rate limiting sshd connections ?

[Roger Marquis]

Roger Marquis wrote:
> Aside from having more connection limiting features inetd is also
> easier to configure on non-standard ports, uses less memory (1K vs
> 5K), and has a simpler (and by extension more secure) code base.
>
"slimmy baddog" wrote:
> I would strognly suggest that you dont use inetd for running services but
> running all your services as daemons wich is much faster for the system
>and safer.

That used to be the recommendation, back when 50MHz CPUs were the
norm.  With 1 GHz and faster CPUs the difference between sshd and
inetd starting a child sshd is in the millisecond range i.e, impossible
to distinguish by look and feel.

As to security I think both code bases have had about the same
degree of peer review.  The smaller size of the inetd code base
is what makes it more secure.

-- 
Roger Marquis
Roble Systems Consulting
http://www.roble.com/