I recently suffered a UDP flood attack on my little virtual private server (VPS) and thought I'd describe the steps I went through to discover and fix the problem.
Periodically, my server would stall and become unresponsive. It was effectively dead, although not down. These 'stalling' events would last from 5-20 minutes, and then the server would come back up. Looking at my Munin charts told me that my public ethernet interface (eth0) was being flooded. Here's a particularly bad day: