analyzing the attack

If your server is currently under DDoS attacks please do a packet capture with this tutorial and send it back to us:

Linux :

install tcpdump use yum or apt example : yum install tcpdump or apt install tcpdump

tcpdump -nn -vvv -c 10000 -w ddos-`date +%F_%T`.pcap

Windows:

• Enter the following command.

netsh trace start capture=yes

 

• When completed, run the following command.

netsh trace stop

 

then download : etl2pcapng

Convert etl generated file to pcap :

etl2pcapng.exe in.etl out.pcapng

 

this way it will be faster for us to analyze the attack and block it.