We are continually experiencing DOS attacks on a server - a site set up namebased using the servers main IP is being attacked. The NOCs protection systems blocks the IP under attack (in this case the servers main IP) and the consequense is that all sites set up namebased using this IP is affected, so their web sites goes down for about 20 minutes each time it happens. I am hoping for some ideas on what could be done in a situation like this. I have looked at the access_log and blocked some IPs but is there anything else that could be done - I wonder what those types of guys are getting out of this - it is obviously not their intention to make someones day. - I hope that someone here could make my day providing me with some different input . What are other hosts doing in a situation like this?
- I hope that someone here could make my day providing me with some different input 
. What are other hosts doing in a situation like this?