(D)DoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections. It is one of the simplest and easiest to install solutions at the software level.
Check DDOS Attack.count IPv4 connections per IP
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
Check DDOS Attack.Number of connections to port 80
# netstat -plan | grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
Check DDOS Attack.count IPv4 connections per IP
# netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | sed s/::ffff:// | cut -d: -f1 | sort | uniq -c | sort -n
Find PORT_FLOOD attacker to the server
# cat /var/log/messages | grep 'Port Flood' | awk '{print $13}' | sed 's/SRC=//g' | sort | uniq -c | sort -n
Find all files with root SUID or SGID executables
# find / -type f \( -perm /4000 -a -user root \) -ls -o \( -perm /2000 -a -group root \) -ls
List top 20 IP from which TCP connection is in SYN_RECV state.Useful on web servers to detect a .
# netstat -pant 2> /dev/null | grep SYN_ | awk '{print $5;}' | cut -d: -f1 | sort | uniq -c | sort -n | tail -20
Command to find sorted memory usage in server
# ps aux | awk '$11!~/\[*\]/ {print $6/1024" Mb --> "$11,$12,$13,$14}' | sort -g
Command to free the cache memory
# echo 3 > /proc/sys/vm/drop_caches
Print IP of Attackers
# egrep 'Failed password for invalid' /var/log/secure | awk '{print $13}' | uniq
To get tables with innodb as engine
#mysql -N mysql -e "SELECT table_schema, table_name FROM INFORMATION_SCHEMA.TABLES WHERE engine = 'innodb';" | awk '{print $1}' | sort | uniq
To get the statistics of Mysql running queries
# mysqladmin -i 5 -r status
Shows files sorted by date recursively in a directory, so you can find all new files
# find . -printf '%T@ %c %p\n' | sort -k 1n,1 -k 7 | cut -d' ' -f2-
To change the TTL value for all the db files.
1. SSH to old server as root
2. cd /var/named
3. perl -pi.bak -e "s/14400/399/g" *.db
4. /etc/rc.d/init.d/named restart
Rsync command
# rsync -e "ssh -p 8496" -avz /home/cpmove-custome1.tar.gz root@nyerere.web4africa.net:/home/
Mysql load decreasing
# for i in `mysqladmin proc | grep gurusloa_wizkid | awk '{print $2}'`; do mysqladmin kill $i;done
Command to count no of files in a location
# find . -xdev -type f | cut -d "/" -f 2 | sort | uniq -c | sort -n
Troubleshooting wait average [Amount of time the CPU has been waiting for I/O to complete.]
# for x in `seq 1 1 10`; do ps -eo state,pid,cmd | grep "^D"; echo "----"; sleep 5; done
To find the number of mails sent by each accounts with path if any.
# grep "cwd=" /var/log/exim_mainlog|awk '{for(i=1;i<=10;i++){print $i}}'|sort|uniq -c|grep cwd|sort -n
To find the number of mysql queries by a cpanel user
# mysqladmin pr | cut -d'|' -f5 | sort | uniq -c | sort -n
To get the virtual memory usage by each process
# ps -e -o pid,vsz,comm= | sort -n -k 2 # sar -S top command and press the key (<) 4 times
# service stor_agent stop stopping Adaptec Storage Manager agent ...
Mysql grant all privileges command
mysql> grant all privileges on database_name.* to 'db_user'@'localhost' identified by 'anythingstrong';
To Edit the password of joomla or Mysql admin
# UPDATE `rhezonc1_r`.`jn1iq_users` SET `password` = MD5( 'somethingstrong' ) WHERE `jn1iq_users`.`id` =43;
Command to view the users with no of php process
#for i in {1..10} ; do ps aux | grep php | awk '{print $1}' | sort | uniq -c | sort -n; echo "---------" ; sleep 5; done
Command to see php processes continuosly
# for i in {1..10} ; do ps aux |grep php | grep olandowe; echo "---------" ; sleep 5; done
Command to view the number of queries for a database and username
# mysqladmin pr | gawk -F '|' '{print $5 $3}' | sort | uniq -c | sort -n
Exim command to delete mails in queue to a specific email account, with from as < >
# exim -bpu | grep -B 1 mail@todelete.com | grep -v mail@todelete.com | awk '{print $3}' | xargs exim -Mrm
Commands to calculate the sum
# awk '{s+=$1} END {print s}' mydatafile # paste -sd+ mydatafile|bc # sum=0; while read num ; do sum=$(($sum + $num)); done < numbers.txt ; echo $sum # perl -lne '$x += $_; END { print $x; }' < infile.txt
Why Apache is not starting
# strace -Ff -o output.txt -e open /etc/init.d/httpd start
Multiple Skype
Press Alt + F2 then add the command skype --secondary
If this not worked then please try the below one
# cp -r ~/.Skype ~/.Skype.first # cp -r ~/.Skype ~/.Skype.second # sudo apt-get install --no-install-recommends gnome-panel # mkdir myapps # gnome-desktop-item-edit ~/myapps/ --create-new Now type in the command field the following command: skype --dbpath=~/.Skype.first # gnome-desktop-item-edit ~/myapps/ --create-new skype --dbpath=~/.Skype.second
No comments:
Post a Comment