Use a more randomized hash function for our hash tables
(This is NOT about using a new cryptographic hashing algorithm.)
There's been some good work recently [1] about the class of DOS attacks where you know the hash algorithm that's going to be used for putting data into a hash table, so you provide a whole bunch of known-to-collide inputs so that the hashtable operations will become O(N) rather than O(1).
To avoid this class of attacks, we ought to have some sort of a per-run random tweak on the data-hashing functions we use for our hash tables.
[1] http://events.ccc.de/congress/2011/Fahrplan/events/4680.en.html