Ataque DoS, question
In a nut shell, a user , experimenting , started this script:
- Code: Select all
#!/bin/bash
# Ping multiple destinations at once
args=$#
interval=$1
shift;
pktsize=$1
shift;
for (( i=3; i<=$args; i++ )); do
ping -i $interval -s $pktsize $1 > /dev/null &
shift;
done
I do not know enough about bash scripts to even know what it does,
However, DO NOT run it, the problem it has caused is they can not stop
it, even killing the process, apparently, it starts up again even after re-booting
the server,
some additional info:
- Code: Select all
ps -ef | grep pingIP | grep -v 'grep pingIP'
lausan 3317 2649 0 10:23 pts/0 00:00:00 grep --color=auto pingIP
lausan 3318 2649 0 10:23 pts/0 00:00:00 grep --color=auto pingIP
and
- Code: Select all
pkill pingIP
I have told the person to try using
'top' and see what the P id number is, and instead of
"pkill"
- Code: Select all
kill "pid number"
Any way , if anyone has some ideas, any feed back or suggestion is
appreciated, and thanks.
P.S. I am also trying to do some searches, to see what more
I can find,