linux 检测ddos 攻击的命令

# netstat -anp |grep ‘tcp\|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -n

 1 123.122.9.23

1 64.233.169.101
1 72.14.204.83
2 72.14.204.17
4 210.192.100.178
6 0.0.0.0

# netstat -ntu | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr

5 210.192.100.178

4 72.14.204.17
3 64.233.169.132
2 72.14.204.99
2 64.233.169.118
1 64.233.169.101
1 123.122.9.23

# netstat -ntu | grep -v TIME_WAIT | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort -nr

4 72.14.204.17

3 210.192.100.178
1 64.233.169.101
1 123.122.9.23

# netstat -an | grep :80 | awk ‘{print $5}’ | cut -f1 -d”:” | sort | uniq -c | sort -n

1 64.233.169.118

1 74.125.53.101
2 64.233.169.132
3 72.14.204.99
7 210.192.100.178