> Absolutely. reject sends a msg back to the hacker that there is
> a machine at that address. drop sends nothing back so he'll go
> looking for an easier target
Except that if you contact an IP address where there's no machine, you
may get a "no route to host" error (from the router that finds out
there's no machine at that address), whereas if that machine DROPs, then
you'll get no message, thus indicating that there *is* something there :-)
Stefan