On Sat, 17 Feb 2001, SoloCDM wrote:
> Why the story? Ipchains has reject and from all appearances it allows
> the worm, as it so happened long ago, into the system. Deny doesn't
> seem to entertain any thought of accepting anything. In fact, it
> seems to baffle bad or good systems into not knowing what to do. I
> think that's far better, then allowing any hints.
REJECT is simply that, it REJECTs the packet entirely.
The only difference between REJECT and DENY is that REJECT will send the
attacker an icmp-port-unreachable message, basically they get a response
that your host is not listening on that port.
thornton
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
