[plug] firewalling ssh

Adrian Chadd adrian at creative.net.au
Tue Jan 9 16:24:16 WST 2007

On Tue, Jan 09, 2007, Adrian Chadd wrote:
> On Tue, Jan 09, 2007, Adrian Woodley wrote:
> > That is pretty unlikely on a domestic DSL connection. My personal server is on a 3Mbit link and I still don't see that as being a problem. Maybe on 100Mbit or even 10Mbit (doubtful). 
> 3mbit's plenty of bandwidth!
> Thats 2000-odd pps at 1500 byte frames. Gross over-simplication here:

I suck! And to think I just passed my CCNA.

Anyway, thats 128kbytes/sec * 3; so 384kbytes/sec / 1500 byte frames = 262
frames a second.

Still, very easy to fill megabytes of logfiles an hour..

> So 20 odd frames for an SSH exchange, maybe? You could probably do a
> good hundred or so password attempts a second at the very least on 3mbit.
> Assuming each failure generates 2 50-character log entries, at 100
> attempts a second you're looking at 10k of logs a second. Extrapolate. :)
> (Now, thats reasonably unlikely as you'd -notice- 100 ssh attempts a sec; but
> even 2 attempts a sec is doable. Thats what, ~ 16 megabytes of logs an hour?)

More information about the plug mailing list