Greetings, I'm sure that my question has a simple answer, but only recently have I begun to play with iptables. Can anyone please describe why it is necessary to specifically block each known attack. From what I have read a default INPUT policy of DENY should drop anything that was not specifically allowed. Almost all the firewall scripts I have seen so far include these extra rules, but I can't wrap my head around it. Thanx, steve