I got an SYN flood attack log in CSA MC
CSA log: TESTMODE: A potential SYN Flood attack has been detected. This may also indicate a possible routing problem. Reason: The TCP Listen Queue is full using interface Wired\HP NC7781 Gigabit Server Adapter #2. TCP: CSA MC IP/5401->local Instance IP/4418, flags 0x12. The operation would have been denied.
(Note: In log I have specified CSA MC IP and local Instance IP instead of its IP address)
I understood that SYN flooding is a type of denial of service attack and this alert has occured when a TCP/IP connection was requested by MC to the Instance. It has resulted in a half open connection, as the return address that is not in use. MC has detected it and it got denied.
Please let me know what action I have to take at tins point?