(04-14-2012, 05:48 AM)crazy4cs Wrote: RAW logs is pretty time consuming. It has a lot of not needed information listed as well along with IPs such as useragents,etc. When you're having DDOS, watching logs is kind of old man type thing.
If you've SSH access, you can find troubling IPs and bust them.
At least you can find the attacking Ips even if it's time consuming or if it's kind of old.
And watching the RAW log is the almost the only alternative if you are on a shared hosting and you are being DDoSed, If you don't have SSH access or root access, which you don't have in shared hosting.