DROP not secure?
Tue, 31 Jul 2001 20:15:52 -0700
I've seen posts lately referring to DROP targets as not secure,
although I am a little confused as to why that would be... I
mean, it seems to me that if you're set up to drop all NEW
inbound packets, you have the "ultimate" security; people can't
even tell that there's a computer there because nothing responds.
That's my present tactic- I was planning on opening a
non-standard port for SSH and then dropping incoming requests to
every other port, then using SSH for all of the services that I
wanted to provide (it seems that my ISP blocks the standard "low"
ports anyway; port 80 for instance is unreachable), but does
anyone have any comments on how reasonable an approach this is
and what sort of issues I'll have with it? Other configuration
is NAT/MASQ from a several-machine internal network; my cable
modem gives me one address via DHCP (and that part is working
fine right now).
Tom Plunket firstname.lastname@example.org
PlayStation2/3D Studio geek
"Our music is simple, it's totally fake. It's done by
machines 'cause they don't make mistakes." -KMFDM