I was ddos'ed a few years ago, and Oxeo (
www.oxeo.com) did a great job fighting off the attacks. You should reach out to them. Their customer service is the best by far. It's almost like they look forward to helping you with issues.
As far as coming up with a solution for ddos attacks... one exists, but from what I know, it's not cheap. As someone stated above, ddos attacks make it look like real traffic is hitting your site. The anti-ddos application basically runs in the background while your site isn't being attacked, quietly collecting a database of "real" traffic. Once your site is hit with an abundance of fake traffic, your firewall blocks all unrecorded ip addresses until the attacks stop. During this time, all unfamilar ip addresses will temporarily be blocksed, including new traffic. That's the only downside to this, but it's a lot better than having to shut down your server for 24 hours (which seems to be the standard protocol for most webhosts that I've dealt with). Once the attacks end, then the filters are removed from the firewall.
I recently had a meeting with sales rep from Rackspace and this conversation came up. THey offer this service, but it's crazy expensive.
Soon, I'd imagine this service will be available to all webhosts. Ddos is big business right now. No need to offer a solution when you can charge insane amounts of money for it.
