A client of mine was attacked starting at 9:00 a.m. pst on Christmas Eve. The attacks crippled his site. We found out that it was done by one of his competitors. Wired Tree was able to get it under control somewhat but he has still lost thousands of dollars. The attacks are still happening and it's getting over 100 million queries, all from unique ips and they claim is the largest scale DDOS attack they have ever seen. Once company wanted $50k up front just to stop the attacks. I guess my question is, does anyone have any ideas about how to prevent this kind of thing from happening? Also, what would you do if someone attacked you this way?