Hi All, I have four VPS with ISPConfig3 with nginx installed on each of them. Since 2-3 days I have been noticing more than 30 connections in SYN_RECV state. As a security measure I also have fail2ban and CSF installed on the server. From what I have read on the internet, this seems to be a SYN-FLOOD attack but I am not sure about it. On one VPS I made relevant changes in CSF and sysctl.conf to mitigate the SYN_FLOOD attack but to no avail. and I still keep receving these connections. Also, when I ping the DNS 4.2.2.2 or any other IP or domain the reply is also very slow on all the VPS, around 13067 ms. But when I ping the VPS from outside the network the ICMP reply is around 330 ms. Not sure what is going on. Can someone please help ? VPS running latest patches and Debian Wheezy. Regards, Vikram
