Skip to main content

Posts

Showing posts from February, 2012

How to Login as Root in Ubuntu

To get started,  press Ctrl – Alt – T on your keyboard to open Terminal. Next, type the command below to create a new password for the root user.

# sudo passwd root


To test just log out from your user and login to root user with the new password you have just set.

How to Detect and Stop DDos/syn Attack in Linux

The below command will show the number of active connections open in your server. Many of the attacks typically work by starting a connection to the server and then not sending any reply making the server wait for it to time out. The number of active connections from the first command is going to vary widely but if you are much above 500 you are probably having problems. If the second command is over 100 you are having trouble with a syn attack.

# netstat -n | grep :80 |wc -l

# netstat -n | grep :80 | grep SYN |wc -l

Then  check your log for the ip address with maximum connections. The below command will show the list of hits in your access log…

# cd /var/log/httpd


# tail -n 10000 access_log|cut -f 1 -d ' '|sort|uniq -c|sort -nr|more

This will look at the currently active connections to see if there are any IPs connecting to port 80. You might need to alter the cut -c 45- as the IP address may not start at column 45. If someone was doing a UDP flood to your webserver, this would …