On Wed, 2015-02-04 at 17:50 -0700, Warren Young wrote:
On Feb 4, 2015, at 5:43 PM, Warren Young wyml@etr-usa.com wrote:
SSH as shipped on CentOS doesn’t allow 1,000 guesses per second, as this calculator assumes
Hmm, just thought of a counterattack:
If CentOS’s SSH currently allows 10 guesses per minute *per IP*, all you need to do to get 1,000 guesses per second is to rent time on a 6,000 machine botnet.
Rent ? That costs money. Just crack open some Windoze machines and do it for free. That is what many hackers do.
Is this safe enough ?
wac4140SoeTer'#621strAAt0918;@@
Online Attack Scenario: (Assuming one thousand guesses per second) 7.26 hundred million trillion trillion trillion centuries
Offline Fast Attack Scenario: (Assuming one hundred billion guesses per second) 7.26 trillion trillion trillion centuries
Massive Cracking Array Scenario: (Assuming one hundred trillion guesses per second) 7.26 billion trillion trillion centuries
They've obviously got slow processors.