That document is terribly dated, and describes nothing resembling modern day DDoS protection.<p>Nowadays, it's all about routing the target host through a series of high bandwidth/high processing filters to identify and drop the bad traffic. People don't use SMURF (haven't in over 5 years), and most floods are not ICMP anymore, they are mindless HTTP requests from seemingly "valid" looking zombie clients.
All of those defenses assume that the attacker is a bunch of zombies sending ICMP or SYN messages or with spoofed IP addresses. When Anon attacks its with volunteered HTTP traffic so these defenses don't work.
I thought zombies were usually compromized Windows boxes. This article says they're mostly linux. If that's the case, why so many friggin' Windows viruses?