We have 2 servers.
Server1 has a apache.
Server2 has a tomcat.
Now we see there are many syn recv connection via "netstat -ant". These kinds of connection are running out the CPU.
We googled it and found it looks like of syn recv attack.
So I just want to know:
1. How to verify it DOES is a syn recv attack?
2. Is there any way to fight against these kind of connections? Can I do some configuration at Apache?
3. Because our server1 is deployed at a cloud center. I guess these cloud center should also be attack?