On Tue, Apr 24, 2007 at 06:36:17PM -0400, Chris Smith wrote:
> Hello,
>
> Using openbsd as a firewall in several cases - a few small businesses, and
> also for home use. Some websites, such as grc.com, stress that "stealth mode"
> (which openbsd handles with ease) is the safest. But I've also read that
> using 'return' instead of 'drop' is good netizenship. So I'm wondered how
> others are handling this and what recommendations you might have.
I find 'return' to be easier to work with. The LAN I am primarily
thinking about is both infested with Windows and accessible via VPN -
and the VPN has some Windows clients. Considering the people on said
LAN, who are both sweet and smart but not in general computer-savvy, I'd
be highly surprised if an attacker spent much time on the firewall.
Joachim
--
TFMotD: tftp (1) - trivial file transfer program
