To prevent system crashes, as by denial-of-service attacks, of TCP/IP (Transmission Control Protocol/Internet Protocol) networks, this invention regulates the volume of TCP connection requests that await service at a TCP/IP connection control table. For this purpose, the usage of the system is monitored on a dynamic basis, the time-out value T.sub.ho is dynamically computed, and requests that have been awaiting service for a period of time that exceeds T.sub.ho are removed from the TCP/IP connection control table.