«
»

简单几条命令检测DDoS攻击


摘录自:http://www.lunarforums.com/vps_hosting_at_lunarpages/useful_linux_scripts_lsof_ps_fuser_netstat-t41474.0.html

# netstat -anp |grep ‘tcp\|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

 1 123.122.9.23
 1 64.233.169.101
 1 72.14.204.83
 2 72.14.204.17
 4 210.192.100.178
 6 0.0.0.0

# netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr

5 210.192.100.178
4 72.14.204.17
3 64.233.169.132
2 72.14.204.99
2 64.233.169.118
1 64.233.169.101
1 123.122.9.23

# netstat -ntu | grep -v TIME_WAIT | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr

4 72.14.204.17
3 210.192.100.178
1 64.233.169.101
1 123.122.9.23

# netstat -an | grep :80 | awk ‘{print $5}’ | cut -f1 -d”:” | sort | uniq -c | sort -n 

1 64.233.169.118
1 74.125.53.101
2 64.233.169.132
3 72.14.204.99
7 210.192.100.178
分享家:Addthis中国
您可能还对以下文章感兴趣

, , ,

This entry was posted on 2010年05月30日, 11:32 上午 and is filed under Linux, 安全技术, 网络技术. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.