Denial of service: how to prevent?

[cazze]

Hi,

i don't know if i should post this here or in the programming forum, but here it comes.

I have a program who is listening on a udp port. The server on wich it runs, is behind a firewall. I use port forwarding on the firewall to the server.
Is there a way to prevent someone flooding the port with bogus packages so that the service becomes unavailable for the users who send interesting traffic?
Is a vpn tunnel between the client and the firewall a solution and how should i configure it if it is?
I'm sort of lost here on this. I think i don't understand enough the working of Dos attacks to prevent them.

kammicazze
_________________
Required: Windows 95 or better, so i installed Linux!!!

[cokey]

Most intelligent routers will figure out if a DDOS attack is being performed and drop and ban any packets from a certain address if that happens so you may need a better router. Or am I misunderstanding the situation?
_________________
https://otw20.com/ OTW20 The new place for off the wall chat

[Sachankara]

Use "TCP syncookies". You'll find it in the kernel options...
_________________
Gentoo Hardened Linux 2.6.21 + svorak (Swedish dvorak)

[cazze]

@Sachankara: TCP syncookies for UDP packets?

@cokehabit: You should probably be right, but how can a router make the difference between UDP audio stream packets over that port and a bogus data stream stream? The data over the port isn't a known protocol
_________________
Required: Windows 95 or better, so i installed Linux!!!