I have always liked "drop". On Fri, Apr 21, 2017 at 6:05 PM, Cryptomonkeys.org <[email protected] > wrote:
> Typically, connections come from unprivileged ports. The destination is a > mixed bag. Some services run on privileged ports, some done. Web and mail > are examples of things that run on privileged ports. Databases (mysql 3306, > postgresql 5432) are examples of things that don’t run on privileged ports. > > Best practice is to either block or drop connections to ports where you > aren’t running services. The choice is yours. The difference is that block > sends a communication back to the sender letting them know communication is > prohibited, drop does not do this. > > > > On Apr 21, 2017, at 7:02 PM, Michael Christopher Robinson < > [email protected]> wrote: > > > > I'm getting a lot of probes from unprivileged TCP ports to unprivileged > > TCP ports on my Internet connected server. No connections, but I'm > > wondering if I should just reject these? Same for UDP. What protocols > > might I use that would require connection in the unprivileged port > > range for both client and server? I'm not running ftp on this server. > > _______________________________________________ > > PLUG mailing list > > [email protected] > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > -- > Louis Kowolowski [email protected] > Cryptomonkeys: > http://www.cryptomonkeys.com/ > > Making life more interesting for people since 1977 > > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug > -- Chuck Hast -- KP4DJT -- Glass, five thousand years of history and getting better. The only container material that the USDA gives blanket approval on. _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
