Pre-analysis of a DDOS attack on a Cpanel or Linux server
Determine the nature of the attack (SYN, GET, ect): netstat -nat | awk ‘{print $6}’ | sort | uniq -c The following will list all the IPs connecting to the server in order of most connections. netstat -plan|grep :80|awk {‘print $5’}|cut -d: -f 1|sort|uniq -c|sort -nk 1 We can see which domains are most active […]