Last two days one of my server want going down and up at times. Since the server only host few of my own sites, it won’t be a big problem. Some times i noticed the site went down and come back online after some time, when i login to SSH, i found loads are normal and uptime too, there is no reboot or server crash.
Yesterday, it went down, so i submitted a support ticket. DC told they rebooted, update them if server won’t come online after 5 to 10 minutes. Server is at data center that provide unmetered traffic, so you can’t expect much better support.
It won’t come online after 10 minutes, so contacted them again. They told server is under syn flood. I have faced many DDoS before, almost 99% of the time, i was able to login to server are block the IP’s with firewall.
But now, i can’t login or even ping or traceroute. After many support tickets and 3 hours of down time, support told server is online now and they replaced NIC (Lan Card).
It seems DC support techs always use “syn flood” to explain why a server down with out proper checking. Just assume your server is under DDoS attack when it is not accessible.