Created
October 24, 2017 18:46
-
-
Save deviousway/90147c26495976243b57632872b55988 to your computer and use it in GitHub Desktop.
DDOS analize/protection with tcpdump
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # -i $INTERFACE -v -n -c $Number_of _packets -w attack.log dst port 80 | |
| tcpdump -i eth0 -v -n -c 500 -w attack.log dst port 80 | |
| #After you can analise | |
| tcpdump -nr attack.log |awk '{print $3}' |grep -oE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}' |sort |uniq -c |sort -rn | |
| #show only Top-20 | |
| tcpdump -nr attack.log |awk '{print $3}' |grep -oE '[0-9]{1,}.[0-9]{1,}.[0-9]{1,}.[0-9]{1,}' |sort |uniq -c |sort -rn | head -20 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment