I am running a game server that has been getting small scale dos attacks(500-1000 connections from a single host sometimes but rarely multiple hosts. So that being said I get about 1 dos attack every other day. I have been monitoring the connections and blocking them but this is all a manual process and I would like to find a good firewall to help me out.
So if someone could suggest a good firewall to help me out that would be great.
OS: Windows Server 2003
For Windows... Hmm. I believe, the first thing you want to do since its only ONE IP Address currently DoSing you, is to block the IP. Don't just block it by a software firewall but nullroute the IP as well (your datacentre/host should be able to do this). And most definetly, if possible, make use of hardware protection (firewall). Next thing you should do is tighten your TCP settings and ensure you know what type of DoS it is, whether its a SYN attack or perhaps an ICMP attack.
In CMD type: netstat -ano
█ Ian Lai - www.fyianlai.com
█ Web Design & Development
█ System Operator & Administrator