A CISCO router with DDoS mitigation capabilities costs a few thousand euros last time I checked That's why you host with a DDoS protected hosting instead.
ipfw rules? pf is much easier to configure
Also, you don't need to extract root at all to find out the IP & port of a server. Using a TCP monitor will do, or even just netstat.
I know what're you saying here, BUT there's a big but . I don't even have to know from where is this man .. and what money he got .. and some kind of this stuff , i just suggested what it's a good way to prevent "Hackers" .. and yes. .. a good way to prevent hackers is to search a good hosting company and ask them first for their services and what they can do for you.
Oh yes and with the netstat , sometimes it shows sometimes it doesn't .. and you need to have some brain to find those ports .. not only kid can find them ^-^ , am i right?