On Tuesday 04 May 2004 4:55 pm, Oriol Magrané wrote:
> Thank you very much!! It works perfectly!! :-)
>
> And now one last question: from a security point of view, what do you
> think is better; discarding packets with DROP or with REJECT?
I tend to DROP to the outside world (don't let them know there's an
intelligent system dropping their packets - just let them think they fell off
the end of a cable somewhere), and REJECT to my internal users (so they get a
quick response saying "that website cannot be found" or "remote host closed
connection" or whatever, and they don't spend ages waiting for a timeout when
they could be getting on with something more useful).
Regards,
Antony.
--
It is also possible that putting the birds in a laboratory setting
inadvertently renders them relatively incompetent.
- Daniel C Dennet
Please reply to the list;
please don't CC me.
