Before you can stop a DDoS (Distributed Denial of Service) Internet attack, you need to first learn how to stop a DoS (Denial of Service) attack. A DoS attack in a nutshell involves a person sending multiple tiny request packets to your computer or network in order to cripple its function because the flood of packets are essentially eating away at its resources and whatnot. You should also be aware of who you're dealing with. Could he be a script kiddie with a script he didn't write and downloaded off a hacker site (the address of which he got from a friend of a friend)? If that's the case, then all you need to do is find the origin of the anonymous attack and block it.
DDoS attacks are cheap to Launch
DoS attacks in general are easier to deal with than a DDoS attack, mostly because it only involves one person and you can easily block that person no matter how many anonymous proxies he uses to continue his DoS attacks. A DDoS attack will usually be harder to deal with because it's "distributed" to different locations, PCs, and accounts, such that even if you were able to block one IP address, several more will take its place from different directions (and these accounts could also make use of proxies to simulate different locations as well, thus exacerbating the problem). DDoS is cheap to launch and tough to stop as well.
With that said, DDoS is in many ways like a sickness. It's better to prevent it from happening in the first place than to get sick. In short, you need to plan ahead. Don't let yourself, your site, your server, your network, or your computer (even MMOs are being targeted for DDoS attacks nowadays) be blindsided by these assaults. You should also get something to halt the onslaught from reaching to your server, or else it truly is game over for you. Keep in mind that the key to stopping DDoS attacks is to keep it from reaching your physical server.
The scripts available to those not tech-savvy enough to make their own are only capable of stopping certain users from acquiring a response from apps executing on your server. Again, prevention is the key, so it's best that you should undergo a "preemptive strike" of your own and get everything penetration tested for your own safety. It's also a wise decision to acquire a host that's an expert in DDoS mitigation that doesn't only "null route" IP addresses when attacks happen. There are DDoS prevention specialists that can add IPs to their ACLs (Access Control Lists) so your physical server is always safe from possible DDoS and DoS attacks from the get go.