Categories
Backup/Restore
4
CloudLinux (cPanel)
10
cPanel - Control Panel
24
Databases
11
Dedicated Servers
15
DirectAdmin
48
DNS - Nameservers
6
Domain Management
10
Email
17
FTP
9
Installing a Control Panel
6
Mail Filters & SPAM
8
Mobile
11
Others
3
PayPal
7
Plesk
47
Security
10
SiteWorx/InterWorx
58
Softaculous
69
SolusVM 1
18
SolusVM 2
16
SSL
5
Virtualizor
19
WHM
18
WordPress
17
Categories
Tag Cloud
NETSTAT COMMANDS VIA SSH Print
- 0
I use the netstat command in two different ways - "netstat -antpee" - without the quotes of course for micro IP connection reports and - "netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n" - which is for Macro management
netstat -antpee shows individual connections which is great for micro management and also indicates which port they are connected or trying to connect to.
netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n - shows all the connected IP's and the very first number in the line shows how many connections each IP is occupying.
In your example - the last few lines is: 41 108.27.17.30 - which indicates 41 connections from IP 108.27.17.30
Though the IP itself does not indicate malicious activity - one would wonder what the need for 41 connections is about.
Was this answer helpful?
Related Articles
WHAT WE MANAGE AND FIREWALL FALSE POSITIVES
Relevant to dedicated servers and answering an inquiry from a dedicated server client:Certainly...
ADDING MEMCACHED TO CENTOS 6.5+ AND CENTOS 7+
Step 1: SSH into your server and fire this command yum install memcached.x86_64 Step 2: Next...
APACHE NOBODY ATTACK SCRIPT
The Apache Nobody attack script is useful in stopping those that are victims of Apache Nobody...
BOOT PARTITION FILLING UP
The boot partition can fill up with excess kernels causing the system to crash if the boot...
CLOUDFLARE RAILGUN SERVER INSTALLATION
Installing CloudFlares RailgunThe following tutorial considers that one is already a CloudFlare...
