Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight

Perl and netstat

by shotgunefx (Parson)
on Jul 24, 2002 at 07:27 UTC ( #184721=perlquestion: print w/replies, xml ) Need Help??

shotgunefx has asked for the wisdom of the Perl Monks concerning the following question:

Recently I had a problem with some naughty folk trying to DoS me. My first thought was to make a monitor for connections using netstat. I of course reached for CPAN and to my suprise, there was no equivilant. I thought for sure someone would make a wrapper. I decided to roll my own and posted the snippets I used.

My question is... is this something worth making into a coherent structure and posting it to CPAN? Is there an equivilant that I missed?



"To be civilized is to deny one's nature."

Replies are listed 'Best First'.
Re: Perl and netstat
by panix (Monk) on Jul 24, 2002 at 09:35 UTC
    I'm not aware of any - but you might find Net::Pcap (and NetPacket::*) more useful for analyzing traffic - it'll give you access to every packet coming in over a given interface.

    For your netstat wrapper - presumably for tracking a dos you're going to want the results continuously? I'd consider parsing /proc/net/tcp,/proc/net/udp,etc instead of constant netstat execs.

      Actually, what I was trying to detect was a bunch of SYN_REC's coming from one location. I check every five minutes and alarm if it happens. I'm going to modify it to automatically add them to ipchains to filter them out.


      "To be civilized is to deny one's nature."

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://184721]
Approved by virtualsue
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (5)
As of 2020-10-19 22:14 GMT
Find Nodes?
    Voting Booth?
    My favourite web site is:

    Results (207 votes). Check out past polls.