It seems by default, many of the fail2ban jails are rejecting
incoming traffic with this iptables option:
reject-with icmp-port-unreachable
Is there an advantage of doing this over simply just DROP'ing the
packets themselves?
Wouldn't this let the remote system know you're actively closing a
potentially un-opened port, vs, if you just never replied to the
inquiry they remote system would believe there is no service at that port?
I'm curious what the best way to stop repeat traffic might be?
- Mike
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
