[ale] iptables: DROP vs. REJECT --reject-with tcp-reset
Mike Millson
mgm at atsga.com
Tue Apr 2 10:43:53 EST 2002
Right now my iptables firewall is set up to DROP all undesirable TCP
packets. However, I have read that DROP can be a giveaway that you are
running a firewall. Is it better to try to look like you don't have a
firewall and use REJECT --reject-with tcp-reset? What are good scenarios to
use REJECT --reject-with tcp-reset?
Thank you,
Mike
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list