How Can Check Ddos

Jul 18, 2009

How can we be sure that we are facing ddos attacks any good command which will make me 100 percent sure that there is ddos attacks on server ?



ADVERTISEMENT

Check And Prevent Ddos Attack

May 25, 2009

While working with different issues, I have seen that many clients complaining about ddos attack on their server. So, I am posting here some useful commands to check and prevent ddos attack.

First of all when you see that your site's or server speed is very slow even though there is not much load on your server, you can guess it might be ddos. Then run 'top' command and see which processes is more, if those are httpd then fire following command
which will show how many active connections your server is currently processing.
netstat -n | grep :80 | wc -l
netstat -n | grep :80 | grep SYN |wc -l

The first command will show the number of active connections that are open to your server. The number of active connections from the first command is going to vary widely but if you are much above 500 you are probably having problems.If the second command is over 100 you are having trouble with a syn attack.

netstat -anp |grep ‘tcp|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

That will list the IPs taking the most amounts of connections to a server.

use follwoing command to block a ip with iptables on server

iptables -A INPUT 1 -s IPADRESS -j DROP/REJECT

service iptables restart

service iptables save

--------OR---------------
You can place ip's which you want to block in hosts.deny

vi /etc/hosts.deny

httpd: IP

write and quit

---------------------------

Then KILL all httpd connection and restarted httpd service by using following command

killall -KILL httpd

service httpd startssl

-----------------------------------

This are all the step to check and prevent ddos on your server.

View 4 Replies View Related

Check And Verify DDOS Attack?

Jan 4, 2008

in the last couple of days we really have problem accessing web service, while ftp, ssh, work fine. While we getting connection time out, the load on the server is really load around .2 and get numerous e-mail from Cpanel that httpd is failling and try to restart.

How can i do to check and verify that there a DDOS attack?

What step can i do to possibly minimize DDOS attack?

View 14 Replies View Related

Being Ddos'd By A U.K Ddos Protection Company - Dragonara.net

Nov 7, 2008

it's come under my attention that dragonara.net has been ddosing me today since morning from the ip:
194.8.75.229

What's so ironic about it is that the ip is from a UK DDOS protection site so i'm expecting some email with their services in the next hour or so. Stay clear of them they are fakes and e-terrorists.

View 14 Replies View Related

How To Check Load Via Ssh And Check Files Causing Load

Jul 1, 2009

I would like to know how to check load via ssh and check files causing load?

I want the ssh codes for 2 different set of control panels, one with cpanel+whm and other with kloxo+hypervm

and I would also know how to check the files causing the load, such as some files could have been interrupted while processing, so they could be causing load some times, so I want to stop such processes if any are running on the vps on my friends accounts

View 5 Replies View Related

DDoS Protection Providers Vs DDoS Protection Scripts

Oct 8, 2009

I am looking for some good ddos protection providers, via protected dns. I've searched on internet, but most of them are really expensive.

Please tell me some ddos protection providers what could help me.(gige is too expensive btw).

And I found some ddos protection scripts. How can a script protected a server from ddos? A sript like CSF or DDoS deflate?

View 12 Replies View Related

How To Check VPS Os

Apr 10, 2008

i recently purchased a VPS from internetvps.com, but im not sure what OS of linux it is. How can you check the OS of the server?

View 10 Replies View Related

How To Check Ram

Jun 7, 2007

Let's say I have a VPS with 512 MBs of RAM.

How do I check in shell that this is indeed the case?

I read in some places that "top" and "free -m" and such can help.

But these gave me way more than 512.

Here is the output from my "free -m". Total shows here 3886 MBs of MEM??? That is almost 4 Gigs. Please someone explain this.

total used free shared buffers cached
Mem: 3886 3721 164 0 17 542
-/+ buffers/cache: 3161 724
Swap: 6142 2020 4121

View 4 Replies View Related

Nobody Check

Mar 20, 2007

Quote:

Nobody Check 1.0.3 Current on cPanel

Tue Mar 20 16:00:02 SGT 2007 on blue.mydomain.com
Server Load: 16:00:02 up 21 days, 14:02, 0 users, load average: 2.73, 2.20, 2.08
Warning: Malicious Nobody Process Found
=========================================
Options: kill bad proc=1 logging lvl=1

SCAN SUMMARY
========================================

Clean Processes: 57
DETECTED Malicious Processes: 1

DETECTION DETAILS
========================================

DETECTION: Process 4221 with name php and path /usr/bin/php

Process ID: 4221 has been killed
Restuls for PID: 4221
total 0
dr-xr-xr-x 3 easyzz easyzz 0 Mar 20 16:00 .
dr-xr-xr-x 291 root root 0 Feb 27 10:01 ..
dr-xr-xr-x 2 easyzz easyzz 0 Mar 20 16:00 attr
-r-------- 1 easyzz easyzz 0 Mar 20 16:00 auxv
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 cmdline
lrwxrwxrwx 1 easyzz easyzz 0 Mar 20 16:00 cwd -> /home/easyzz/public_html
-r-------- 1 easyzz easyzz 0 Mar 20 16:00 environ
lrwxrwxrwx 1 easyzz easyzz 0 Mar 20 16:00 exe -> /usr/bin/php
dr-x------ 2 easyzz easyzz 0 Mar 20 16:00 fd
-rw-r--r-- 1 easyzz easyzz 0 Mar 20 16:00 loginuid
-r-------- 1 easyzz easyzz 0 Mar 20 16:00 maps
-rw------- 1 easyzz easyzz 0 Mar 20 16:00 mem
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 mounts
lrwxrwxrwx 1 easyzz easyzz 0 Mar 20 16:00 root -> /
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 stat
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 statm
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 status
dr-xr-xr-x 3 easyzz easyzz 0 Mar 20 16:00 task
-r--r--r-- 1 easyzz easyzz 0 Mar 20 16:00 wchan

Netstat:

Environ:

Hello, I got this notification from the 'Nobody Check'.

Is there anything I need to be aware of? ..

View 3 Replies View Related

Mem Check

May 22, 2007

confirm this is only 1gig of ram?

Mem: 1034096 985128 48968 0 157944 559136
-/+ buffers/cache: 268048 766048
Swap: 2040212 160 2040052
Total: 3074308 985288 2089020

View 3 Replies View Related

CSF Security Check

Apr 20, 2009

I'm running CSF on a Cpanel server and have questions about new features in CSF

Apache Check

Check Apache weak SSL/TLS Ciphers (SSLCipherSuite)

Results

Cipher list []. Due to weaknesses in the SSLv2 cipher you should disable SSLv2 in WHM > Apache Configuration > Global Configuration > SSLCipherSuite > Add -SSLv2 to SSLCipherSuite and/or remove +SSLv2. Do not forget to Save AND then Rebuild Configuration and Restart Apache, otherwise the changes will not take effect in httpd.conf

Can someone explain this in laymen terms? I know this is new in Cpanel. I'm already running Apache 2.2, PHP 5.2.9 with suPHP enabled and mod_security as well (these rules: [url]

Also, what exactly are these CSF checks?

Check csf PT_SKIP_HTTP option
This option disables checking of processes running under apache and can limit false-positives but may then miss running exploits

Check csf SAFECHAINUPDATE option
This option closes a window of opportunity that opens when dynamic chain updates occur

View 3 Replies View Related

How To Check If The HD Is SSD Drive

Jun 11, 2009

how to check using SSH if the HD is SSD drive in a linux box?

View 1 Replies View Related

Possible To Run A Hardware Check On My VPS?

Feb 26, 2009

Is it possible to run a hardware check on my VPS?

For instance DFT (Drive Fitness Test) or Memtest?

I'm running HyperVM and WHM.

View 3 Replies View Related

How To Check IP If It Can See My Server

Apr 10, 2009

I have one client who cannot see my server and all domains on it. I;ve checked if his IP is block or not and I didn't see his IP on the apf deny host file. How to you check IP if it can see my server? I just want to make sure before calling the ISP.

View 3 Replies View Related

How To Check Flv/encoders

Jul 22, 2008

I used this script
[url]

Now, via command line how can I check that ALL these work and are enabled for example? I'm not talking about visually seeing the files there, I mean actually enabled.

View 1 Replies View Related

Unsubscore Check

Apr 11, 2008

I recently added ubl.unsubscore.com to my email server. I only have that one and the SpamHaus (Zen) activated.

I am able to see the SpamHaus listed on DNSStuff and on SpamHaus website that the person trying to email me is not listed.

So I have to think that it is ubl.unsubscore.com list. But what domain name can I enter into the browser to check this list? www.unsubscore.com does not work. A little searching led me to lashback, but the IP is not listed there either.

View 2 Replies View Related

BGP4 Check

Aug 6, 2008

You know, maybe, how to check if my provider has bgp4?

Via unix command or somnething...

View 0 Replies View Related

How Can I Check Logs

Apr 9, 2008

How can I check the logs to see if there are any errors? Can I check this via WHM?

View 6 Replies View Related

CPU Usage Check

Nov 25, 2008

Few days ago I had a problem with my httpd. I finally nailed it down and came on a conclusion that my MaxClients were set too low so I had to set it to high number and it seems like that the proble of "Network Timeout" had been resolved but now the problem is still continued. Here is what I think is wrong

Cpu(s): 1.5%us, 0.4%sy, 0.0%ni, 96.7%id, 0.3%wa, 0.3%hi, 0.8%si, 0.0%st
The 96.7%id always stays above 90% is that bad and how do i fix it?

View 3 Replies View Related

How To Check Who Is Using MySQL

Jan 29, 2007

I have a problem where mysqld is using 95 - 97% CPU usage all the time.

How can I see what user is causing this ? I have installed mytop but when I use it I get

Quote:

[root@server1 ~]# mytop
Cannot connect to MySQL server. Please check the:

* database you specified "test" (default is "test")
* username you specified "root" (default is "root")
* password you specified "" (default is "")
* hostname you specified "localhost" (default is "localhost")
* port you specified "3306" (default is 3306)
* socket you specified "" (default is "")

The options my be specified on the command-line or in a ~/.mytop
config file. See the manual (perldoc mytop) for details.

Here's the exact error from DBI. It might help you debug:

Access denied for user 'root'@'localhost' (using password: NO)

I really need to track down the culprit!

View 12 Replies View Related

How To Check Logfile

Jan 8, 2007

i just don't remember what was the command to check logfile in linux to see what was going on in my server, since i think someone hacked in to my server and i was ddos last couple days.

View 8 Replies View Related

Where To Check Name Servers And Do Who Is

May 15, 2007

Where to check name servers and do who is as dnsstuff.com
is a paid service now.

View 5 Replies View Related

Check Limits In A Vps

Nov 29, 2007

as a vps customer, how can i check processor, memory and each others resource limits in my vps which allocated for me?

View 5 Replies View Related

Root Kit Check On Vps

May 6, 2007

Am am running through a checklist of to-do's on a new VPS I just received. I haven't used it in a production environment yet.

While doing a root kit check I got these lines back that perturb me.

Checking `bindshell'... INFECTED (PORTS: 465)
Checking `lkm'... You have 103 process hidden for readdir command
chkproc: Warning: Possible LKM Trojan installed

how serious the implications are of those lines? And should I expect this on a machine that has no traffic and is a fresh install?

View 12 Replies View Related

Ports Check

Mar 7, 2007

Which command can I verify if a port is opened?

View 3 Replies View Related

How To Check Security In My VPS

Jul 11, 2007

I have 1 VPS from vpsland

Plesk 8.1 , how to check my VPS security?

View 1 Replies View Related

How To Check If An IP Is Blocked

Jul 15, 2007

One of my hosted user complained that he can't access his website nor he can ping the website. When I asked him to access my 2nd server (same datacenter), it went fine. I could be thinking that my server is blocking his IP.

How do I check if his IP is blocked?

I am using APF+BFD Iptables firewall (i don't know but i hope this make sense)

View 8 Replies View Related

Virtuozzo Check Resources

Mar 27, 2009

Is there a way on a Virtuozzo server (via. SSH) to check how much CPU or load/cpu-resources each container is using? Or some other way?

View 2 Replies View Related

How Do You Check Your Hosting Speed

Jun 3, 2009

Is there a quick way to check out how fast you are from the web host your buying..

View 14 Replies View Related

How To Check Connections To My Server

Jun 24, 2009

There use to be a thread on here but because of the wht hack, it didn't get saved...so now I can't go back to it.

It was a command in ssh that printed out a number of connections. Like 12,000 or something.

View 4 Replies View Related

HDD Check On Dedicated Server

Apr 1, 2009

What is the best way to check the HDD on new Dedicated server?

I would like to see if there is a bad sectors, etc.

fsck? or ? what is the full command that would do the job the best.

OS is Centos.

View 7 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved