Firewall - DROP or DENY

To: debian-firewall <debian-firewall@lists.debian.org>
Subject: Firewall - DROP or DENY
From: Nick Busigin <nick@xwing.org>
Date: Mon, 15 Apr 2002 09:04:00 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.3.96.1020415085856.24810A-100000@xwing.xwing.org>

What is the best policy for rules that respond to probes, DROP or DENY?

Dropping packets increases the cost of doing probes as it takes longer
to probe a machine.  On the other hand, DENY is probably more "friendly"
to legitimate (no-evil-intended) connection requests.   Is there really
any significant benefit to using DROP vs DENY, other than costing
potential attackers more time?

                                         Nick

--------------------------------------------------------------------------
Nick Busigin  ...Sent from my Debian/GNU Linux Machine...   nick@xwing.org

To obtain my pgp public key, email me with the subject: "get pgp-key"
--------------------------------------------------------------------------


-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Prev by Date: Re: Stopping people finding out uptime?
Next by Date: Manage Iptables rules
Previous by thread: RE: Stopping people finding out uptime?
Next by thread: RE: Firewall - DROP or DENY
Index(es):
- Date
- Thread