From owner-freebsd-security@FreeBSD.ORG Tue May 11 21:08:20 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4F35916A4CE for ; Tue, 11 May 2004 21:08:20 -0700 (PDT) Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 35D7F43D2D for ; Tue, 11 May 2004 21:08:20 -0700 (PDT) (envelope-from marquis@roble.com) Received: from localhost (localhost [127.0.0.1]) by mx5.roble.com (Postfix) with ESMTP id 024F92C6A0; Tue, 11 May 2004 21:08:19 -0700 (PDT) Date: Tue, 11 May 2004 21:08:19 -0700 (PDT) From: Roger Marquis To: freebsd-security@freebsd.org In-Reply-To: References: <20040511190058.A8FC516A4DB@hub.freebsd.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Message-Id: <20040512040819.024F92C6A0@mx5.roble.com> Subject: Re: rate limiting sshd connections ? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 May 2004 04:08:20 -0000 >in fact, I've seen an Apple XServe (two G4 1GHz processors) running >MacOS X Server beeing DOSed by a remote Nagios probe testing it's >sshd once per minute. Once per minute? That's extremely unusual. Do you mean once per second? I've got a Via M9000 that runs at 1GHz and has inetds listening on several IPs that doesn't slow down with multiple simultaneous nmaps. >On OSX, sshd runs from xinetd. Sounds like a configuration issue. -- Roger Marquis Roble Systems Consulting http://www.roble.com/