I saw what appears to be a distributed attack against a single IP
address that reached nearly 500Mbs. I was thinking that this is
high. Are people seeing any random attacks of this magnitude?
Please define random 
If you mean the source is random, then yes this attack is of a high
magnitude and I've seen one other this bad.
The addresses could be real, or spoofed - depending on the circumstance
and exact nature of the attack it'll vary.
If you mean the target appears to be random, then you're probably just
very very unlucky 
Attacks of this size are normally aimed at large IRC servers or large /
popular websites.
Is that all?
Try hosting an IRC server. You'll get more than this on the
first day.
--msa
"Joseph T. Klein" wrote:
I saw what appears to be a distributed attack against a single IP
address that reached nearly 500Mbs. I was thinking that this is
high. Are people seeing any random attacks of this magnitude?
--
Joseph T. Klein
jtk@titania.net
We have seen attacks of this magnitude on a rise. Most of the attacks
however haven't been spoofed. Spoofing is not really needed when
generating an attack of this size from possibly thousands of machines,
especially when targeting only a single IP. The ability to track such
a large attack with so many sources is fairly slim. When seeing so many
random sources I wouldn't immediately assume it's spoofed.