Am 28-May-00 um toeggelte Steffen Dettmer:
Why should this happen? I would assume, that kids would think they hit a machine that is currently down or unused IP/DNS Name. I usually don't use packet deny but reject.
I prever deny over reject. Deny is like a down machine, giving the attacker no info, and let him wait longer, and produces less ICMP-traffic.
Since all packets become rejected, and ICMPs become generated, I cannot imagine what could attract some kids or whoever. They see a firewall only, not more.
Yeah, they see it with reject, with deny they could only assume. ----------------------------------------------------------------------- Daniel Etter | http://www.etter.ch/~daniel | Tel. : +41 1 884 75 01 Ringstrasse 2 | | Fax : +41 1 884 62 50 8107 Buchs ZH | mailto:Daniel.Etter@etter.ch | Natel: +41 79 354 93 75