NTP, ntpdate, and ISP-based firewall
Rodolfo J. Paiz
rpaiz at simpaticus.com
Fri Mar 5 19:29:55 UTC 2004
At 18:09 3/4/2004, you wrote:
>It doesn't make me more of a target to return 'ICMP prohibited' packets in
>reply to probes at prohibited ports. On the contrary it probably makes me
>less of a target because I clearly have active security measures in place.
Disagree. To most crackers, it makes you more interesting. And not
answering anything, as Joanne said, will reduce by a large amount the
number of people who take the time to decide that the silent host is worth
probing further. Also read my "Real-time blocking with Portsentry" note for
how to use portsentry, iptables, and a simple shell script to totally
banish offenders from your system.
--
Rodolfo J. Paiz
rpaiz at simpaticus.com
http://www.simpaticus.com
More information about the fedora-list
mailing list