GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  DOSDETECTOR (1)

NAME

dosdetector - detect IP’s which generates unwanted data in network

CONTENTS

SYNTAX

dosdetector [options]

DESCRIPTION

Dosdetector detect suspicious IP in network data by scoring IP by packets which matches scoring rule.

OPTIONS

-i <interface>
  Use specified <interface>.
-f <bpf tcpdump filter>
  Capture data which only match bpf filter.
-s <file>
  Use scoring rules loaded from <file>.
-l <file>
  Make output to <file>.
-a Addative logile.
-r <time>
  Report refresh <time> in seconds. Default 1s.
-w <points>
  Score limit which cause ddos warning. Default 100pts.
-c <points>
  Score limit which cause ddos critical. Default 300pts.
-t Add timestamps to outputs.
-P <stop after receiving X packets>
-T <stop after X time>
-C <net/mask>
  Counts points only for hosts from network.
-p Counts points only for hosts from private network classes.
-q Quiet mode. Print only critical IP without score.
-R <rhost:rport>
  Redirector address, rhost stands for ip and rport for port number.
-R <format>
  Redirector output format. Possible choices are : ipnat.
-d Run as daemon.
-h Display help.
-v Display version.
 

RULES

<rule type> proto <protocol> from <ip> port <port> to <ip> port <port> flags <flag> score <pts>
<rule type> proto <protocol> from <ip> port <port> to <ip> port <port> score <pts>
<rule type> proto <protocol> from <ip> to <ip> score <pts>
rule type - quick | normal
proto - tcp | udp | icmp
ip - IP address in format xxx.xxx.xxx.xxx/xx or any
port - single port or port range xx-xx
flags - FIN | SYN | RST | PUSH | ACK | URG
pts - number of points assigned to rule
 

EXAMPLES

dosdetector

AUTHORS

Krzysztof Pawlowski <msciciel@darkzone.ma.cx>

SEE ALSO

traffic(1)

Search for    or go to Top of page |  Section 1 |  Main Index


Krzysztof Pawlowski DOSDETECTOR (1) 0.1

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.