My webstats show:

Hits 905305
KBytes 275834
Hostname d226-50-234.home.cgocable.net

Almost 1 million requests within 3 days of the same host.
I am sure the person who did this, didn't do it because he liked my site so much.

If I could find out who did this, what are the chances of sue-ing him?

Slim to non, this does not look like a DDos attack. You could always block their IP if it bothers you.

If you have apf installed (which you should or another firewall) go to /etc/apf/ad. This is the anti-dos system of the firewall. While it is not the stop-all DOS software it will help thwart a lot of these off. Though it says don't set things too high I would put the 2 trigger sections at 30 and 35. Any less and we have been getting MS IE ftp users blocked. The coolest thing about this is the messages it sends to you and the admin of the IP. I have gotten some very cool replies from .edu domains and other establishments that now know they had a backdoor open on a server.

Any little bit helps.

do you think anyone could have gained control over the server? I think the intension was to slow down the server.

Unless they were inside doing a flood going outbound I wouldn't think so. You should look doing top and ps commands to see if anything odd is going on. Run chkrootkit if you have not done so yet. This will help determine if there are any hidden processes.

WHM has the options to stop certain apps that normally get installed by hackers. Look near the bottom under security for blocking things such as IRC and @#!@#!@#!@#!@#!X. Run /scripts/securetmp, /scripts/secureit and /scripts/hackcheck also. Just start making sure things aren't out of order on your server.