On Fri, 2005-11-04 at 08:27 -0500, Mitch Wiedemann wrote: > >I dont aggree. Dorpping is not _the best_. > >He has the choice to REJECT or to DROP. It's a bit different. > >I'd vote for REJECTing. > I prefer DROP because it's more stealthy.
Well 50% - 50% now. :-) > But I just did a Google > search about DROP v. REJECT and found this interesting thread: > http://www.linuxforum.com/forums/index.php?showtopic=161991 Well, also take care of the fact the attaquant may be on a dynamic IP address line. At the end, the OP will be balclisting a whole IP range. For a personnal desktop, he should just avoid connecting to the #22 port. For a server, he should strenghten his SSH system and that's all. -- Administration & Formation à l'administration de serveurs dédiés: http://www.google.fr/search?q=aspo+infogerance+serveur
