> A better solution would be for your firewall to
> RESET, rather than DROP the connection. This way
> the remote server tears down it's query, rather than
> waiting for a timeout.
Okay, that sounds reasonable. However, this should be done for all IP
addresses, not just the hosts occupying IP addresses, correct? I'd hate
to see someone use this as a method to map your network...
How is this accomplished with your everyday packet filter?
Dave
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
