Thank you all for the replies, so to sum up temporarily:
We have several types of attacks, one of which is DOS themselves web applications and services, *as for example, suppose the old, but still (you need a recent example, leads) www.securitylab.ru/vulnerability/203865.php
* software upgrade Scripts.
Further, when a small attack we can use as a kind of software, web services for creating and generating firewall rules and .htaccess, for example: ipinfodb.com/
IPinfoDB is a monthly updated database of IP address ranges that are bound to different countries, then you can quickly see which country owns a particular IP, within the service there are a few built-in tools for generating firewall rules and .htaccess by which you can block access to the server geographically. If you need to quickly reflect an influx of bots from China or any where else, this is a very good helper.
like making the rules, writing scripts forum.antichat.ru/thread128581.html
generally to be honest that helped me on this section acute: AntiDDos — Antiddos
to: lafayette > almost, but there is an option to hijack the network\\subnet bots, regarding the article, Yes up to 3 years, but I think some more can be added, vplod to satara.
to: BasilioCat> I would like to listen, to read, to see the presentation and let the theoretical implementation.
1) if the site dositeja on ordering it turns out admin site is no negotiation mood this is only possible if there is the original purpose for which the work of online important, if the order is not who will get in touch.
2) I already wrote in the topic which is hidden, that the maximum of searching and calculating to 1-2 client machine which fed the team and which thus infected and is the SOx server, so in this case, the best option to steal himself a botnet.
3-4 I think it is possible to combine, it turns the monitoring sites underground themes which offer these services, and where is the guarantee that it will not be posturing.
to: savostin > that's exactly what you imagine as classifications of a few attacks, in fact I would like to hear not one answer, and attack protection that this combination don't you understand?
to: prox > necessarily this afternoon read, thank you.
*I think a couple of days to summarize,*