-
December 3rd, 2001, 06:55 AM
#11
Member
imho it is a *very bad idea* to discount the script kid O's. A real hacker may root your box and have a look around or whatever. Script Kiddies are a lot more likely to rm -rf your box or other general mean things. Besides the world is full of lamers and kiddies, and that is reasson enough for me to take their actions/attempts seriously.
-
December 3rd, 2001, 04:48 PM
#12
Petemcevoy said:
There is a chance that i'm being presumptous about your intellectual high ground - i'm in a stinkin mood - if i'm wrong - i apologise.
No apology needed, and no, I wasn't being condescending. It was an honest question, I'm honestly curious as to how other people approach the subject.
psi0nic said:
imho it is a *very bad idea* to discount the script kid O's. A real hacker may root your box and have a look around or whatever. Script Kiddies are a lot more likely to rm -rf your box or other general mean things. Besides the world is full of lamers and kiddies, and that is reasson enough for me to take their actions/attempts seriously.
Don't get me wrong, I'm not discounting them. Indeed, my firewalls rules are set up in a very similar way when it comes to pings, blatant portscans, etc.. I agree that they represent a major percentage (probably 80-90%) of all malicious traffic on the web, and that that alone is why you should do what you can to stop them.
The real question I'm asking here is does drop/deny do anything more than reject does?
I mean, to a point I think a script kiddie would see a drop/deny response and think nothing's there, but a real cracker/hacker could tell that there's a PC there based on the response (or lack thereof).
REJECT, on the other hand, will tell you that there's definitely a PC there, but that the port isn't open.
From a strict networking point of view, it's better to simply reject packets than to drop/deny them, but drop/deny will delay a portscan.
It's a fairly trade-offish issue, which is why I'm curious as to what you guys think.
Chris Shepherd
The Nelson-Shepherd cutoff: The point at which you realise someone is an idiot while trying to help them.
\"Well as far as the spelling, I speak fluently both your native languages. Do you even can try spell mine ?\" -- Failed Insult
Is your whole family retarded, or did they just catch it from you?
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|