[H-GEN] An iptables question ...
Greg Black
gjb at gbch.net
Thu Sep 19 08:58:28 EDT 2002
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
Robert Brockway wrote:
| In general I'll use DROP but there may still be occassions when REJECT is
| preferable.
Many people work on the basis that DROP is the normal action and
REJECT is used for internal hosts or in situations where it can
help in debugging. For production, as Rob said, the less help
you give the bad guys the better off you are.
Greg
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list