That document is terribly dated, and describes nothing resembling modern day DDoS protection.

Nowadays, it's all about routing the target host through a series of high bandwidth/high processing filters to identify and drop the bad traffic. People don't use SMURF (haven't in over 5 years), and most floods are not ICMP anymore, they are mindless HTTP requests from seemingly "valid" looking zombie clients.

All of those defenses assume that the attacker is a bunch of zombies sending ICMP or SYN messages or with spoofed IP addresses. When Anon attacks its with volunteered HTTP traffic so these defenses don't work.

1. Don't piss Anon off.

I thought zombies were usually compromized Windows boxes. This article says they're mostly linux. If that's the case, why so many friggin' Windows viruses?

Basically that document just isn't very good or relevant.

it is easier to compromise windows, but better distributed tools on linux. tough choices even for ddosers :)