How does the ProxySG appliance handle a DDOS attack using SSH?


Article ID: 168324


Updated On:


ProxySG Software - SGOS


An attack or DDOS attack using SSH on the proxy will cause usage of memory to be increased until appliance resources are exhausted. 


Each access attempt to SSH on the appliance will cause the SSH component to use memory. A single SSH session uses very little memory on the appliance, however, but multiple SSH attempts like DDOS could cause an issue as mentioned above. When resources are exhausted, the appliance enters a mode known as memory regulation. At this point, the appliance will not accept further connections on any port until memory is freed up by the existing connections terminating naturally.


There should be another appliance like a firewall or an IPS that filters the internet traffic before it reached the proxy and could prevent DDOS attack.


Please refer to the Resolution above.