Re: 'mirror' with iptables

To: thomas lakofski <thomas@88.net>, Tim Haynes <debian@stirfried.vegetable.org.uk>
Cc: fadel@ferasoft.com.br, <debian-security@lists.debian.org>
Subject: Re: 'mirror' with iptables
From: Dmitriy Kropivnitskiy <jeld@mindless.com>
Date: Wed, 14 Nov 2001 15:09:28 -0500
Message-id: <[🔎] 200111142009.fAEK9SQ24392@zaphod.tigertesting.com>
Reply-to: jeld@mindless.com
In-reply-to: <[🔎] Pine.LNX.4.40.0111141302580.24807-100000@io.88.net>
References: <[🔎] Pine.LNX.4.40.0111141302580.24807-100000@io.88.net>

On Wednesday 14 November 2001 08:08 am, thomas lakofski wrote:
> On 14 Nov 2001, Tim Haynes wrote:
> > If you want to stop port-scans, use a proper firewall with DENY
> > (ipchains) or DROP (iptables) by default.
>
> how does this stop the scanner from identifying open ports?
>

If you actually drop packets instead of rejecting them your port scanner will 
slow down to a crawl, since it has to wait for timeout on every try.

Reply to:

Follow-Ups:
- Re: 'mirror' with iptables
  - From: Tim Haynes <debian@stirfried.vegetable.org.uk>

References:
- Re: 'mirror' with iptables
  - From: thomas lakofski <thomas@88.net>

Prev by Date: Re: is iptables slow?
Next by Date: Re: 'mirror' with iptables
Previous by thread: Re: 'mirror' with iptables
Next by thread: Re: 'mirror' with iptables
Index(es):
- Date
- Thread