defense DDOS attack in centos

Posted on | By | No comments

Use the following command to check attack IPs

netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

You may get ip lists like this

1 114.226.9.132
1 174.129.237.157
1 58.60.118.142
1 Address
1 servers)
2 118.26.131.78
3 123.125.1.202
3 220.248.43.119
4 117.36.231.253
4 119.162.46.124
6 219.140.232.128
8 220.181.61.31
2311 67.215.242.196

You can see 67.215.242.196 connect 2311 times.

 

DDoS deflate+iptables

 

Category: linux | Tag:

Leave a Reply