Gentoo Archives: gentoo-security

From: Frank Gruellich <frank@××××××××××××.org>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] firewall suggestions?
Date: Thu, 08 Jan 2004 14:49:59
Message-Id: 20040108143757.GE4413@home.manuelm.org
In Reply to: Re: [gentoo-security] firewall suggestions? by "Thomas T. Veldhouse"
* Thomas T. Veldhouse <veldy@×××××.net>  8. Jan 04
> Oliver Schad wrote: > > [DROP or REJECT] > One reason ... it slows down various scans.
No, it doesn't. It would, if $scanner sends one SYN and wait for the answer to it. In fact it sends you SYNs to all your ports at once and collects answers (or not) in parallel. You extend the scan time for one timeout (which is nothing (~3min?) against the time to send all requests). Don't do that, regards, Frank. -- Sigmentation fault -- gentoo-security@g.o mailing list