On Wed, 2015-02-04 at 17:50 -0700, Warren Young wrote:
> > On Feb 4, 2015, at 5:43 PM, Warren Young <wyml@xxxxxxxxxxx> wrote:
> >
> > SSH as shipped on CentOS doesn’t allow 1,000 guesses per second, as this calculator assumes
>
> Hmm, just thought of a counterattack:
>
> If CentOS’s SSH currently allows 10 guesses per minute *per IP*, all you need to do to get 1,000 guesses per second is to rent time on a 6,000 machine botnet.
Rent ? That costs money. Just crack open some Windoze machines and do
it for free. That is what many hackers do.
Is this safe enough ?
wac4140SoeTer'#621strAAt0918;@@
Online Attack Scenario: (Assuming one thousand guesses per second) 7.26
hundred million trillion trillion trillion centuries
Offline Fast Attack Scenario: (Assuming one hundred billion guesses per
second) 7.26 trillion trillion trillion centuries
Massive Cracking Array Scenario: (Assuming one hundred trillion guesses
per second) 7.26 billion trillion trillion centuries
They've obviously got slow processors.
--
Regards,
Paul.
England, EU. Je suis Charlie.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
