View the number of connections for all 80 ports
Copy Code code as follows:
Netstat-nat|grep-i "80″|wc-l
to sort the connected IP by number of connections
Copy Code code as follows:
Netstat-ntu | awk ' {print $} ' | Cut-d:-f1 | Sort | uniq-c | Sort-n
View TCP connection Status
Copy Code code as follows:
Netstat-nat |awk ' {print $} ' |sort|uniq-c|sort-rn
Netstat-n | awk '/^tcp/{++s[$NF]}; End {for (a in S) print A, s[a]} '
Netstat-n | awk '/^tcp/{++state[$NF]}; End {for (key) print key, "\ T", State[key]} '
Netstat-n | awk '/^tcp/{++arr[$NF]}; End {to (k in arr) print K, "\ T", arr[k]} '
Netstat-n |awk '/^tcp/{print $NF} ' |sort|uniq-c|sort-rn
Netstat-ant | awk ' {print $NF} ' | Grep-v ' [A-z] ' | Sort | Uniq-c
View the 20 IP with the highest number of 80 port connections
Copy Code code as follows:
Netstat-anlp|grep 80|grep Tcp|awk ' {print $} ' |awk-f: ' {print $} ' |sort|uniq-c|sort-nr|head-n20
Netstat-ant |awk '/:80/{split ($5,ip, ":"); ++a[ip[1]]}end{for (i in A) print A,i} ' |sort-rn|head-n20
Use tcpdump to sniff 80-port access to see who is the tallest
Copy Code code as follows:
Tcpdump-i ETH0-TNN DST Port 80-c 1000 | Awk-f "." ' {print $1″. ' $2″. " $3″. " $} ' | Sort | uniq-c | Sort-nr |head-20
Find more time_wait connections
Copy Code code as follows:
Netstat-n|grep Time_wait|awk ' {print $} ' |sort|uniq-c|sort-rn|head-n20
Find more SYN connections
Copy Code code as follows:
Netstat-an | grep SYN | awk ' {print $} ' | Awk-f: ' {print $} ' | Sort | uniq-c | Sort-nr | More
