[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Block stupid/annoying sites

On 03-Sep-99 George Bonser wrote:
> There is an additional difference. If someone runs a port scan against a
> machine, anything that is denied will get no response. It will be as if
> there
> is nothing there. If you are rejecting traffic, they will be able to tell
> that
> there is something there that they are not allowed to access. They can
> simply
> adjust their activity from a different location to see if they can gain
> access
> to the rejected service.

That explains why PortSentry uses DENY and not REJECT when it blocks a port
scan or other activity.  :)


Reply to: