http://www.nuclearelephant.com/projects/dosevasive/ is an Apache module designed to make Apache actively fight DOS attacks. It works for both 1.3 and 2.x versions of Apache.

with mod_fortress you have apache with it's own firewall and ids in one module
http://www.spunge.org/~io

For the Indexes issue, I personally turn them off globally in httpd.conf, then use an .htaccess to turn it on in any folder where I do need the functionality. I also make a generic index.html page that I put in every folder that apache can access that gets displayed instead of a listing of contents, just in case.