Suppose an attacker keeps making connections from e.g. a couple hundred 'bots', where no spoofing is used and the full handshake is completed. Let us assume that the server is able to correctly identify an IP as an attacker and optionally blocks it in its (software) firewall.

My question is: would FG have any impact in this scenario? I understand that simply by making a very rapid series of connections, an attacker may be able to flood the connection.

Absolutely not.

FloodGuard will not stop a connection based server resource depletion attack.

O/S hardening will stop a connection based server resource depletion attack.

If you are being frequently attacked, you will need to do OS hardening in addition to FloodGuard and a hardware firewall.

What I meant (though not clearly said) was whether the 10mbit/s port could be the weak link in the chain even if the firewall drops all packets from a specific IP address. That is: would it be possible to fill the traffic capacity simply by making millions of connection attempts from a relatively limited set (e.g. 100-1000) of IP addresses -- even if all traffic of that IP is dropped by the server firewall, it still has to pass through the bottleneck.