This post by RSnake describing a dangerous new DoS attack is probably real.
These guys haven't published their tool, so there is no independent confirmation of their results. Therefore, my immediate reaction is skepticism: things like this tend to be hype. However, after listening to their audio interview, I believe they are probably right. They have been working deep withing TCP stacks. If such problems exist, then they would have certainly come across them.
The problem, in a nutshell, is that they can open a TCP connection that will never be closed. The only way to get rid of them is to reboot the server. This means that I can connect to the Internet with a dialup connection, then quickly take down www.google.com (or any other server) by maxing out the number of connections.
They describe one mechanism. A TCP stack tries to figure out the maximum speed of your connection, in order to slow down data transmission so that packets won't be dropped. One technique they describe is to behave as if their connection were getting slower and slower to the point that the TCP stack is tricked into believing it will take years to complete the transmission of data. This forces the TCP stack to keep trying for years to send just a few bytes.
How do we fix these problems? The problem is a resource-leak like the more common memory-leak. Back when I worked on the TCP stack for the Proventia IPS, we designed the code and test cases to deal with exactly this sort of resource-leak. The trick is to create billions of connections, with special tools like this, then verify that once everything is gone, that you indeed have gone back to zero resources.
EDIT: When I say "leaving the connection open", I refer to how we see the connection from the point of view of kernel resources. The socket, though, is probably closed. That's the essence of this problem: closing the socket doesn't necessarily free the connection resources if the connection is in a certain state. This makes the DoS different from things like the "LaBrea Tar Pit" that DoSes applications by forcing them to leave the socket open.