> Why is that better for security? Well, I don't pretend that's better for security. In fact, it would be more difficult for a scanner to find a port really open among all other falsely open. If I drop or reject the SYN msg on those ports the scanner will deduce they are filtred or closed and it will see the real open ports. However, if it sees all the ports open, it has to test more accurately the ports for finding a real open one.
