Re: rate limiting sshd connections ?
From: Patrick Proniewski (patpro_at_patpro.net)
Date: 05/11/04
- Previous message: Roger Marquis: "Re: rate limiting sshd connections ?"
- In reply to: Roger Marquis: "Re: rate limiting sshd connections ?"
- Next in thread: Roger Marquis: "Re: rate limiting sshd connections ?"
- Reply: Roger Marquis: "Re: rate limiting sshd connections ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 11 May 2004 22:37:06 +0200 To: Roger Marquis <marquis@roble.com>
On 11 mai 2004, at 22:27, Roger Marquis wrote:
> "slimmy baddog" wrote:
>> I would strognly suggest that you dont use inetd for running services
>> but
>> running all your services as daemons wich is much faster for the
>> system
>> and safer.
>
> That used to be the recommendation, back when 50MHz CPUs were the
> norm. With 1 GHz and faster CPUs the difference between sshd and
> inetd starting a child sshd is in the millisecond range i.e, impossible
> to distinguish by look and feel.
in fact, I've seen an Apple XServe (two G4 1GHz processors) running
MacOS
X Server beeing DOSed by a remote Nagios probe testing it's sshd once
per
minute. On OSX, sshd runs from xinetd. The box used to need hard reboot
once
a day until the problem was identified and the nagios probe was
disabled.
my 2 cents.
patpro
-- je cherche un poste d'admin-sys Mac/UNIX (ou une jeune et jolie femme riche) http://patpro.net/cv.php _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Roger Marquis: "Re: rate limiting sshd connections ?"
- In reply to: Roger Marquis: "Re: rate limiting sshd connections ?"
- Next in thread: Roger Marquis: "Re: rate limiting sshd connections ?"
- Reply: Roger Marquis: "Re: rate limiting sshd connections ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
