This exists in my other post but I feel it should be pointed out clearly.

There is an undocumented feature in Windows Vista, 7, and 8 (now 8 is a bit different and I'm unsure this procedure will work as stated) that allows you to protect a system from DDOS attacks.

According to speedguide.net:

"SynAttackProtect

This undocumented setting provides protection against SYN denial of service (DoS) attacks. When enabled, connections timeout sooner if SYN attack is detected. When set at 1, TCPMaxDataRetransmissions can be lowered further.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters"

Create the following new DWORD (32-bit if running a 64-bit machine) entry in the parameters key:

"SynAttackProtect=1 (DWORD, recommended:" <decimal>"1, not present in registry by default)"

Hopefully no one will chew me out this time.

Thanks for the alert.

This will probably be more useful for business scenarios, as they are higher profile.

While home users certainly have the possibility of such attacks, they are usually directed at businesses or organizations because of being more public.

Sounds like it may be useful for business users....

I know my business hardware firewall was set to block syn attacks (the logs were full of them, but I think we were bashed against a lot)

It only protect against SYN flooding. DHT, HTTP and TCP flooding will still bring the system down just fine