netstat -an grep -i “伺服器ip地址:80″ awk ‘’{print }'’ sort uniq -c sort -n
netstat -an grep "SYN" wc -l
這個命令會自動統計Tcp串連各個狀態的數量,如果SYN_RECV很高的話,就不能排除有基於tcp協議的ddos攻擊的可能,這個時候可以開啟tcp_syncookies,輸入如下命令
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
如果沒有 /proc/sys/net/ipv4/tcp_syncookies說明你的核心不支援,需要重新編譯核心
同時 降低syn重試次數
echo 1 > /proc/sys/net/ipv4/tcp_syn_retries
echo 1 > /proc/sys/net/ipv4/tcp_synack_retries
加大syn_backlog,以保證使用者的訪問(消耗記憶體為代價,設的太高。。)
echo “2048″ > /proc/sys/net/ipv4/tcp_max_syn_backlog
如果還是不行,那麼只能交給相應的硬體防火牆了。
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
