Re: Firewall - DROP or DENY
On Mon, Apr 15, 2002 at 05:50:46PM +0200, Jan-Hendrik Palic wrote:
> Hi ..
>
> On Mon, Apr 15, 2002 at 04:05:51PM +0200, Jan Arne Fagertun wrote:
> >> Is there really
> >> any significant benefit to using DROP vs DENY, other than costing
> >> potential attackers more time?
> >If you DENY you tell potential attackers "Yes, I'm here, but I (try to)
> >deny you access", and he/she may try harder. If you DROP the attacker
> >don't even know you are there, and there is no reason to try harder...
>
> But dropping the packages will erase your traffic.
> If you reject with host unreachable, you will get the same effect with
> the less traffic...
Yes, but you might trick legal clients into thinking that your
server is completely unreachable, thus make it impossible for them
to connect to you at all.
--
Ciao, Arne.
-o)
GPG 1024D/913C2F81 2000-10-11 Arne P. Boettger <apb@createx.de> /\\
Fingerprint = 6ED9 9A64 CD8A EB6F D841 0391 2F08 8F86 913C 2F81 _\_V
--
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: