[plug] firewalling ssh
Adrian Chadd
adrian at creative.net.au
Tue Jan 9 16:24:16 WST 2007
On Tue, Jan 09, 2007, Adrian Chadd wrote:
> On Tue, Jan 09, 2007, Adrian Woodley wrote:
>
> > That is pretty unlikely on a domestic DSL connection. My personal server is on a 3Mbit link and I still don't see that as being a problem. Maybe on 100Mbit or even 10Mbit (doubtful).
>
> 3mbit's plenty of bandwidth!
>
> Thats 2000-odd pps at 1500 byte frames. Gross over-simplication here:
I suck! And to think I just passed my CCNA.
Anyway, thats 128kbytes/sec * 3; so 384kbytes/sec / 1500 byte frames = 262
frames a second.
Still, very easy to fill megabytes of logfiles an hour..
> So 20 odd frames for an SSH exchange, maybe? You could probably do a
> good hundred or so password attempts a second at the very least on 3mbit.
>
> Assuming each failure generates 2 50-character log entries, at 100
> attempts a second you're looking at 10k of logs a second. Extrapolate. :)
>
> (Now, thats reasonably unlikely as you'd -notice- 100 ssh attempts a sec; but
> even 2 attempts a sec is doable. Thats what, ~ 16 megabytes of logs an hour?)
More information about the plug
mailing list