In a method for responding to a denial of service attack at a higher layer
of a communication network, said communication network also having a
lower layer beneath the higher layer for receiving packet information
from users, providing a packet filter inspection layer between the higher
layer and the lower layer. By use of an application layer which is
associated with or comprises said higher layer, creating a rule in the
packet filter layer to identify a likely denial of service attack. By use
of the packet filter inspection layer, inspecting incoming packet
information to determine whether it is a likely denial of service attack,
and if it is stopping the incoming packet information from being sent to
the application layer. After a predetermined time period, stopping use of
the rule to prevent packet information from being sent through to the
application layer.