It depends on how the DDoS is happening, IMO.
The netstat command should help in diagnosing such issues, along with 'ps' or top (for checking system resource utilization [cpu/mem] and the amount of resources a process or processes may be utilizing). Service logs may also help some.
Note that there is no "magic sauce" for remediating DDoS (ie, there's no solution unless you work at a very large company that has its own backbone).
Last edited by unixfool; 01-25-2011 at 08:58 AM.
|