Thursday, February 16, 2012

如何測試SSH Server可接受的未經授權的最大連線數?

寫了一個簡單的script如下,去做測試然而目前只支援Class C,可以改善的空間應該還不少。
#!/bin/bash

# Bind IP
read -p "Which interface? [eth0]: " INTERFACE
read -p "Net address: [10.10.10] " NETIP
read -p "Min IP address: [1] " MiIP
read -p "Max IP address:[254] " MaIP

for((i="$MiIP";i<="$MaIP";i++))
do
ip addr add "$NETIP"."$i"/24 dev $INTERFACE 1>/dev/null 2>1
done
echo ""

# Start to test
read -p "Target: [10.10.10.10] " TARGET
i=$MiIP
num=1

echo ""
echo "Preparing for test target: $TARGET"
sleep 5

while true;
do
ssh admin@$TARGET -o StrictHostKeyChecking=no -b "$NETIP"."$i" 1>/dev/null 2>1 &
sleep 1
netstat -an | grep 22 | grep ESTABLISHED | grep "\<$NETIP"."$i\>"
if [ `echo $?` -ne 0 ]; then
num=$(($num-1))
echo "The maximum SSH session of $TARGET is $num"
kill `ps aux | grep "\<22\>" | grep -v grep | grep -v ssh-agent | awk -F" " '{print $2}'` > /dev/null
break
else
echo "SSH session number $num is established!"
i=$(($i+1))
num=$(($num+1))
fi
done

exit



No comments: