How to Check If Your Windows Server Is Under DDOS Attack

March 16, 2017 / How-to Guide
If you have a Windows server and there is a load on the server or the server goes down, your server can be attacked. Below are some common problems encountered when a server is  DDOS attacked.
  • Site keeps loading.
  • SQL connection timeout .
  • Site timeout error.
  • Unable to send or receive emails.
If you are facing such problems or all server resources and ports are inaccessible, then your server may be under a DDOS attack.
 

Steps to Check if the Windows server in under DDoS attack.

NETSTAT is a command line utility. It shows current TCP/IP network connections as well as protocol statistics in a system.

The command “NETSTAT” is used to find the current network connections.
 
  1. Open the Command Prompt
  2. Check how many connections are made on your server by typing command

    netstat –ano

    Now, Here
    a – Shows all connections and listening ports.
    n – Shows port numbers and addresses in numerical value.
    o – this shows the owning process ID associated with every connection.
    The command ” netstat -ano > netstat.txt ”  creates a txt file naming as “netstat.txt”
    This file will lists all the listening ports and their corresponding IP connections.

  3. By using the below command,  check the total number of connections at port 80
    netstat -ano | find /i /c “:80”
    netstat -ano | find /i “80”

  4. Now check the IP address that has maximum connections at port “80” and output the result to another file.

  5. Check the IP with maximum connections and block its access using IP security policy.

  6. Now, how do you check the number of connections made from a specific IP? To check the number of connections made from a specific IP, you can run the following command.
    netstat -ano | find /i /c “IP Address”

Using the above commands you can easily find out if your Windows server is under attack or not.

If you suspect your server is being attacked, block traffic from the attacking IP addresses or contact your hosting provider.

Spread the love
Dominos Search