[plug] firewalling ssh
adrian at creative.net.au
Tue Jan 9 16:21:44 WST 2007
On Tue, Jan 09, 2007, Adrian Woodley wrote:
> That is pretty unlikely on a domestic DSL connection. My personal server is on a 3Mbit link and I still don't see that as being a problem. Maybe on 100Mbit or even 10Mbit (doubtful).
3mbit's plenty of bandwidth!
Thats 2000-odd pps at 1500 byte frames. Gross over-simplication here:
* tcp handshake: 3 frames
* ssh negotation, maybe a dozen?
* password attempts, maybe half a dozen?
* and a handful of acks.
So 20 odd frames for an SSH exchange, maybe? You could probably do a
good hundred or so password attempts a second at the very least on 3mbit.
Assuming each failure generates 2 50-character log entries, at 100
attempts a second you're looking at 10k of logs a second. Extrapolate. :)
(Now, thats reasonably unlikely as you'd -notice- 100 ssh attempts a sec; but
even 2 attempts a sec is doable. Thats what, ~ 16 megabytes of logs an hour?)
More information about the plug