I think that if one vote, or any small number of votes were allowed
per IP, the attack would have been much more difficult, as there
simply are not tens of thousands of readily available proxies, unless
these people have access to a big botnet.
A downside to one vote per IP is that AOL and some organizations place
their outgoing web traffic behind one or a small pool of IP addresses.
So these users wouldn't have been able to vote.
That would not have been such a big problem. But be sure to play 'dead man' and maintain the illusion that every vote counts.
Even more devious would be accepting the unwelcome votes, but also reversing each one of them after a random time has passed. This way the attackers get the see illusion, that their attacks succeed, but are fought back (or drown out in counter-votes from real people) only a few hours later.