DROP or REJECT?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "netfilter" <netfilter@xxxxxxxxxxxxxxxxxxx>
Subject: DROP or REJECT?
From: "Michael D. Berger" <m.d.berger@xxxxxxxx>
Date: Sun, 20 Nov 2005 13:33:45 -0500
Importance: Normal
Sender: netfilter-bounces@xxxxxxxxxxxxxxxxxxx

For blocking various attacks on ports 22 and 80,
I have been using:
   -j REJECT --reject-with icmp-host-unreachable
To minimize future attempts, is this best, or is
there a better idea, such as DROP?
Thanks for your advice,
Mike.
--
Michael D. Berger
m.d.berger@xxxxxxxx

Follow-Ups:
- Re: DROP or REJECT?
  - From: /dev/rob0
- Re: DROP or REJECT?
  - From: Daniel

Prev by Date: Re: Why would certain packets not reach nat PREROUTING chain?
Next by Date: Re: DROP or REJECT?
Previous by thread: outbound policy for tcp 80
Next by thread: Re: DROP or REJECT?
Index(es):
- Date
- Thread

[Index of Archives] [Linux Netfilter Development] [Linux Kernel Networking Development] [Netem] [Berkeley Packet Filter] [Linux Kernel Development] [Advanced Routing & Traffice Control] [Bugtraq]

Powered by Linux