Mailinglist Archive: opensuse-security (192 mails)

< Previous Next >
Re: [suse-security] IPChains
  • From: Daniel Etter <daniel.etter@xxxxxxxx>
  • Date: Sun, 28 May 2000 17:25:54 +0200 (MEST)
  • Message-id: <XFMail.000528172554.daniel.etter@xxxxxxxx>

Am 28-May-00 um toeggelte Steffen Dettmer:
> Why should this happen? I would assume, that kids would think
> they hit a machine that is currently down or unused IP/DNS Name.
> I usually don't use packet deny but reject.

I prever deny over reject. Deny is like a down machine,
giving the attacker no info, and let him wait longer,
and produces less ICMP-traffic.

> Since all packets
> become rejected, and ICMPs become generated, I cannot imagine
> what could attract some kids or whoever. They see a firewall
> only, not more.

Yeah, they see it with reject, with deny they could only assume.
-----------------------------------------------------------------------
Daniel Etter | http://www.etter.ch/~daniel | Tel. : +41 1 884 75 01
Ringstrasse 2 | | Fax : +41 1 884 62 50
8107 Buchs ZH | mailto:Daniel.Etter@xxxxxxxx | Natel: +41 79 354 93 75


< Previous Next >
References