ork before a stream of information reaches a site's Web servers. The filter can look for attacks by noticing patterns or identifiers contained in the information. If a pattern comes in frequently, the filter can be instructed to block messages containing that pattern, protecting the Web servers from having their lines tied up. Today most firewalls whether they are software or dedicated hardware firewalls contain measures to prevent DOS attacks. The way the prevention works is that the firewall will receive the SYN packet and immediately look to see if it is coming from a legitimate IP address. If the source of the SYN packet is legitimate, the firewall then forwards the request on to the server for normal processing. If the SYN packet is from a bogus IP address or if the requests fit a certain kind of pattern, the firewall will reject the request and the server never even see the request or get a chance to respond to it.For each new fix against DOS attacks, crackers will find new ways to get around them. But the good news is that there used to be dozens of DOS attacks out in the wild, and now very few of them work any more. Keep your OSs patched and your firewalls up to date and hope for the best....
