A rejected packet tells the sender there ia an actual machine at the IP
address. A dropped packet gives no feedback at all. The target machine
behaves as if it were powered off or disconnected from the network.
What I do not understand (maybe someone on this list can explain) is why
TCP ports 53 and 67 are rejected. UDP port 53 (DNS) I can understand but
TCP port 53 traffic is AFAIK only used for zone transfers. For port 67 I
am totally puzzled.
On Tue, 4 Apr 2000, rj wrote:
> What is/are the significent difference/s between dropping and rejecting
> TCP packets? Does the fact that the firewall rejected rather than dropped
> the packets portend something "evil" could happen?
>
> Thanks!
--
Missouri State Government Web <*> James Proffer
http://www.state.mo.us/ | mailto:[EMAIL PROTECTED]
http://www.state.mo.us/mo/search.htm | http://www.state.mo.us/server.shtml
mailto:[EMAIL PROTECTED] | (573) 751-1544 Fax: (573) 751-3299
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
