you don't get back at them. you write the abuse department at whomever owns their ip (WITH LOGS) and hope they're listening. in the mean time your own provider should be able to provide some form of mitigation, and if they don't move your server

How are your hacking skillz?

This.

Work with your provider. Odds are if it was done right and was a true ddos then the true source IP would never show up in the logs.

As far as getting revenge I wouldn't even go down that road.

If its a minecraft server its most likely shared with others so the provider should be handling it. If they are actively logging into your server I'd change it to be whitelist. I've only ever had one issue with the minecraft server I host at home but that was a single kid logging in blowing up stuff but I found his IP and account and banned it within a couple hours of it happening

x2

and (if bucks allow) look at DDoS mitigation service (like companies that use Arbor gear). My company uses/sells arbor (PM if you want to know more).

Some of my customers specialize in this too.

Basically, if DDoS is happening, a mitigation service can scrub the non-ligit traffic; do some google searching on ddos mitigation.

But yes, its at minimum contacting your ISP's abuse dept. Some ISP's abuse departments don't care, some really care, its a crap shoot.

Everyone's covered it very well. I will just add what your experiencing is a DoS, DDoS denotes multiple sources.

As far as how people DDoS, the most common way is to gain control of a DDoS command and control server sending commands to sometime hundreds of thousands of "owned" malware infected machines.

Agreed I think the days of just needing a good list of bcast hosts and smurf are gone

You can purchase a botnet to basically flood someone with tons of small packets.

The best way to mitigate a typical ddos is to have a threaded device in front of it that can handle many packet switches per second, or adjusting your clock ticks on your system to have less interrupts against your running applications ( probably not ideal for what you're using the server for ).

Typically you can just ask your upstream provider to add something like cisco guard in front of your machine. If you have a video card in your system you might be able to use it to mitigate the packet flood. thats over loading your CPU.

And people dont spoof or hide their IP's anymore, they just use a few hundred compromised hosts, it seriously doesn't take much to overload a network card and 1-4 core system, especially if you're not using some sort of IRQ balancing.