Hi gurus, We have 2 servers. Server1 has a apache. Server2 has a tomcat.
Now we see there are many syn recv connection via "netstat -ant". These kinds of connection are running out the CPU. We googled it and found it looks like of syn recv attack. So I just want to know: 1. How to verify it DOES is a syn recv attack? 2. Is there any way to fight against these kind of connections? Can I do some configuration at Apache? 3. Because our server1 is deployed at a cloud center. I guess these cloud center should also be attack? Appreciate for your quickly help! Thanks, LS
