Check for DdoS Attack

netstat -n -p | grep SYN_REC | sort -u

root@server [~]# netstat -n -p | grep SYN_REC | sort -u
tcp 0 0 64.150.187.59:443 223.104.25.3:37928 SYN_RECV -
tcp 0 0 64.150.187.59:443 223.104.25.3:46616 SYN_RECV -
tcp 0 0 64.150.187.59:443 223.104.25.3:50443 SYN_RECV -
tcp 0 0 64.150.187.59:443 223.104.25.3:57853 SYN_RECV -
tcp 0 0 64.150.187.59:443 59.42.206.20:51194 SYN_RECV -
tcp 0 0 64.150.187.59:80 113.13.107.40:20478 SYN_RECV -
tcp 0 0 64.150.187.59:80 114.94.249.36:31196 SYN_RECV -
tcp 0 0 64.150.187.59:80 115.225.79.191:65328 SYN_RECV -
tcp 0 0 64.150.187.59:80 115.52.213.238:63001 SYN_RECV -
tcp 0 0 64.150.187.59:80 116.1.52.150:13610 SYN_RECV -
tcp 0 0 64.150.187.59:80 116.204.102.195:25455 SYN_RECV -
tcp 0 0 64.150.187.59:80 116.252.36.202:8318 SYN_RECV -

More info:
http://www.cisco.com/c/en/us/support/docs/security-vpn/kerberos/13634-newsflash.html

Leave a Comment