List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
On Thu, Jan 08, 2004 at 08:16:24AM -0600, Thomas T. Veldhouse wrote:
> Oliver Schad wrote:
> > That's right. But no answer means there is somebody who doesn't
> > answer. Only if the last router before the target says "Hey, there is
> > nobody", then there is nobody (or there is an really intelligent guy,
> > that wants to hide his host).
> > To hide a host is always very stupid, why should you do this? There
> > is no advantage. If you "hide" your computer an attacker knows there
> > is an stupid guy who doesn't know anything about network security.
> > mfg
> > Oli
> One reason ... it slows down various scans.
Only for very primitive scanners. And it tends to fuck with debugging
network problems ("hmm, packets disappear into a black hole, not even a
TCP reject, but customer tells me the machine is up and connected ...
maybe wrong IP configuration ...").
Using DROP instead of REJECT is almost always a very bad idea and seeing
it done usually implies and imcompetent admin.
"Opportunity is missed by most people because it is dressed in overalls and
looks like work." -- Thomas A. Edison
email@example.com mailing list