At 996089571s since epoch (07/25/01 14:32:51 -0400 UTC), Noah Meyerhans wrote: > There's definitely no consensus on this; it's largely a matter of > personal taste.
I definitely agree there. > I don't see how making portscans take longer equates to making them > more difficult to perform, as you (Jason) claim. More for mass-portscanning issues than anything else. I get between 20-50 scans a day (I'm on a cable modem). Most of them are looking for FTP servers (files, some root exploits), telnet (root exploits) RPC (root exploits) or DNS (root exploits). I don't run any of those services, and I really don't want to let the script kiddies in on the fact that I'm out there. Therefore, I don't return anything to these people. It also has the advantage of taking several minutes to perform a full portscan, rather than a few seconds, but that just makes life more annoying than anything; no real security is gained. I know it's not "nice" to drop packets on the floor, but the way I see it, these guys don't deserve to be treated nicely to start with... =) Jason -- Jason Healy | [EMAIL PROTECTED] LogN Systems | http://www.logn.net/
