I couldnt really find an approproiate forum for this so I hope this will do. It's just a small article I wrote on my blog I figured I would share here. Mods, please put in proper forum if needed.

Dealing with ddos attacks and how to react publicly to them

Ok, so you are under ddos attack. It has caused you much downtime and annoyance. You finally decided to go to a protected host or run your own server at a protected host. But you soon find out that the attacks are pretty big and require more advanced protection which costs significantly more then your basic protection at your new protected host. So you go the extra step and buy the advanced protection or even if you don’t and get it under control yourself. .

Now your site is back up, nothing more to worry about, you go and post some things on your site about the script kiddy ddoser and about how much of a loser he is and that you are now blocking his attacks so ha and that you are now protected against such attacks. Well this turns out not to be such a good idea because the attacker now gets friends on his side or builds his botnet stronger and is now able to bring your site back down again. It may not happen like this all the time but it does a lot. May not be the exact turn of events in every case but it all results to one thing – how you publicly handled the attacks.

Here are some tips on avoiding such things and avoiding future attackers who may be up for a challenge.

The first and foremost thing to do above all other is to not acknowledge the attacks at all. Do not make any posts on your site about ddos, even if you are explaining the recent down time. Attribute it to a server problem or network problem. If anyone on your site makes posts about ddos delete them immediately. Do not make any posts about going to a new protected hosting or now being ddos proof or ddos resistant. Post none of the sort. Of course it may be OK to acknowledge some things privately to your admins or trusted users but never ever post anything on your site about it.

If the attacker is harassing you via email or chat simply ignore him, do not even acknowledge his presence.

Never advertise your new ddos protected host on your site, whether you get affiliate money or not, it is not worth it Some hosts may ask you to put up a "Now Protected By New Protected Host.com" Don't do it, its not worth it.

This is the absolute best way to handle the social side of ddos attacks. Nothing will make the attacker feel so stupid and mad. Yes he will be mad but it is a different kind of mad. Not like the mad he would be if you publicly challenged him or exchanged heated words with him. That type of mad would cause a new terrible resolve within the attacker to get your site down. The mad he gets from not even being noticed cuts him more deeply and at this point he will most likely deny to anyone that he ever attacked your site. He would probably say “If I attacked his site it would be down!” and so on.

So as you see there are differences in the kind of mad you can make them. When you do not acknowledge them and you ignore them they will eventually give up. If you taunt and challenge them they may never give up.

The big lesson here can also apply to hacks and defacements of your site as well. If you fix things quickly and patch up the hole when you get back do the same as against a ddos attacker.

Remember non-acknowledgement is the best payback against these guys and it will shorten the length of time you have to deal with them. No matter how mad it makes you, you just have to stick to it.