Never been to TextSnippets before?

Snippets is a public source code repository. Easily build up your personal collection of code snippets, categorize them with tags / keywords, and share them with the world (or not, you can keep them private!)

Looking into DOS and DDOS Attacks (See related posts)

top -d2
netstat -nap | grep SYN | wc -l
netstat -nap | less

If there are many httpd processes showing up after step 1, you might be under attack. If you get high numbers for the second one, you are almost definitely under attack. Use the third one to see the IP addresses, and then ban them from the server:

iptables -A INPUT -s ip.address -j DROP

Also try the following for fixing stuff:
cd /dev/shm

And delete anything that's not supposed to be there.

locate bindz
locate botnet.txt
locate dc
locate kaiten
locate r0nin
locate ...
lsof | grep .,
locate mybot

You need to create an account or log in to post comments to this site.

Related Posts