> -----Original Message-----
> From: Tony Finch [mailto:dot@dotat.at]
> On Wed, 16 Mar 2005, David Brodbeck wrote:
> >
> > If dropping has any benefit, it's that it *greatly* slows
> down port scans.
>
> No it doesn't. The scanner doesn't have to wait for the
> connection attempt to time out.
It doesn't have to, but many do. Try an nmap scan against a machine that's
blocking ports, some time. It takes much, much longer than a scan against
one that's refusing connections. I've seen it take over an hour to scan a
/24 that's filtered this way.
