analyzing the attack
If your server is currently under DDoS attacks please do a packet capture with this tutorial and send it back to us:
install tcpdump use yum or apt example : yum install tcpdump or apt install tcpdump tcpdump -nn -vvv -c 10000 -w ddos-`date +%F_%T`.pcap
- Enter the following command.
netsh trace start capture=yes
- When completed, run the following command.
netsh trace stop
then download : etl2pcapng
Convert etl generated file to pcap :
etl2pcapng.exe in.etl out.pcapng
this way it will be faster for us to analyze the attack and block it.