Did you check your logs for specific ip addresses and/or named service logs?
You can configure an ipchain to limit incoming connections to port 80 for example, once the limit it hit (it will drop them).
You can turn on query_logging in named to view the active queries you do not want to leave this on.
You can also crank up error logging in apache to (debug) level.
Also, using this command in netfitler from the command-line: (location depending on your Linux distro...)
sudo /usr/sbin/iptstate
it will display all connections (like 'top' will be active connections)
Is this a lamp server?
If it is connection to a backend database you may need to enable caching in mysql, I had to configure several 'performance' related changes for Drupal to handle a heavy traffic usage.
Diagnosing performance related issues can be challenging, since this covers many different aspects you may need another thread on a service enhancement/modification related help.