Harden a Ubuntu server - need a linux expert

Got a server that is running a eth node, problem is that the server got locked because support is claiming that the server had a outgoing flood ! The server is not compromised as only my developer is working on it , and its a clean install. I am guessing the server is getting ICMP Request and it replies, maybe someone is abusing that etc ...not sure as i am not ubuntu person. I need someone to log into the server, harden the server so that i don't get emails like this again: This was the info i got from the provider: Hello, Here the log from our switch, the server has been locked 2018-02-01 at 09:06:56 pm : DDOS from IP [login to view URL] (attack ID 1088965): protocols : tcp, targets: [login to view URL], sports: Dynamic (1024-65535) I have reactivated it in rescue, please take the time to check your log for investigating. If your server is locked again, I will not be able to unlock it for free. *************************************************************** 1: Harden the server, make it secure 2: Make it less susceptible to shit like this I dont want provider to give me another warning about outgoing flood. Provider is [login to view URL] I need this fixed asap