You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
How I'm currently reading the code, and I found the commenting and some code lines odd, could you maybe explain?
Line 30: if [ $pps -gt 10000 ]; then ## Attack alert will display after incoming traffic reach 30000 PPS
How will it detect 30.000 pps? All I see is a statement to check if packets per second is greater than 10.000 .
Line 67: sleep 120 && pkill -HUP -f /usr/sbin/tcpdump ## The "Attack no longer detected" alert will display in 220 seconds
How do you know an attack automatically stops after 120 seconds? And why does the comment say 220 seconds?
It seems to me it could potentially just send 2 webhooks every 120 seconds, if the ddoser would commence an attack longer than that.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
How I'm currently reading the code, and I found the commenting and some code lines odd, could you maybe explain?
Line 30:
if [ $pps -gt 10000 ]; then ## Attack alert will display after incoming traffic reach 30000 PPS
How will it detect 30.000 pps? All I see is a statement to check if packets per second is greater than 10.000 .
Line 67:
sleep 120 && pkill -HUP -f /usr/sbin/tcpdump ## The "Attack no longer detected" alert will display in 220 seconds
How do you know an attack automatically stops after 120 seconds? And why does the comment say 220 seconds?
It seems to me it could potentially just send 2 webhooks every 120 seconds, if the ddoser would commence an attack longer than that.
Thanks in advance.
Sincerely,
IM
Beta Was this translation helpful? Give feedback.
All reactions