Followup to Identifying DDOS Attacks on Windows 2008 Servers.
What steps are people taking to prevent DDOS attacks against their Windows 2008 Servers in a hosted environment?
I'm particularly interested in ways that don't involve a separate hardware firewall, but rather things that can be done with software or configuration of the server itself.
MS has an article called How To: Harden the TCP/IP Stack. Does anyone have experience (or thoughts) on the success of those steps?
Best Answer
In practice, at the small scale you simply can't protect from a real DDOS as even ignoring resource usage issues it's very easy for even a thousand machines to swamp quite a large connection.
The only real things to do is standard config and hardening, ensuring only what's needed is running, and that what is needed it configured optimally.
Hopefully your ISP / colo will have some procedures to fix some things at their end if there are any attacks. However, unless you're a gambling, pornography or other (legal) fringe site such an attack is extremely unlikely.