Originally Posted by ServerManagement
Try checking the bandwidth graphs to see if there is any abnormal spike in traffic, that is a quick way to determine the trend.
Also, try the following specific commands to check the http traffic
netstat -n | grep :80 | grep SYN | wc -l
netstat -n | grep :80 | wc -l
That counts the connections to give you an idea of what is going on
Good info there, and i may add there are some "watcher" scripts you can find that will watch for and block, permanent or temporarily, the offending traffic.
In apache itself, you can also limit the connections...usually if a DDOS attack isn't getting good response, they will go elsewhere...doesn't make sense to attack or us a bounce site that doesn't reply.