Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 700 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

drop or deny?

micio
Drop or deny,what form is better to stealth 
the ports under a PSD (Ident port for example)?
ASL 2.023
thankyou in advance for replay

[ 13 April 2002: Message edited by: micio ]



This thread was automatically locked due to age.
  • 0
    If you are wanting a full "stealth" approach drop is better.  Deny returns a message stating that access was denied, similar to the http error 403, whereas drop just ignores it and the message just gets ignored and no reply is sent back as if the machine does not exist.   [:)]e.
  • 0 in reply to notoriousiroc
    micio,

    doesn't matter if you use DROP or DENY from
    the aspect of being scanned. Because both
    do the same but DENY drops the packets as well
    and logs in addition to the related kernel ogfile.

    Regards
    ollion
Unfiltered HTML