El dom, 06 de 02 de 2005 a las 22:03, Jason Opperisano escribiÃ: > Ron has an excellent point here about IDENT. a "good Internet citizen" > thing to do when running a mail server is to reject ident instead of > dropping it: > > iptables -A INPUT -p tcp --syn --dport 113 \ > -j REJECT --reject-with tcp-reset Isn't it advisable for every tcp port you want to block? I have some documentation that says that doing otherwise it's even bad for your network communications. Regards. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@xxxxxxxxx bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÃA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road"
