PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Drop or rst?

From: lostpacket at live.com (Norman Rach)
Date: Thu, 8 Oct 2009 12:42:21 -0700

Thanks everyone for your input.  I'll add this to the agenda at our next meeting as discussion points.

Cheers!
NR

From: lostpacket at live.com
To: pauldotcom at mail.pauldotcom.com
Subject: Drop or rst?
Date: Wed, 7 Oct 2009 09:39:07 -0700








Hi Everyone,

 

I'm currently in a discussion about our current ruleset for iptables.  Whether to be RFC compliant and issue a RST to 
those scanning/connecting to undesired ports or to drop the packet completely.  By sending a rst back to the host 
aren't we letting the srcIP know that the traffic successfully arrived to the host without being intercepted by a 
network appliance (i.e. IDS/IPS, firewall, etc)?

 

As far as I can tell this seems to be more of a discussion on one's own security posture preference.  Any feedback is 
appreciated.

 

Cheers!

NR
                                          
Hotmail: Powerful Free email with security by Microsoft. Get it now.                                      
_________________________________________________________________
Hotmail: Trusted email with Microsoft?s powerful SPAM protection.
http://clk.atdmt.com/GBL/go/177141664/direct/01/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091008/9cd239cb/attachment.htm
Previous By Date Next
Previous By Thread Next

Current thread: