- Send Source-Quench upstream( aka ECN)
- SAML (Security Assertions Markup Language)
- Traceroute
- Port Knocking & other "Two-factor" schemes
- code to compare login packets -- iptables
- Selinux/iptables-connmark
- Connected to 6 above, "ip rule" (particularly mark & fwmark)
- iptables-extensions: connlimit / hashlimit
- CAPTCHA
Hint: see similar Can't Access Plesk Admin Because Of DOS Attack, Block IP Address Through SSH?
But defense in depth is critical.
Sincerely,
ArrowInTree