This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new!

Re:Measuring security in bits...

Posted by: Anonymous Coward on October 05, 2004 06:11 PM
Forget calculating the time for a brute force. Just look at the traffic volume:

An empty TCP packet is 40 bytes. I need 8 of those to try one key -> 360 bytes/key. Testing the 2^39 combinations takes thus 180 Terabyte.

The actual number might be less as one can use overlapping keys for efficiency, but there is still an lower bound on one 40 Bytes/key, meaning 20 TB for a 50% chance.

That DoS would worry me a lot more than the chance of hitting my knock key.<nobr> <wbr></nobr>/ol


Return to A critique of port knocking