Repost: Automatic Backup of Running KVM Virtual Machines
A tutorial for implementing an automatic backup of running KVM virtual machines.
Login to your server as root and fire the following command, using which you can check if your server is under DDOS attack or not:
netstat -anp |grep ‘tcp\|udp’ | awk ‘{print $5}’ | cut -d: -f1 | sort | uniq -c | sort –n
This command will show you the list of IP’s which have logged in is maximum number of connections to your server.
ddos becomes more complex as attackers use fewer connections with more number of attacking IP’s.In such cases, you should get less number of connections even when your server is under ddos.One important thing that you should check is the number of active connections that your server currently has.For that execute the following command:
netstat -n | grep :80 |wc –l
The above command will show the active connections that are open to your server.
You can also fire the following command :
netstat -n | grep :80 | grep SYN |wc –l
Result of active connections from the first command will vary but if it shows connections more than 500, then you will be definitely having problems. If the result after you fire second command is 100 or above then you are having problems with sync attack.
Once you get an idea of the ip attacking your server, you can easily block it.
Fire the following command to block that ip or any other specific ip:
route add ipaddress reject
Once you block a paricular IP on the server, you can even crosscheck if the IP is blocked or not
by using the following command:
route -n |grep IPaddress
You can also block a IP with iptables on the server by using the following command.
iptables -A INPUT 1 -s IPADRESS -j DROP/REJECT
service iptables restart
service iptables save
After firing the above command, KILL all httpd connection and than restart httpd service by
using following command:
killall -KILL httpd
service httpd startssl
As a system administrator acquires more and more systems to manage, automation of mundane tasks gets quite important. Many administrators adopted the way of writing custom scripts, that are simulating complex orchestration software. Unfortunately, scripts get obsolete, people who developed them leave, and without an enormous level of maintenance, after some time these scripts will end up unusable. It is certainly more desirable to share a system that everyone can use, and invest in tools that can be used regardless of one’s employer. For that we have several systems available, and in this howto you will learn how to use one of them – Puppet.
Puppet is an automation software for IT system administrators and consultants. It allows you to automate repetitive tasks such as the installation of applications and services, patch management, and deployments. Configuration for all resources are stored in so called “manifests”, that can be applied to multiple machines or just a single server. If you would like to know more information, The Puppet Labs site has a more complete description of what Puppet is and how it works.
Recent Comments