Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Hello SuicideLinux

As Graham pointed out this is a DDoS Attack that can be mitigated by your provider. The target IP address of the attack shown in your trace file puts you into group of OVH customers.

I am pretty sure that they have some type of device to block this attack. A method would be a device called "Peakflow", made by Arbor Networks, now Netscout. One method to deflect this type of attack with the Peakflow is the SYN-Cookie feature. Once activated the Peakflow would filter incoming traffic to your host and make sure that only those SYNs are forwarded that are answered by an ACK.

Please note that a DDoS protection service like this is usually subject to an additional charge.

Good Luck! Eddi