DDoS is Distributed Denial of Service, multiple machines being used to attack a single target at once. These aren't truly capable of much damage unless done on a truly wide scale, which brings me to my other little thing. This might not be a DDoS but a DRDoS, Distributed Reflection Denial of Service.
Denial of Service is simply a bombardment of packets, varying in size and data, most of them getting highly garbled on their trip, forcing the victim to use all their bandwidth and in extreme occasions processor time on deciphering these packets. They are simple to filter, for the most part, and a filter will generally make you safe from attack. They are also prone to being destroyed by firewalls.
Distributed Denial of Service is a step up, the same bombardment of packets from multiple machines. DDoS attacks have only one purpose, to wipe something from the face of the internet, either permanently or otherwise. Most commonly used locations are Cyber Cafés and Libraries, since these often have lax security and are on often, meaning someone who knows what they are doing can install a 24/7 DoS attack bomber and it will be active very often, usually with remote administration for activation from home/work.
Distributed Reflection Denial of Service are the worst. Over 100 machines can be involved, and 95 of the users of them won't even know they are. Generally infected with IRC zombiebots that send themselves through e-mail and exploit lax security or internet newbies, you'd be amazed at how many machines a single person can have under their control. And it's as simple as going into an IRC room and telling your zombiebots to go attack (The zombiebots log into an IRC room when inactive to recieve commands). They are used with intent and purpose. The intent and purpose? To wipe whatever they attack off the face of the globe. Where does the reflection come from? These packets are reflected between zombie to zombie to zombie, becoming garbled and corrupt, and often many megabytes big. Which is how a T3 pipeline can become clogged by them, not even T3 can handle 60 corrupt 1 megabyte packets every tenth of a second. And they can even cause effect through filters AND firewalls. Deadly fuckers.
grc.com experienced this a long time ago,
http://grc.com/dos/drdos.htm.
This is pretty good reading actually, shows how the webmasted inflitrated the cult, and it says what he did to prevent the attacks.
As you can see, it's as simple as setting up some IRC zombiebots, and it's damn amazing what it can do. Single-handedly clog a T3 pipline AND STILL keep it semi-offline with filters up.