What kind of attack?
#9

Quote:
Originally Posted by Lightning[SV]
Посмотреть сообщение
tcpdump is a packet capture tool which can be installed on linux systems and run from the command line.

So in the terminal:

tcpdump -nvx dst 94.242.252.29 -c 500 -w packets.cap

Would capture 500 packets to the destination ip (your server ip), and save them in a file. You can then read out the file with tcpdump or download the file to your computer and use Wireshark on Windows.

You can then see what traffic was heading to your server. Usually it would all be udp to port 7777, but in a ddos you would see significant other traffic depending on the attack type. The attacking ip's can then be reported which will reduce the effectiveness of the attack in future.

During a typical ddos your port speed is probably getting maxed, so you wouldn't actually be able to access the terminal remotely due to packetloss, so you could run tcpdump from a shell script using cron.

On linux you can also sample /sys/class/net/eth0/statistics/rx_packets to get the incoming packet rate on the server.
Wow you are a master, but I'm afraid that for this you need to have control over the Linux operating system itself, therefore you can do this in a VPS and not in the typical server hostings (like Volt-Host, Hostspree, SimplyFRAG, etc.) that only let you upload and download server files and manage the server. Am I right?
Reply


Messages In This Thread
What kind of attack? - by Ahriman - 03.07.2013, 08:45
Re: What kind of attack? - by Twizted - 03.07.2013, 08:57
Re: What kind of attack? - by Ahriman - 03.07.2013, 09:39
Re: What kind of attack? - by Lightning[SV] - 03.07.2013, 19:08
Re: What kind of attack? - by linuxthefish - 03.07.2013, 21:02
Re: What kind of attack? - by ColorHost-Kevin - 04.07.2013, 01:56
Respuesta: Re: What kind of attack? - by Gryphus One - 04.07.2013, 13:26
Re: What kind of attack? - by Lightning[SV] - 05.07.2013, 13:31
Respuesta: Re: What kind of attack? - by Gryphus One - 05.07.2013, 17:24
Re: What kind of attack? - by Lightning[SV] - 05.07.2013, 18:16

Forum Jump:


Users browsing this thread: 2 Guest(s)