In linux.debian.user, Jimmy Johansson <jimmy@update.uu.se> wrote: > I have set up Iptables so that I reject > all incomming traffic, except the traffic I have requested, because I > don't need incomming SSH or anything like that. While I believe it breaks something, if you're not serving the internet, I'd drop incoming traffic as opposed to rejecting it, that way you are stealth.
I agree, rejecting packets lets people know you are there, dropping packets means no-one knows you're there.. eg if they ping your IP and you reject the packet the pinger knows you're there otherwise the packet couldn't be rejected. If you drop the packet the pinger will just see a timeout and is more likely to think the IP isn't in use.
Regards, nry _________________________________________________________________ Get Hotmail on your mobile phone http://www.msn.co.uk/msnmobile