Hello Phillip, Tuesday, February 3, 2004, 10:42:03 PM, you wrote:
PH> On Tue, 03 Feb 2004 at 08:55:51AM -0500, Philipp Schulte wrote: >> nmap is not a sniffer but a portscanner. It's true that nmap is slowed >> down by DROP but this doesn't improve security very much and can have >> some annoying side effects (i.e. timeouts with ident-lookups). PH> $IPTABLES -A ETH0-IN -p tcp --dport 113 -j REJECT --reject-with PH> tcp-reset about it - i'm using nullidentd with username like 'nat' instead of blocking port. is it fine too ? -- Best regards, Marek