If the default is that iptables to reject all packets that cannot not be deall with any of the previous rules, why would somemone use the last rule?? am I missing something??
It explicitly tells the remote computer that they're not *allowed* to communicate with that host - as opposed to just dropping the packets (pretending you're a black hole), or rejecting the packets with "host unreachable" or "port unreachable". These two options imply that the remote host is *allowed* to try connecting, but there's just nothing there.
The administrator at the other end would likely act different ways in these circumstances. Upon noticing that there are many "host unreachable" messages coming through, the administrator would take the, "leave it alone and try again" stance - since the assumption would be that something is broken. "host prohibited" messages explicitly state to the administrator that everything is working just as it should be, and that communication with that host is simply not allowed.
