Gentoo Archives: gentoo-security

From: MA <ma_wm@×××.nu>
To: gentoo-security@l.g.o
Subject: RE: [gentoo-security] firewall suggestions?
Date: Thu, 08 Jan 2004 14:55:47
Message-Id: 22573.213.212.5.230.1073572971.squirrel@mail.ter.nu
When an exploit is found and everybody use reject more computers can be
scanned for the exploitable program/service in the same time... I don't
see why we should make it easy for the script kids...

I want to use pf for my gentoo box as for my openbsd box :(

> -----Original Message----- > From: Oliver Schad [mailto:o.schad@×××.de] > Sent: den 8 januari 2004 15:25 > To: gentoo-security@l.g.o > Subject: Re: [gentoo-security] firewall suggestions? > > Am Donnerstag, 8. Januar 2004 15:16 schrieb mir Thomas T. Veldhouse: > > Oliver Schad wrote: > > > That's right. But no answer means there is somebody who doesn't > > > answer. Only if the last router before the target says "Hey, there is > > > nobody", then there is nobody (or there is an really intelligent guy, > > > that wants to hide his host). > > > > > > To hide a host is always very stupid, why should you do this? There > > > is no advantage. If you "hide" your computer an attacker knows there > > > is an stupid guy who doesn't know anything about network security. > > > > > > mfg > > > Oli > > > > One reason ... it slows down various scans. > > Not really. And why should a network scan be dangerous? Security by > obscurity doesn't work. You can scan a well configured host all day long, > who cares? > > mfg > Oli > > -- > gentoo-security@g.o mailing list
-- gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] firewall suggestions? Andreas Waschbuesch <awaschb@××××.de>
Re: [gentoo-security] firewall suggestions? Oliver Schad <o.schad@×××.de>