I have a Tiger Server completely up to date on patches. It runs a variety of services included Apache 2. One issue that hits me occasionally is that somebody is obviously running a netbot and we get thousands of connections from one IP that according to netstat sits in FIN_WAIT_1 state. Apache can't process any more connections and nothing happens until I come in and try to fix the issue.
I usually put that IP in the firewall on deny though frankly I'm not good with the Tiger Server GUI for the firewall so I'm not 100% sure I got it right.
So my question is more - what can I do to prevent this? How can I tell OS X Server to not allow a single IP to overload me?