On Sat, 30 Oct 2004 18:16, Leonardo Boselli <[EMAIL PROTECTED]> wrote: > On some machine for which i can edvice but do not have final decision > there sare some non-exixtent services.
If you block with tcp-reset then not only will the person connecting get a fast response, but someone who port scans you won't know which ports don't have anything listening on them and which ports are blocked by iptables. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
