Re: Firewall - DROP or DENY
On Mon, Apr 15, 2002 at 04:05:51PM +0200, Jan Arne Fagertun wrote:
>> Is there really
>> any significant benefit to using DROP vs DENY, other than costing
>> potential attackers more time?
>If you DENY you tell potential attackers "Yes, I'm here, but I (try to)
>deny you access", and he/she may try harder. If you DROP the attacker
>don't even know you are there, and there is no reason to try harder...
But dropping the packages will erase your traffic.
If you reject with host unreachable, you will get the same effect with
the less traffic...
One time, you all will be emulated by linux!
Jan- Hendrik Palic
-----BEGIN GEEK CODE BLOCK-----
GCS d- s: a-- C++ UL++ P+++ L+++ E W++ N+ o+ K- w---
O- M- V- PS++ PE Y+ PGP++ t--- 5- X+++ R-- tv- b++ DI-- D+++
G+++ e+++ h+ r++ z+
------END GEEK CODE BLOCK------
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com