How to secure CoreOS on DO?

I've receive the following message:

We've detected an outgoing Denial of Service attack (http://do.co/21Y1Gc1) originating from your Droplet. Due to the traffic’s harmful nature, your Droplet was taken offline; this means it is not connected to the inteet and all hosted sites and services are unreachable. We know that this action is disruptive, but it’s necessary to protect you, our network, and the target of your Droplet’s attack.

Here is why we locked your droplet:

2016-05-24 11:30:02 EST - [ NETWORK ALERT ] [ Droplet 13226343 - FLOODING ][ Bw 93.03 mb OUT | 0.00 mb IN ] [ pps 868.2k OUT | 86 IN ]

18              7.016994        82.196.7.x    59.56.110.134   TCP     899     33447 → http [SYN] Seq=0 Win=63310 Len=845
19              7.017057        82.196.7.x    59.56.110.134   TCP     899     728 → http [SYN] Seq=0 Win=60547 Len=845
20              7.017123        82.196.7.x    59.56.110.134   TCP     899     34223 → http [SYN] Seq=0 Win=61592 Len=845
21              7.017182        82.196.7.246    59.56.110.134   TCP     899     8885 → http [SYN] Seq=0 Win=61582 Len=845
22              7.017287        82.196.7.x    59.56.110.134   TCP     899     33088 → http [SYN] Seq=0 Win=61469 Len=845
23              7.017371        82.196.7.x    59.56.110.134   TCP     899     39250 → http [SYN] Seq=0 Win=61073 Len=845

The traffic we noticed was a SYN flood (http://en.wikipedia.org/wiki/Syn_flood) that was being launched from your Droplet against a remote server, not any form of legitimate traffic. This could not have been from a remote system, as there was no inbound traffic (from your client) during this incident.

It was CoreOS without any services on DigitalOcean.

How I can hardener the security for a single node setup of CoreOS?

Recent Questions...