Preventing DoS Attacks

Strategy	distribution
Stop packets from arriving	Ease the load on the service by filtering packets, with some kind of firewall. This assumes that one knows where the packets are coming from and can adjust the filter rules quickly enough. Some intrusion detection systems can detect DOS attacks, unfortunately modern networking and operating systems are not able to respond automatically to such attacks. Methods of computer immunology might one day be used to automate this.
Load spreading redundancy	A service is hard to saturate completely if it has sufficient redundancy. Assure sufficient load balancing and redundancy. You can use a randomization strategy ("rotate shields") to present a moving target to attackers
Preventing complicity	SuspiciousNames = ( .. ) or unwanted processes. Be aware that attackers usually try to hide their tracks by using unusual names for well-known programs. On the other hand, many script-kiddies simply download and run programs unaltered.
Garbage collection	One of the reasons why DOS attacks are successful is that resource garbage collection is not performed by almost any modern systems. DOS attacks work because they consume resources but never free them. One form of attack which has been used to crash Unix systems is a log attack. Systems which log all kinds of messages quickly fill up disk partitions with these messages. If logs are not rotated often enough, systems will crash from lack of disk space. (Note that some operating systems are programmed to do this all by themselves, without any outside help!)

Reference

Preventing DOS and DDOS attacks

http://www.iu.hio.no/cfengine/confdir/ddos.html

Link to About me

Link to my hobby

Link to What are Denial of Service Attacks web page

Link to Types of Denial of Service Attacks web page