Hi ... On Mon, Apr 15, 2002 at 06:05:52PM +0200, Arne P. Boettger wrote: >> On Mon, Apr 15, 2002 at 04:05:51PM +0200, Jan Arne Fagertun wrote: >> >> Is there really >> >> any significant benefit to using DROP vs DENY, other than costing >> >> potential attackers more time? >> >If you DENY you tell potential attackers "Yes, I'm here, but I (try to) >> >deny you access", and he/she may try harder. If you DROP the attacker >> >don't even know you are there, and there is no reason to try harder... >> But dropping the packages will erase your traffic. >> If you reject with host unreachable, you will get the same effect with >> the less traffic... >Yes, but you might trick legal clients into thinking that your >server is completely unreachable, thus make it impossible for them >to connect to you at all. This will only work, if you have an passive server, like a masq-router. If you have a webserver/mailserver ... then you can see, that there is a server by using nmap. You are not invisible then. Regards Jan -- One time, you all will be emulated by linux! ---- Jan- Hendrik Palic Url:"http://www.billgotchy.de" E-Mail: "palic@billgotchy.de" -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS d- s: a-- C++ UL++ P+++ L+++ E W++ N+ o+ K- w--- O- M- V- PS++ PE Y+ PGP++ t--- 5- X+++ R-- tv- b++ DI-- D+++ G+++ e+++ h+ r++ z+ ------END GEEK CODE BLOCK------
Attachment:
pgpCMyajBk2fy.pgp
Description: PGP signature