Differences

This shows you the differences between two versions of the page.

--- internet:security:ddos [2014/02/20 18:02]
gcooper
+++ internet:security:ddos [2018/09/08 10:17] (current)
gcooper
@@ Line 2: / Line 2: @@
 See also **[[networking:firewall:csf|ConfigServer Security & Firewall (CSF)]]**
+http://www.opensourceforu.com/2011/04/securing-apache-part-8-dos-ddos-attacks/
+Good Info on SYN Flood Issue: http://security.stackexchange.com/questions/15368/syn-flooding-issue
 http://365hostingsupport.com/blog/dos-how-to-check-it/
@@ Line 8: / Line 12: @@
 http://365hostingsupport.com/blog/dos-how-to-check-it/
+===== Are You Under Attack? =====
+:!: You may want to change the port ''80'' to some other port.
+<file>
+netstat -alpn | grep :80 | awk '{print $4}' |awk -F: '{print $(NF-1)}' |sort | uniq -c | sort -n
+</file>
+Which IP address of your server is targeted by the DDoS attack:
+<file>
+netstat -plan  | grep  :80 | awk '{print $4}' | cut -d: -f1 |sort |uniq -c
+</file>
+From which IPs the attack is coming:
+<file>
+netstat -plan  | grep  :80 | awk '{print $5}' | cut -d: -f1 |sort |uniq -c
+</file>
+===== CSF Firewall =====
+https://www.supportsages.com/configure-csf-prevent-ddos-attacks/
+===== Apache Logs Viewer =====
+  * Windows Application
+  * Analyzes Apache or IIS Logs
+http://www.apacheviewer.com/index.php
 ===== DDoS Deflate =====
 http://deflate.medialayer.com/

Virtual Architects Support Wiki