Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 13 August 2003 14:58, smallm at panix.com wrote: > I'm curious whether using drop or reject as an iptables > target would deal better with traffic from worms like msblast. I > thought perhaps the scans were bogging down my box at home, although > it looks like rcn must have had some kind of problem which they > recently fixed, which may or may not have been related to the worm. I have read that drop is a better bet in terms of defending against an attack: packets sent to the box disappear down a black hole, and the attacker may not be able to ascertain the state of the victim. In terms of cutting down network traffic with respect to msblast, drop sounds like the more appropriate of the two. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/OopusIjNiQTGkXARAjuDAKClRp1DFF1D0dfumNsiMJd1zW0i0wCgsjQj mPTBbeTx5SO9kURFmhYMH7g= =NQ6n -----END PGP SIGNATURE-----
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |