Security Basics mailing list archives
Re: Iptables Clues and Advices.
From: "Chris Berry" <compjma () hotmail com>
Date: Wed, 09 Apr 2003 11:01:43 -0700
Jason Dixon wrote:For all the folks who illusion that DROP is more secure than REJECT, I submit the following: http://www.chiark.greenend.org.uk/~peterb/network/drop-vs-rejectFrom: "Bryan S. Sampsel" <bsampsel () libertyactivist org>The flip side is that the person performing scans ties up more of HIS resources, slowing down his progress.Sorry, I'll stick to DROP.
I have to agree, security isn't any one thing, it's a combination of factors, and this is one more thing to make the bad guys job a little harder. The main argument of the document seems to be that users may suffer from poor application performance when they're doing something they're not supposed to, which in my book is not a problem at all.
Chris Berry compjma () hotmail com Systems Administrator JM Associates"Without change, something sleeps inside us, and seldom awakens. The sleeper must awaken." -- Duke Leto Atreides
_________________________________________________________________Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail
------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. -------------------------------------------------------------------
Current thread:
- Re: Iptables Clues and Advices., (continued)
- Re: Iptables Clues and Advices. Salvatore Poliandro (Apr 10)
- RE: Iptables Clues and Advices. Benjamin Meade (Apr 09)
- Re: Iptables Clues and Advices. Bryan S. Sampsel (Apr 09)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: Iptables Clues and Advices. Bryan S. Sampsel (Apr 10)
- Re: RE: Iptables Clues and Advices. Christian Friedl (Apr 09)
- Re: Iptables Clues and Advices. Julien Royère (Apr 09)
- Re: Iptables Clues and Advices. Jeff Harris (Apr 10)
- DROP vs REJECT Re: Iptables Clues and Advices. Chris Travers (Apr 10)
- VMware & WinXP Firegoblin Postmaster (Apr 12)
- Re: Iptables Clues and Advices. Vic Ricker (Apr 10)