Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Iptables Clues and Advices.

From: "Steve Bremer" <steveb () nebcoinc com>
Date: Wed, 09 Apr 2003 08:10:26 -0500
Hi,


For all the folks who illusion that DROP is more secure than REJECT, I
submit the following:

http://www.chiark.greenend.org.uk/~peterb/network/drop-vs-reject


I'm not agreeing or disagreeing with you right now, but I don't think 
I'd use this as proof that REJECT is a better option than DROP.  I 
think the statements made on that web page need to be backed up 
with some examples and proof.  Anyone can theorize what some 
scanners can and can't do and how they would react to certain 
firewall filtering rules.

Steve

-------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-security-basics2
Download your free fully functional trial, complete with 30-days of free technical support.
Stop SPAM before it stops you.
-------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: