3 and CPU0 is reported to be normal.

Sep 22 00:07:47 server2 kernel: CPU2: Temperature above threshold, cpu clock throttled
Sep 22 00:07:47 server2 kernel: CPU3: Temperature/speed normal
Sep 22 00:07:49 server2 kernel: CPU1: Temperature above threshold, cpu clock throttled
Sep 22 00:07:49 server2 kernel: CPU0: Temperature/speed normal

and /proc/acpi/thermal_zone/THRM/* always gives the following

<setting not supported>
cooling mode: critical
<polling disabled>
state: ok
temperature: 30 C
critical (S5): 110 C

View Replies!   View Related
How To Check A Raid-1 Hardware
any way to check (and confirm) if a hardaware RAID-1 is instaled?

it's a server with FC5.

View Replies!   View Related
Apf Block Connection, How Can I Check And Fix
I have apf installed on my server and it looks likely be inreachable,

and i try to reboot the server,

after rebooting, i can not connect from my pc to it any more,

i go to console and test,the server can ping and traceroute the out servers,

i think the newwork is online and the afp black the coming connection.

i try to run "apf -f" to stop the apf,

and my friend can connect the server laster.

i think it may be because the apf black the out-coming connection,

now,i need to check why the apf black others and try to fix it and restart the aps,

can anyone teach me how can i do now?

my server os is centos

View Replies!   View Related
How To Check Websites From All Over The World
I remember using a few years ago a site where you could plugin a domain name and a report will run showing if the site was vieable or accessible from all different parts of the worls, I forgot the URL does anyone know abou something like this?

View Replies!   View Related
How To Check If Company DC Owner Or Not
Do you know has own datacenter? They seem start offering colocation service

And there are lots of features included. Is it possible to provide without DC?

I'm wondering if they bought DC or they own it for long time or still rent? How to check that?

View Replies!   View Related
Can't Check Anything Always Access Denied
i got this message in my direct admin

This message has been automatically generated notifying you that the service httpd is currently down and i searched and someone recommend to check using this order in ssh and i got this message Could not open configuration file /etc/httpd/conf/extra/directadmin-vhosts.conf: Permission denied and also i get permission denied for anything related to apache

View Replies!   View Related
How To Check Space Used In Linux
Today I found my Disk /dev/sda3 (/) suddenly become 92% space used.

It is soemthign wrong. May I know how to check the space is used for which files?

View Replies!   View Related
Copyright © 2005-08, All rights reserved