May 102014

Your server appearing pretty slow could be many things from wrong configs, scripts and dodgy hardware – but sometimes it could be because someone is flooding your server with traffic known as DoS ( Denial of Service ) or DDoS ( Distributed Denial of Service ).

Denial-of-service attack (DoS attack) or Distributed Denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. This attack generally target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. DoS attacks are implemented by either forcing the targeted computer to reset, or consuming its resources so that it can no longer provide its services or obstructs the communication media between the users and the victim so that they can no longer communicate adequately.

In this small article you’ll see how to check if your server is under attack from the Linux Terminal with the netstat command

Continue reading »

flattr this!

Feb 152013

As I wrote more than 2 years ago, the network tools (often referred as net-tools) ifconfig, netstat and route that should be familiar to anyone that has worked with a terminal, have been deprecated in favour of the iproute2 suite from some years.

iproute2 is intended to replace this entire suite of legacy Unix networking tools that were previously used for the tasks of configuring network interfaces, routing tables, and managing the ARP table, but which have not been developed since 2001.

You can find some examples of the usage of the iproute commands on my articles about:

- Policy routing
- Socket Statistics on Linux
- MAC Address Managment on Linux

And today I want to share with you some of the most useful commands that you can use with this “new” suite of commands and the translation of some old commands that we were all used to use on the terminal.
Continue reading »

flattr this!

Sep 072011

Article by Dominique Cimafranca first published on his blog regarding Ubuntu, and Linux in general.

A simple but effective procedure for evaluating security on your computer is to check what sites it’s connecting to, or what sites are connecting to it. Most critical malware nowadays turn computers into zombies for botnets — typically zombified hosts will connect to a central server using IRC. Or it could be that you’re inadvertently running a program that’s listening for Internet requests. In any case, it’s good to check these connections.
Continue reading »

flattr this!

CLI tools for Network analysis 2

After ping, telnet and dig we continue to see other useful tools for network analysis done by the command line. Traceroute traceroute is a computer network tool used to show the route taken by packets across an Internet Protocol (IP) network. An IPv6 variant, traceroute6, is also widely available. The traceroute tool is available on [...]