Thanks everyone for your input. I'll add this to the agenda at our next
meeting as discussion points.
Cheers!
NR
From: [email protected]
To: [email protected]
Subject: Drop or rst?
Date: Wed, 7 Oct 2009 09:39:07 -0700
Hi Everyone,
I'm currently in a discussion about our current ruleset for iptables. Whether
to be RFC compliant and issue a RST to those scanning/connecting to undesired
ports or to drop the packet completely. By sending a rst back to the host
aren't we letting the srcIP know that the traffic successfully arrived to the
host without being intercepted by a network appliance (i.e. IDS/IPS, firewall,
etc)?
As far as I can tell this seems to be more of a discussion on one's own
security posture preference. Any feedback is appreciated.
Cheers!
NR
Hotmail: Powerful Free email with security by Microsoft. Get it now.
_________________________________________________________________
Hotmail: Trusted email with Microsoft’s powerful SPAM protection.
http://clk.atdmt.com/GBL/go/177141664/direct/01/_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
