Well ,
we have been attacked too , Sunday , and Monday .
If you are managing a server Apache 2 or similar do like this :

root@mir23:~# netstat |grep SYN_RECV

marway.org:www x.x.x.x:56995 SYN_RECV
marway.org:www x.x.x.x:4756 SYN_RECV
marway.org:www x.x.x.x:8921 SYN_RECV


then assuming you have iptables installed beat down the following syntax :

root@mir23:~# /sbin/iptables -A INPUT -s “x.x.x.x” -j DROP


root@mir23:~# iptables -A INPUT -s “x.x.x.x” -j DROP

Where obviously x.x.x.x are or is the IP of the syn flooder .

In some hour we shall post others optimized settings
helpful to mitigate the flood .

Good luck .