why was this modded down? There are many kinds of DoS attacks, with many mitigation strategies. If it's a pipe-filling attack, there's not much you can do besides get a bigger pipe, or have your upstream do filtering for you (which is quite often more expensive than just getting the bigger pipe... see, /someone/ needs the capacity to soak up the attack, you or your upstream, and that capacity costs money.)

I personally got hit with a flood of many small packets, which overwhelmed my router. The obvious solution here is to buy a better router. (it was 200Mbps of rather small packets on a 1000Mbps pipe.) I ended up just having my upstream blackhole all traffic to the target IP, which is sad, as it 'finishes the job' for the attacker, but on a $12/month account, what do you want?

Now, for what I provide (VPS hosting) an application-level DoS, slowlaris or just hitting your app in an expensive way isn't really my problem. That's on the application programmer, and as this is mostly a form for application programmers, it does make sense that the highest modded comments on this page describe mostly application level DoS mitigation strategies.

With security it is always cat and mouse and the target is always moving due to software updates, new OS's, and applications. I agree with Troels that you need a shard security sysadmin with a plan in place before an attack ever happens. If a company is scrambling at the last second trying to put security measures in place or hiring security staff to assist. It is already to late. Preparation , testing, and regular updates is key to security