While many people use the grep command through a pipe | there are more efficient ways of using it. I have nearly killed a server on many occasions by running cat filename |grep some-term while the command tries to list a huge file. Instead simply use egrep which is more efficient in terms of speed and system resources.

Rsync is another very powerful command that is used to sync 2 directories between servers and only transfer the new files to the server. This is a great method for backups as it is low on bandwidth and it is also commonly used to keep clustered servers working together. The ending slashes are very important when using rsync. If you are not familiar with how it works simply always make sure to have an ending slash on both the source and the destination and it should be fine.

The replace command is a very simple but VERY powerful command that comes as part of mysql. It can be used to quickly replace entries within a group of files. Generally I find it useful for mass-modification of an IP for dns or TTL for dns.

A quick and usefull command for checking if a server is under ddos is:

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

That will list the IPs taking the most amount of connections to a server. It is important to remember that the ddos is becoming more sophistcated and they are using fewer connections with more attacking ips. If this is the case you will still get low number of connections even while you are under a DDOS.