Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: ip..firewall

  1. April 12th, 2003, 08:06 PM #11
    ShagDevil
    ShagDevil is offline
    Some Assembly Required ShagDevil's Avatar
    Join Date
    Nov 2002
    Location
    SC
    Posts
    718
    I found an article on this topic, maybe this will help clear some issues up.
    Reject vs Deny (Firewalling)

    Also, quick question. If you set your firewall to Reject certain incoming packets/IP addresses, but have all your ICMP traffic blocked(incoming and outgoing), what exactly happens?
    The object of war is not to die for your country but to make the other bastard die for his - George Patton
    Reply With Quote Reply With Quote
  2. April 13th, 2003, 12:19 AM #12
    Networker
    Networker is offline
    Senior Member
    Join Date
    Nov 2002
    Posts
    382
    ShagDevil,
    what I know for sure is that iptables (for linux) offers to reply ICMP unreachable to undesirable ICMP probes. I think that doing this you'll not divulgate any information to the source, but you'll reply instantaneously to the probe and therefore give the opportunity to the scanner to be more confortable in the sense that it will not wait for timer to expire!
    [shadow] SHARING KNOWLEDGE[/shadow]
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules