On 13 Aug 2003, Frank Tegtmeyer wrote:
> Julian Church <[EMAIL PROTECTED]> writes:
>
> > Since the packets you're seeing are pretty much exclusively harmless
> > "chatter" it's more user friendly this way.
>
> You mean Windows users using the Internet as "network neighborhood"?
> I'm not too fam
Julian Church <[EMAIL PROTECTED]> writes:
> Since the packets you're seeing are pretty much exclusively harmless
> "chatter" it's more user friendly this way.
You mean Windows users using the Internet as "network neighborhood"?
I'm not too familiar with Windows hosts connected to the Internet
thr
On Wed, 2003-08-13 at 03:04, Frank Tegtmeyer wrote:
> Tom Eastep <[EMAIL PROTECTED]> writes:
>
> > you don't like it, create /etc/shorewall/common and put the rules that
> > YOU like in it.
>
> I did this - my question was about why these defaults are used. I
> suspect it's only a matter of perso
On Wed, 2003-08-13 at 06:19, Frank Tegtmeyer wrote:
> Frank Tegtmeyer <[EMAIL PROTECTED]> writes:
>
> > I interpreted Windows traffic coming from the Internet ...
>
> I think I see my mistake - common.def is applied to all traffic on all
> interfaces (if not handled by rules).
> So the reject is
Hi,
is there any reason that the Windows ports in common.def are set to
reject instead of DROP?
I like to slow scanners down if possible, so DROP would be the natural
choice.
The only ports where I use reject are ident (to be friendly) and some
annoying P2P ports (to get them stopped faster).
Reg
Frank Tegtmeyer <[EMAIL PROTECTED]> writes:
> I interpreted Windows traffic coming from the Internet ...
I think I see my mistake - common.def is applied to all traffic on all
interfaces (if not handled by rules).
So the reject is choosen to be friendly to internal users, right?
Regards, Frank
On Tue, 2003-08-12 at 02:46, Frank Tegtmeyer wrote:
> Hi,
>
> is there any reason that the Windows ports in common.def are set to
> reject instead of DROP?
> I like to slow scanners down if possible, so DROP would be the natural
> choice.
> The only ports where I use reject are ident (to be friend
Tom Eastep <[EMAIL PROTECTED]> writes:
> you don't like it, create /etc/shorewall/common and put the rules that
> YOU like in it.
I did this - my question was about why these defaults are used. I
suspect it's only a matter of personal preferences. But maybe I miss
some obvious reason - I would li