A method for defending a host, which is coupled to the Internet via a defensive firewall/router, against a denial of service attack, comprises periodically determining the status of the host; storing the status of the host; receiving at the defensive firewall/router a request from an entity on the Internet for service from the host; and responding to the entity in accordance with the stored status. The period that is set is not related to the request.