Posts Tagged ‘ddos’

This is a collection of commands i found on the net and wrote them on a executable file to monitor connections on my server

echo "List count of number of connections the IPs are connected to the server using TCP or UDP protocol."
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n ;

echo "How many active SYNC_REC are happening on the server.Less than 5 is OK."
netstat -n -p|grep SYN_REC | wc -l

echo "List out the all IP addresses involved."
netstat -n -p | grep SYN_REC | awk '{print $5}' | awk -F: '{print $1}'

echo "List out the all connections to port 80."
netstat -n -a -p|grep :80

echo "Which ip's are having more connection to 80 port."
netstat -anp | grep :80 | awk '{print $5}' | sort | uniq -c | sort -n