On 4/24/07, Chris Smith <[EMAIL PROTECTED]> wrote:
Hello,
Using openbsd as a firewall in several cases - a few small businesses, and
also for home use. Some websites, such as grc.com, stress that "stealth mode"
(which openbsd handles with ease) is the safest. But I've also read that
using 'return' instead of 'drop' is good netizenship. So I'm wondered how
others are handling this and what recommendations you might have.
Most people would maintain that drop vs. block+rst/icmp would be
better, but I could see the arguments (that will no doubt come) that
it really doesn't buy you any in the end and only attempts to
obfuscate what can be mapped out anyhow (that a device somewhere in
the network path is dropping traffic.)
I use silent drops except where immediate reject response is required
(e.g. ident, etc.)
DS
