Can iptables really stop a DoS or DDos attack? I'm asking this because I've heard that there really isn't a way to stop a viscious DoS attack. If you find out the IP address of the attacker, you could add a rule such as:
iptables -I INPUT -s ipaddress -j DROP
Is it that easy to stop a "packet kiddie"? Or what about a ddos attack that comes from multiple IPs. I guess in that case you could drop an entire class b / class c IP address.
Also, I heard there is a way to re route those packets so the attacker would be essentially attacking himself. How is this done?