A, killall -0 and kill -0
#yum install -y psmisc(安装killall) # killall -0 httpd (进程不存在就找不到) httpd: no process found # systemctl restart httpd # killall -0 httpd # kill -0 2539 # systemctl stop httpd # kill -0 2539 -bash: kill: (2539) - No such process
Two, SSH port forwarding to realize
The access port 9200 sent to the machine (192.168.1.15) is forwarded to the port 9200 of 192.168.1.19
#ssh -p 22 -C -f -N -g -L 9200:192.168.1.19:9200 ihavecar@192.168.1.19
Remember: the premise is to conduct secret key transmission.
After command execution, access 192.168.1.15:9200 port access is the real 192.168.1.19:9200 port.
Third, look for the highest number of 80 requests before 20 IP ports
Sometimes the service request volume suddenly go up, so this time we can see the request source IP case, if it is concentrated in a few IP, then probably there is aggression, we use a firewall can be banned. Command is as follows:
# Netstat -anlp | grep 80 | grep tcp | awk ' {print $ 5} ' | awk -F: ' {print $ 1} ' | black | uniq -c | black NR | head -n20
Four , see tcp connection status
View 80 designated port tcp connection status, help analyze the connection is released, or the state analysis attacks.
# netstat -ant | awk '{print $6}'|sort | uniq -c|sort -rn
Fifth, find out the current system of higher CPU usage of the process
Operation and maintenance in many cases, we find that CPU consumes more serious, so how can you find out the CPU consumption of the process to sort it?
# PS -aux | the Sort -rnk 3 | head - 20 ( 3 transducer 4 for memory)