By advaya
My Droplet became hostile client for SYN Flood. An foreign process is sending SYN packets to an remote server i.e my droplet is compromised and used by hacker to perform DDOS attack by sending SYS packets from my droplet. Network for my droplet is disabled by DO. How to stop that process sending SYS flood ? OS - Ubuntu 14.04 64-bit Thanks in advance, Advaya
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
If your droplet was launching a SYN Flood it has most likely already been compromised. Cleaning up an already compromised server can be quite an undertaking. The quickest way to resolve this type of issue is often to start over with a clean droplet, transfer over your files and take steps to secure.
On the new droplet you will want to set up a secure configuration. These tutorials will help you get started with this:
Initial Server Setup with Ubuntu 14.04
Additional Recommended Steps for new Ubuntu 14.04 Servers
If you would prefer to attempt to clean your droplet and resolve the issue I would recommend starting with the steps outlined here:
My Droplet has been Compromised and is Sending an Outgoing Flood or DDoS, What do I do.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.