1 |
On Thu, Jan 08, 2004 at 08:16:24AM -0600, Thomas T. Veldhouse wrote: |
2 |
> Oliver Schad wrote: |
3 |
> > |
4 |
> > That's right. But no answer means there is somebody who doesn't |
5 |
> > answer. Only if the last router before the target says "Hey, there is |
6 |
> > nobody", then there is nobody (or there is an really intelligent guy, |
7 |
> > that wants to hide his host). |
8 |
> > |
9 |
> > To hide a host is always very stupid, why should you do this? There |
10 |
> > is no advantage. If you "hide" your computer an attacker knows there |
11 |
> > is an stupid guy who doesn't know anything about network security. |
12 |
> > |
13 |
> > mfg |
14 |
> > Oli |
15 |
> |
16 |
> One reason ... it slows down various scans. |
17 |
|
18 |
Only for very primitive scanners. And it tends to fuck with debugging |
19 |
network problems ("hmm, packets disappear into a black hole, not even a |
20 |
TCP reject, but customer tells me the machine is up and connected ... |
21 |
maybe wrong IP configuration ..."). |
22 |
|
23 |
Using DROP instead of REJECT is almost always a very bad idea and seeing |
24 |
it done usually implies and imcompetent admin. |
25 |
|
26 |
Regards, |
27 |
Alex. |
28 |
-- |
29 |
"Opportunity is missed by most people because it is dressed in overalls and |
30 |
looks like work." -- Thomas A. Edison |
31 |
|
32 |
-- |
33 |
gentoo-security@g.o mailing list |