[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

ipchains rules: REJECT vs. DENY

Greetings, all,

Just looking for some opinions/feedback from y'all.

I'm responsible for a few servers that are connected to the internet.
They are all running 2.2.19 kernels with ipchains.  Ports are open for
apache, ftp, smtp, ssh and imap, but all others are closed with a policy

I was talking with a friend of mine who said it's better to have a policy
of DENY since that doesn't return any information and if someone is trying
to attack the machine on a closed port, it will take much longer to figure
it out.

Are there any drawbacks to DENY?  Is there a general consensus on this

Thanks in advance for any suggestions. :)


Matthew Thompson       http://mattyt.net
mattyt@oz.net          http://www.oz.net/~mattyt
-For better or worse, you can't change where you're
from or what you've done.  You can only hope to change
who you are and where you're going.  Provided that's
necessary, of course.

Reply to: