well, dos\ddos protection means you need a way to mitigate the issue, not only at host level but at network level too. thus many people are turning to services like Arbor and DOSarrest. however, if its a host on a network you dont control then the mitigation tactic at host level might save host from port exhaustion (or other issues like too many sockets in time_wait state), but this is not true dos\ddos protection.
and yes, what you posted is basic form of protecting the service port from sequential fast connections. not sure if its src IP based or not..... and depending on the thresholds you could inadvertently deny legit connections, etc.
|