Question

How to stop my droplet sending SYN Flood

  • Posted December 11, 2014

My Droplet became hostile client for SYN Flood. An foreign process is sending SYN packets to an remote server i.e my droplet is compromised and used by hacker to perform DDOS attack by sending SYS packets from my droplet. Network for my droplet is disabled by DO. How to stop that process sending SYS flood ? OS - Ubuntu 14.04 64-bit Thanks in advance, Advaya

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

If your droplet was launching a SYN Flood it has most likely already been compromised. Cleaning up an already compromised server can be quite an undertaking. The quickest way to resolve this type of issue is often to start over with a clean droplet, transfer over your files and take steps to secure.

On the new droplet you will want to set up a secure configuration. These tutorials will help you get started with this:

Initial Server Setup with Ubuntu 14.04

Additional Recommended Steps for new Ubuntu 14.04 Servers

If you would prefer to attempt to clean your droplet and resolve the issue I would recommend starting with the steps outlined here:

My Droplet has been Compromised and is Sending an Outgoing Flood or DDoS, What do I do.