Re: iptables firewall

To: debian-user@lists.debian.org
Subject: Re: iptables firewall
From: Nemeth Gyorgy <friczy@freemail.hu>
Date: Wed, 30 Jul 2014 20:38:42 +0200
Message-id: <[🔎] 53D93BB2.7020600@freemail.hu>
In-reply-to: <[🔎] 20140730153335.GE14982@playground>
References: <[🔎] 20140730081851.70446356@jretrading.com> <[🔎] 20140730153335.GE14982@playground>

2014-07-30 17:33 keltezéssel, Mike McClain írta:
>> And as someone else asked, why are you worried about this 'stealth'? As
>> long as the bad packets don't get in, what does it matter?
> 
> Why is there a DROP instruction in iptables as well as REJECT?

To allow you to do what you want. e.g DROP can slow down portscans and
if your host does not reply to ping either sometimes it will not be
found by scanners.
> 
> If a hacker gets no response he's less likely to dig further.

REJECT is actually a response :)


-- 
--- Friczy ---
'Death is not a bug, it's a feature'

Reply to:

References:
- Re: iptables firewall
  - From: Joe <joe@jretrading.com>
- Re: iptables firewall
  - From: Mike McClain <mike.junk@nethere.com>

Prev by Date: Re: iptables firewall
Next by Date: Re: iptables firewall
Previous by thread: Re: iptables firewall
Next by thread: Re: iptables firewall
Index(es):
- Date
- Thread