Autor: Wakko Warner Data: A: Bruce Richardson CC: exim-users Assumpte: Re: [exim] RFC 1413 default on debian
Bruce Richardson wrote: > On Wed, Mar 16, 2005 at 06:08:31PM -0500, Wakko Warner wrote:
> > I don't follow on this. If you "drop" a packet (as I understand it, dropped
> > packets mean no data is returned), how can someone know the device is there
> > or not? What's the difference between say dropping a packet and unplugging
> > the ethernet cable?
>
> If you disconnect an ethernet cable, the router on the local segment
> will usually become aware of this (when nothing answers their ARP
> queries for that address) and start returning "host unreachable" icmp
> packets to anything trying to connect to the missing host. Firewalls
> that simply "drop" packets do not trigger the same behaviour, so reveal
> their presence. So dropping packets can be more revealing than simply
> rejecting them (sending back an icmp error message).
I tried a few addresses (one private and known routed but non existent).
Only the private address that I used got returned an ICMP unreachable. The
other addresses did not (one of which was 1.2.3.4 =)
So maybe this doesn't always apply to all circumstances.
--
Lab tests show that use of micro$oft causes cancer in lab animals