>This may be another newbie question, when "dis-allowing" certain packets
>is it better to deny or reject? Why the different actions?
Sounds like Firewall-1? It should be drop and reject, then.
Reject will send an ICMP unreachable, while drop will do nothing.
Here's an "advanced tip" for you. You want to reject ident, but you can
drop just about everything else.
It's a philosophical issues as to which is better. Attackers can get the
same information back, but if you use drop it will take them longer. If
you use reject, they'll find out which ports are open and closed quicker,
but perhaps they'll then go away faster.
Ryan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
