Agree with using DROP for bad traffic. IMO, the only time to expend the effort to REJECT is if you care about the client.
On Fri, Apr 21, 2017, 19:06 Chuck Hast <[email protected]> wrote: > I have always liked "drop". > > On Fri, Apr 21, 2017 at 6:05 PM, Cryptomonkeys.org < > [email protected] > > wrote: > > > Typically, connections come from unprivileged ports. The destination is a > > mixed bag. Some services run on privileged ports, some done. Web and mail > > are examples of things that run on privileged ports. Databases (mysql > 3306, > > postgresql 5432) are examples of things that don’t run on privileged > ports. > > > > Best practice is to either block or drop connections to ports where you > > aren’t running services. The choice is yours. The difference is that > block > > sends a communication back to the sender letting them know communication > is > > prohibited, drop does not do this. > > > > > > > On Apr 21, 2017, at 7:02 PM, Michael Christopher Robinson < > > [email protected]> wrote: > > > > > > I'm getting a lot of probes from unprivileged TCP ports to unprivileged > > > TCP ports on my Internet connected server. No connections, but I'm > > > wondering if I should just reject these? Same for UDP. What protocols > > > might I use that would require connection in the unprivileged port > > > range for both client and server? I'm not running ftp on this server. > > > _______________________________________________ > > > PLUG mailing list > > > [email protected] > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > > > > > -- > > Louis Kowolowski [email protected] > > Cryptomonkeys: > > http://www.cryptomonkeys.com/ > > > > Making life more interesting for people since 1977 > > > > _______________________________________________ > > PLUG mailing list > > [email protected] > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > > -- > > Chuck Hast -- KP4DJT -- > Glass, five thousand years of history and getting better. > The only container material that the USDA gives blanket approval on. > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
