How to check if My Server is Under DDOS Attack

 First of all, before diving into how to detect the DDOS attack step, lets us first know what a DDOS attack is and how it affects your server system. 

Brief Explanation About DDOS Attack 

DDOS Stands for distributed denial of service attack. In a DDOS attack, the attacker sends a large amount of traffic to the targeted host to prevent it from running smoothly and effectively. The malicious attackers tend to induce bots into the system. These bots are controlled by malicious attackers and are specially designed to perform specific tasks. 


Their task is to flood the server with a large amount of garbage data, which results in going down of your website server, sometimes of might face a website timeout error, database connection error, Email sending and receiving failure, or sometimes RAM/CPU overload. 


Well, In this article, we will discuss how to detect DDOS attacks on Windows and Linux systems. First, have a look at

How to Detect DDOS Attack on Windows System 

1. First of all, log in to your server Via RDP 


2. Then go to the start option and open run and type cmd and hit enter. A command prompt will open in front of you.

3. Then enter/type netstat-noa to view all the network connections of your system 


Let me give you a brief explanation of the netstat-n, netstat-o, and netstat-a command means.  


  • Netstat-n - This command shows all the active TCP connections of your system, which includes the IP Address and port no details 

  • Netstat-o - This command shows all active TCP connections, including the process ID of all connections to your system. 

  • Netstat-a - This command shows all active TCP connections, including the TCP/UPD ports on which the system is been running. 


Now as you got to know about how we can detect DDOS attack on Windows system, let us have a look on how to check DDOS attack on Linux system.

How to detect DDOS attack on Linux system

1. Log in to the Linux server using SSH. 


2. Then Run the command given below to find out the IP address connected to the Linux server. 


# netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c


3. After that, run the below command to find out the source IP address and the number of connections of the same IP address to your Linux system. 


# netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n


4. Then run the command given below to check the active TCP connection on port 80. 


# netstat -n | grep :80 |wc -l


5. In between, if you see an IP address with too many connections, it can be an attacker's IP address. You can also block using the below command 


# route add IP address reject


If you want to block you can also block it by using the IP tables on a Linux machine. 

Conclusion 

Well, we hope you have got some idea of how to find and safeguard your server from DDOS attack. Well we hope now you are completely ready like a shield to safeguard your website from DDOS attacks. 

Comments

Post a Comment

Popular posts from this blog

How to Fix the 504 Bad Gateway Timeout Error?

  As you know the internet is a game of fast and relevant responses by giving the user the proper information. Here a network gets interconnected between the computers which communicate regularly. In this process to provide information on computer flashes information, and the other catches the information and sends a fast response. This is how communication happens between the networks.  But now the thing is that, have you ever faced a situation when your computer lacked to provide you with information? Yes, so this situation is probably called 504 Bad Gateway. This error indicates that the server from which the information was requested is incapable to process the request and, sadly, returning back to the requesting server.  So as you have got to know some idea about 504 bad gateway let us now take both cases, Like how to fix the 504 error as a visitor and another is how to fix the 504 error as a website owner. Let's have a look one by one  How to Fix the 504 error as a Visitor  W
Read more

What are the types of Domains - Detailed Guide

  As we all know, every website is hosted by different domains, and each website has its domains individually. Choosing a perfect domain is the most important part of web hosting because a domain name represents what your website is all about . so before diving into the types of domain name, let us first understand what domain name is.  What is a Domain Name? A domain name is a major part of the internet infrastructure. It is the web address of any website which is understood universally. A domain appears in the website address bar. A domain name tells what the website contains off. Usually, domain names are purchased by different website owners to show cast their website in the front of the online world. A domain name is an IP address that connects your computer to the servers. Domain names should be always unique and easy to remember. When you buy a domain name , you should always keep in mind to keep an easy to remember name so people can easily connect with your business.     There
Read more

Why domain privacy is important?

Introduction  When you register a domain name with any provider, you might have seen that one of the first things they would ask is whether you need domain privacy protection or not as an add-on to your domain. So as you are spending a lot of amount on the domain, you might also want to know whether domain privacy is a better and a good option to spend money or not. So now, before diving into the details of domain privacy, let us first know what domain privacy protection is Domain name privacy protection  Domain name protection, also known as WHOIS protection, is a service the hosting registrar provides to hide your personal contacts being displayed to the public in the WHOIS directory. Every time while registering domain name , the register checks the WHOIS dictionary to check the new website owner and ensure their details. You might not know, but the WHOIS dictionary is being maintained by the ICANN ( Internet Corporation for Assigned Names and Numbers). They require information such
Read more