Re: Am I ready for the internet?

[Arnt Karlsen <arnt@c2i.net>]

On Fri, 19 Sep 2003 18:50:49 +0100, 
"Chris Wilcox" <not_rich_yet@hotmail.com> wrote in message 
<[🔎] Law10-F51wAkJyiPhYN00010efc@hotmail.com>:

> 
> >In linux.debian.user, Jimmy Johansson <jimmy@update.uu.se> wrote:
> >
> > >  I have set up Iptables so that I reject
> > >  all incomming traffic, except the traffic I have requested,
> > >  because I don't need incomming SSH or anything like that.
> >
> >While I believe it breaks something, if you're not serving the
> >internet, I'd drop incoming traffic as opposed to rejecting it, that
> >way you are stealth.
> 
> I agree, rejecting packets lets people know you are there, dropping
> packets means no-one knows you're there.. eg if they ping your IP and
> you reject the packet the pinger knows you're there otherwise the
> packet couldn't be rejected.  If you drop the packet the pinger will
> just see a timeout and is more likely to think the IP isn't in use.

..bull, cracker _sees_ the drops, as: "aaaah, another 
wannabe who's _hiding_ something, lezzee...".  

..these wannabe's are usually litterate enough to read "good" 
advice for their eXpensively Piped Wintendo XP's. 

-- 
..med vennlig hilsen = with Kind Regards from Arnt... ;-)
...with a number of polar bear hunters in his ancestry...
  Scenarios always come in sets of three: 
  best case, worst case, and just in case.