Well see, the 'old' ddos was just hammer away with traffic at an ip (random traffic). And in some cases 'specially crafted' packets, remember the windows crashing packet of death fiascoes? Other fun was invalid protocols in the headers (gets routers all worked up and overloaded).

Now what we are seeing is targeted attacks. Lots of legitimate looking traffic directed at a specific service on the target. Most notable of these of late was the wordpress login ddos.

So what counter measure should people employ?