Join Log in
Score:0
Ruubgaming avatar Ubuntu

Connection logs from previous day

cn flag
Ruubgaming

I have a problem. I have a vps running Ubuntu server that got ddossed yesterday and I would like to know what ip address it was coming from. We have an ip that we think might be the ddos, but we don’t know for sure.

23
0 + 0
ip
Artur Meinild avatar
vn flag
Artur Meinild
What about `/var/log/auth.log`?
1
Reply
FedKad avatar
cn flag
FedKad
If you had a firewall like UFW on during that time, you may look at the UFW log entries.
1
Reply
Score:1
avatar Ubuntu
us flag
Paul van Eijden

That really depends on the method of ddoss-ing that was used. You could ping your machine to death or use some DNS exploit, and unless you have some kind of ICMP-logging turned on (not default, not recommended either) it's very hard to find out on the OS level (say, on Ubuntu).

In some countries ddoss-ing is an offence and you could report it to the police also. Don't expect them to find out quickly though, or even pick up the report.

The recommended way of finding out is working together with your hosting provider where you rented the VPS and ask them to check on the router for logs where the ddoss was coming from.

0 + 0
Artur Meinild avatar
vn flag
Artur Meinild
I would also say router or firewall logs is the best bet.
1
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.