Re: cisco ssh rate limit

["David Swafford" <dswafford () alterhighschool org>]

Hi Hermit921,

Have you thought about using an access control list instead for the ssh connection?  I am not deeply familiar with the 
PIX yet but I know on Cisco routers you can setup an access list that defines what source IPs are allowed to telnet 
into the box.  I'm thinking functionality like this would be something that you might find on the PIX for ssh.  On IOS 
routers it is configured slightly differently than a standard access list in that you configure it at the virtual 
interface I believe.  I'm thinking that you might cause yourself some problems by limited the attempts as this might 
prevent you from accessing the box.

Anyone else have any thoughts on this?



____________________________________________________
 
David A. Swafford
Archbishop Alter High School
Information Technology Team, Network Engineer
 
A Cisco CCNA and a CompTIA Network+ and Security+ Certified Professional


> > > hermit921 () yahoo com 5/26/2006 11:07 am >>>
Can we set our PIX firewall to limit the rate at which ssh connection 
attempts are allowed?  I would like to set it so that ssh is limited to 2 
connections per minute for any source/destination pair.  Does this cause 
much impact on the PIX?

hermit921


_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com 
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards