Firewall Wizards mailing list archives
NAK dropped SYN-packets to sender?
From: "Frank Heinzius" <frimp () mms de>
Date: Mon, 9 Aug 1999 09:47:30 +0200
Hi wiz´, our Firewall normally silently drops unauthorized packets from the Internet. It it also possible to send back an ICMP unrechable to the originator. Both methods have their advantage: silent dropping gives you an additional kinda "security by obscurity" level. The disadvantage is that TCP stacks from the originator will do a couple of retransmits due to the timeouts. If I sent ICMP unreachable, the attacker knows that there is a firewall mechanism which make port scans very fast (if based on SYN-ACK). On the other hand, I don´t have to deal with retransmits. What is the common and/or most recommended way? Kind Regards / Mit freundlichen Gruessen, -- Frank M. Heinzius MMS Communication AG mailto:frimp () mms de Eiffestrasse 598 http://www.mms.de 20537 Hamburg, Germany Phone: +49 40 211105-40 Fax: +49 40 210 32 210 -- spam forbidden -- -- PGP key available --
Current thread:
- NAK dropped SYN-packets to sender? Frank Heinzius (Aug 09)
- Re: NAK dropped SYN-packets to sender? Perry E. Metzger (Aug 10)
- Re: NAK dropped SYN-packets to sender? Frank Heinzius (Aug 10)
- Re: NAK dropped SYN-packets to sender? Matt Curtin (Aug 10)
- Re: NAK dropped SYN-packets to sender? Perry E. Metzger (Aug 10)