RE: [exim] RFC 1413 default on debian

Pàgina inicial
Delete this message
Reply to this message
Autor: David Brodbeck
Data:  
A: exim-users
Assumpte: RE: [exim] RFC 1413 default on debian
> -----Original Message-----
> From: Marc Haber [mailto:mh+exim-users@zugschlus.de]


> For the archive, better let's make it explicitly clear: Rejecting a
> connection attempt does not reveal any more information than dropping
> the connection attempt gives. A "drop" gives an attacker the
> information that something is there. And that it is desperately trying
> to be invisible.


Very true.

If dropping has any benefit, it's that it *greatly* slows down port scans.
But that's a pretty marginal benefit. Unfortunately, a lot of packet
filters don't have the option to reject, or implement it wrong if they do.