Linux – Blocking bad IPs

This is more an informational post for myself, but here’s some nifty commands that help debug what’s going wrong on a server when things aren’t going right.

netstat -t
netstat -tn

These are good for watching WHO is hitting your server and what their IP is. netstat -tn shows the unresolved address, so you should get the IP’s of possible spammers

Once you’ve got the IP(s) you can block them with iptables like so:

iptables -I INPUT -s <IP ADDRESS> -j DROP

Another good tool for watching network traffic is iftop. You’ll need to install this one via Yum or Apt though:

Β iftop -N -i eth0

1__ssh

And for overall machine health, nothing beats good old htop! Ahh, CPU usage back to normal.

1__ssh

0 comments