On Tue, Apr 10, 2001 at 12:13:52PM +0200, Vaclav Hula wrote: > RFC compliancy isn't enough? IMHO should be.
Someone else has already responded to this; but no, RFC compliance doesn't necessarily tell us the best thing to do for every situation. Take syn cookies for example. > > A decent policy is to drop everything you don't need to respond to. > > breaking everything you do not need to work isn't decent. someone else might > need. What are you talking about? If you need this for someone else to be able to contact you then this falls into the "you need this" category. Simple. > > You do gain some "security through obscurity." Depending on how much > > "security through obscurity." = "false feeling of security" :-) No, because there's nothing falsified about this. If you know what you are doing then you know exactly what you are _not_ gaining as well as what you are gaining. I already explained this. > > For instance, many script kiddies will not scan your entire box if you > > are undetected by a ping sweep. Granted, if you have other > > vulnerabilities that you are hiding then you have bigger problems. But > > it can buy you some time at least. > > Script kiddie scanning your entire box won't hurt you much. Where did I say it would? This has nothing to do with the scan; it has something to do with the kiddie's next move (if any) _after_ detecting your box.