Ddos on dns
Posted: Wed Sep 25, 2013 9:02 am
Shows the number of denied dns queries to the server from the specific external Ip address
Top denied queries sorted by domains:grep -i named /var/log/messages | grep -i Sep\ 23| grep denied | awk '{ print $7 }'| cut -d \# -f 1 | sort | uniq -c | sort -n -r | head -n 5
grep named /var/log/messages | grep denied | awk '{print $12}' | sort | uniq -c | sort -n -r | head