How to count the number of SYN, ACK, or SYN-ACK in a second?

Question

I want to make a DDoS SYN Flood Detection, so i need to count the number of SYN, ACK, or SYN-ACK packet per second.

score 1 · Answer 1 · answered Jul 19 '16 at 08:47

1

I believe

netstat -s

will be your friend.

If you are looking for a switch level service, you can use sflow/netflow to collect data and send them to the collector.

answered Jul 19 '16 at 08:47

Yarik Dot

score 0 · Answer 2 · answered Jul 19 '16 at 08:51

0

You can use tcpdump or shark for capturing the filtered packets and count them as you want.

answered Jul 19 '16 at 08:51

Sorcha

2 Answers2