On Mon, Dec 09, 2002 at 06:00:08PM +0100, Matthias Hentges wrote: > Correct. nmap displays a scanned port as "filtered" even if you DROP the > packet. If you respong to a ping but DROP all port scans it's clear to > all hackers that you have a packetfilter.
And I can still ping you if you drop ping, to tell if you're up. I won't get a reponse at all, instead of the next closest router saying "ICMP Host Unreachable." You've accomplished nothing but break the standard here. -- .''`. Baloo <[EMAIL PROTECTED]> : :' : proud Debian admin and user `. `'` `- Debian - when you have better things to do than to fix a system
msg17909/pgp00000.pgp
Description: PGP signature
