> I will not explain the benefit of dropping packets silently. This is > something we will not change, even if it is only for ident protocol. > The problem deals with public ftp servers, like university or other > research/company and we can't reconfigure them. If we keep in mind that our > firewall will always drop packets silently, there are not a lot of > solutions.
Dropping packets silently on firewalls is always stupid. it makes you more visible than dropping them like a normal host. Why should we add another line of code to encourage such bullshit?
