RE: [exim] RFC 1413 default on debian

Page principale
Supprimer ce message
Répondre à ce message
Auteur: David Brodbeck
Date:  
À: exim-users
Sujet: RE: [exim] RFC 1413 default on debian
> -----Original Message-----
> From: Marc Haber [mailto:mh+exim-users@zugschlus.de]


> For the archive, better let's make it explicitly clear: Rejecting a
> connection attempt does not reveal any more information than dropping
> the connection attempt gives. A "drop" gives an attacker the
> information that something is there. And that it is desperately trying
> to be invisible.


Very true.

If dropping has any benefit, it's that it *greatly* slows down port scans.
But that's a pretty marginal benefit. Unfortunately, a lot of packet
filters don't have the option to reject, or implement it wrong if they do.