-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 1 Dec 2002 15:18:32 -0800 (PST), David Durst wrote: > > Uhm, either I don't understand this bit above or please explain > > where you see a difference between DROP and what you call a > > "REDIRECT to VAPOR". > > do some experimentation w/ REDIRECT & MIRROR This reply of yours is silly and increases the troll factor a good bit. Instead of simply dropping packets, I do not want to redirect or retransmit packets, especially not with an experimental demonstration target. Since you wrote > Here is the insecurity of a basic DROP all that I see, many > administrators feel in sufficent to just DROP the packet. Welll > guess what if you drop the packet it still comes up in different > types of port scans hence a REDIRECT to VAPOR wouldn't return > anything and it would also irritate the hell out of those port > scanning your machine :), yes you could achieve the desired affect > w/ a default DROP - both ways are possible to produce good FW's. I'd like you to elaborate on the deficiencies of DROP and explain what exactly what you mean a "REDIRECT to VAPOR" and how it looks in command-line language. Else I consider this thread closed. - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) iD8DBQE96zbC0iMVcrivHFQRAouaAJ9GzprvPt1hzo64A27GjnjKkJJcOgCdFUO8 aET+DO5js3t2tkeQ4l8R7Pw= =uPoY -----END PGP SIGNATURE----- -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
