abstract: Denial of Service (DoS) attacks are notoriously difficult to defend against. They do not need to rely on specific vulnerabilities of their victims to overwhelm their resources and they evolve as the relevant defence systems improve. This, together with the lack of common standards of evaluation make it particularly difficult to choose a specific defence system. In this presentation we provide a clear guide for constructing step-by-step a complete DoS defence system, which can be used by a network security administrator or a cyber-warfare strategist. For each stage of the guide we propose example solutions, either from our work or from the literature