* Quoting François TOURDE ([EMAIL PROTECTED]): > But I think DROP is the best way, 'cause it slow down NMAP or other > sniffers. Sniffers must wait packet timeout, then retry, then wait, > etc.
Your fooling yourself. What prevents sniffers from sending multiple packets at once[0]. And you're breaking the TCP-Protocol, which makes debugging much harder. - Rolf [0] I don't think that portscans are a threat anyway and you increase your network load by dropping packages.
