[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How insecure are cable connections, versus dialup?

On Sun, Dec 08, 2002 at 08:15:18PM -0800, Paul Johnson wrote:

> Actually, according to to the RFCs, ports must respond saying they're
> closed or open, not just ignore it.  Hosts must be pingable.  That's
> TCP/IP.

Stealth firewalls are in some cases better.  If you DENY a packet, then
the remote end knows that something answered the request, as it got a
denied response back.  If you DROP the packet the remote end gets
nothing back.

As with any of the RFCs, there comes a point were they need to be
re-examined and updated accordingly.  IIRC, the original configurations
for MTAs suggested routing traffic for anyone (aka open-relay).  With
the rampant abuse of this we now see just the opposite suggested.

-- 
Jamin W. Collins
Reply to: