I got this problem: whenever I plug a Linux-server into the intranet, the whole network slows down and then die. Every ping/ssh connection between the intranet yields time out.
I unplugged it, then everything came back to normal. Searching around suggested me (note, this is my assumption, I can be wrong) it might be an internal SYN flood attack, somehow a malware got into the culprit machine and did a SYN flood attack to the router.
I can log in to the suspected machine, via direct GUI, which Linux command I should start to inspect.
This question is not yet answered, be the first one who answer using the comment. Later the confirmed answer will be published as the solution.