You're better off just DROPping the packet. That way 'they' won't even know there's something there (no reply, nothing). If you REJECT it you will send back an RST packet showing something's there.Originally posted here by g00n
if you happen to use a linujx system to serve and take the time to configure iptables.. even if there is a perimeter firewall, it's always a good idea to firewall the server itself..
you can use the REJECT action in iptables to respond is such a way that it appears that a service isn't even available.. however, some people refrain from REJECT because it can help a DoS attack, by clogging the outbound bandwidth, adding to the total effect.
Another plus on just dropping the packet would be that portscanners will take forever to complete. Lacking any responses the scanner will timeout and maybe try a few times before moving on to the next port. If you send back a RST the scanner immediately knows the port is closed and will try the next one.
Reply With Quote