syn-flood attack on port 80

hello,

i am having a syn-flood attack on port 80, lots of spoof'd unique ip's sending only one request at a time. 2500+- request at a time. bandwidth is almost to the limit of 100Mbps.

what can be done by "me" to stop the attack or at least ease the traffic?

my server provider simply null-routed my ip for 6 hours, hope it will go away. unfortunately, it doesn't.

i've tried apf-antidos, tuning sysctl.conf. none helped.

Thank you.

 

 

 

 

Top