Agree with using DROP for bad traffic. IMO, the only time to expend the
effort to REJECT is if you care about the client.
On Fri, Apr 21, 2017, 19:06 Chuck Hast wrote:
> I have always liked "drop".
>
> On Fri, Apr 21, 2017 at 6:05 PM, Cryptomonkeys.org <
>
I have always liked "drop".
On Fri, Apr 21, 2017 at 6:05 PM, Cryptomonkeys.org wrote:
> Typically, connections come from unprivileged ports. The destination is a
> mixed bag. Some services run on privileged ports, some done. Web and mail
> are examples of things that
Typically, connections come from unprivileged ports. The destination is a mixed
bag. Some services run on privileged ports, some done. Web and mail are
examples of things that run on privileged ports. Databases (mysql 3306,
postgresql 5432) are examples of things that don’t run on privileged
I'm getting a lot of probes from unprivileged TCP ports to unprivileged
TCP ports on my Internet connected server. No connections, but I'm
wondering if I should just reject these? Same for UDP. What protocols
might I use that would require connection in the unprivileged port
range for both