Hosting Provided By

Re: Iptables Clues and Advices.

From: Anduine Crow <anduine(at)hotmail.com>
Date: Fri Apr 11 2003 - 07:29:49 EDT

Vic Ricker <vic@sheetz.com> said:

>While I personally use DROP, I can see instances where it might not be

I agree with that, I do use REJECT for 113, I discovered that real early on when smtp connections would take a long time to be established. Once you get some firewalling experience, it dosen't take long to determine which ports should be REJECTed or DROPped.

I only posted to this thread because I didn't agree, as someone was alluding to, that DROP was a bad practice and harmful to *legitimate* users. It all depends on your decisions and what you are comfortable with. DROP has it's uses as does REJECT.

This debate is starting to remind me of the "Tomato, tomato" thing...

Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail

Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection.
http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you.

Received on Mon Apr 14 14:41:09 2003

This message: [ Message body ]
Next message: Fred W. Noltie Jr.: "Re: Don't BOUNCE the list!"
Previous message: Michael Cunningham: "RE: security cert"
Maybe in reply to: Nahual Guerrero: "Iptables Clues and Advices."
In reply to Vic Ricker: "Re: Iptables Clues and Advices."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:04:03 EDT