I had heard that it is better to have a 'reject' rule instead of a
'deny' one, as reject will give back an immediate reply to the
interrogator, while just rejecting the query can give you a multitude of
'retry', which can eat you bandwidth with lots and lots of retries. If
possible, can somebody point me where can I get correct information on
this (white papers, hints, tips, anything..)
Nick wrote:
> I was under the impression that the "stealth rule" was to have anything
> going directly to your Firewall dropped, therefore making your FW's
> addess a "black hole". It never answers anything, except what you
> specifically allow for management purposes.
--
sauda��es,
irado furioso com tudo.
Linux User (SuSE) 179.402
explicando o padre marcelo ('o mala', the pope's boy, the pope's star):
mer$&^ velha com roupa nova.
