A distributed denial of service attack (DDoS) occurs when multiple compromised systems flood the bandwidth or resources of a targeted system, normally one or more web servers. These systems are yielded by attackers using a variety of techniques.
This kind of DDoS required hardcoding the target IP address prior to the release of the malware and no more interaction was needed to launch the attack. A system may also be endangered with a trojan, enabling the attacker to download a zombie agent (or the trojan may include one).
Attackers can also crack into systems using automated mechanisms that utilize flaws in programs that listen for connections from remote hosts. This scenario essentially concerns systems serving as servers on the web.
There exist several kinds of DDoS attacks, but in common, they can be hard to manage and resolve which connections are accepted and which ones are not. Usually, times a more complex firewall is put in place to filter out a lot of connections.
Seldom additional measures such as interfacing with another web server that can manage more connections than Apache may be used as well. Unfortunately, after all these measures have been taken, sometimes all that can be done is to wait it out.