I'd really appreciate some help on this since someone is ddosing or doing something to cause our server to overload. It happens once a day and always from the same isp. I've reported it to abuse email of this isp but they don't seem to care.
It happens once a day. And when I am there to see it I can do a netstat command to see which ip has to many connections and block it with csf firewall, server load goes down within a minute.
But I can't always be there and if I am not this could halt the sites for some time. So I'd like to set up a cron that would execute every minute and check if this is happening and block the ip.
Here is the command I ran to see which ips have a lot of connections:
it gives a list of ips with number of connections in front. Example:
This ip that is causing a problem always start with same numbers in the beginning.
As in
92.6x.xx.xx
So what I was hoping to achieve is the script that would execute that netstat command above, grep the ip that has over 50 connections and starts with 92.6
and do "csf -d 92.6x.xx.xx" to block it.
I know there is already something like this out there called ddos deflate but I've tried it and it created other issues so I'd need something that would only block ips with too many connections that are in specific ip range.
Could you help me writing a script showing which network connections are currently active?
Means output should be something like:
"eth0, wlan1, wlan3"
Problem:
The output is supposed to happen on a 16x2 LCD Display.
Currently I am doing a "Ifconfig" as output, but its too fast for the... (2 Replies)
Hello, one US IP having 1700+ connections when doing:
netstat -tn 2>/dev/null | grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr | head
1780 *
... *
... *
i want to ask how to debug what this IP does? (3 Replies)
Hello,
I want to use shell script to generate network files (I tried with python but its taking too long).
I have a list of nodes:
node.txt
LOC_Os11g37970
LOC_Os01g07760
LOC_Os03g19480
LOC_Os11g45740
LOC_Os06g08290
LOC_Os07g02800
I have an edge-list as well: edge.txt
Source_node ... (2 Replies)
hello ,
I need to check how many parallel ssh connections my server can take the load of.
I need to login to different host which i am planning to read from a file and then a write a loop which will do parallel ssh.
Please provide suggestion on how i can write script for the same.\
Thank... (1 Reply)
Hi ,
I have to create a db2 connection for the while loop in shell scripting.
Below is the connection for DB2 I have to establish
connect to TABLESCHENMA user $USERID using $PASSWORD
Below is the while loop.
while read TABLE; do
db2 LOAD CLIENT FROM
$DIRECTORY/$TABLE.ixf OF ixf INSERT... (1 Reply)
I am using AIX 5.3, its a application server, i am giving the support of OS & Hardware only, now i want to check how many connections are connected to my server, means how many people using my server.:confused: (4 Replies)
Dear All ,
I'm looking for a unix script that will monitor the TCP/IP connections between two physical ip addresses and when it dectes an IP is down it generates an alarm and sends SMS to mobile numbers.
Can any one help, I need this urgently.
Waiting for positive replies..
... (3 Replies)
Hi,
I am trying to figure out how to test to see if a server is accepting telnet connections via a script.
I have several remote MPE servers that are set in single user mode (and hence not accepting telnet connections), for their backups, I want to try and automate a test (from a unix... (0 Replies)
Hello All,
I have 2 qries about X connections on HP-UX :
1.How/where to determine whether "X connections" to the server are controlled.
2. How/where to determine whether "X11 connection" are tunnelled via ssh.
3. How/where to determine the "Time in minutes before unattended X terminals... (0 Replies)