Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
When an exploit is found and everybody use reject more computers can be
scanned for the exploitable program/service in the same time... I don't
see why we should make it easy for the script kids...
I want to use pf for my gentoo box as for my openbsd box :(
> -----Original Message-----
> From: Oliver Schad [mailto:o.schad@...]
> Sent: den 8 januari 2004 15:25
> To: gentoo-security@g.o
> Subject: Re: [gentoo-security] firewall suggestions?
>
> Am Donnerstag, 8. Januar 2004 15:16 schrieb mir Thomas T. Veldhouse:
> > Oliver Schad wrote:
> > > That's right. But no answer means there is somebody who doesn't
> > > answer. Only if the last router before the target says "Hey, there is
> > > nobody", then there is nobody (or there is an really intelligent guy,
> > > that wants to hide his host).
> > >
> > > To hide a host is always very stupid, why should you do this? There
> > > is no advantage. If you "hide" your computer an attacker knows there
> > > is an stupid guy who doesn't know anything about network security.
> > >
> > > mfg
> > > Oli
> >
> > One reason ... it slows down various scans.
>
> Not really. And why should a network scan be dangerous? Security by
> obscurity doesn't work. You can scan a well configured host all day long,
> who cares?
>
> mfg
> Oli
>
> --
> gentoo-security@g.o mailing list
--
gentoo-security@g.o mailing list
|
|
