Actually there are a couple of things you can do like limiting oversized icmp packets or limiting the number of icmp packets/second you would accept and turn on syn_cookies on your box. But you can't really protect from a strong Distributed Denial of Service Attack, but their targets are usually important servers owned by major companies.
|