[Techtalk] question around port filtering, etc.
Brian Sweeney
bsweeney at physics.ucsb.edu
Thu Aug 23 12:31:56 EST 2001
> you could just setup a rule that would REJECT tcp packets on port x from
> whatever domain they portscan you from. this would be the 'polite' way to
> show that no service is running on that port (an icmp packet is sent back
> saying there's no service here). you wouldn't want to DROP any of those
> packets because that would be suspicious.
>
>
Didn't see this till after I wrote my response; good point about using
REJECT instead of DROP (which, btw, I think I mispelled as DENY in my
reply).
So, all in all, go with what cold fire. Ignore me. I was dropped too
often as a child I fear...;-)
-Brian
More information about the Techtalk
mailing list