Protecting against DDoS attacks?

view story

http://serverfault.com – I'm running a private http server to power a private website. The IP of the server has gone public, thats fine. Nothing to hide anyway. The problem is the server gets 3 to 8 attacks each day with more than 4000 connections each time. The server and the equipment are set up to handle max 600 connections at the same time. Therefore, the server jams. I have two options at that time: Grab attackers IP and add it to Blocked list within the software based firewall installed on the server, that kille the attack directly. but the attacks are coming from different IPs and therefor blocking one by on (HowTos)