On Tue, Apr 17, 2001 at 10:31:15AM -0700, Matt Dillon wrote:
>
> :> It's not worth doing. We would be introducing unnecessary cpu burn on
> :> every single packet we sent out, all to solve a problem that doesn't
> :> really exist.
> :
> :Well, that's why it's a sysctl defaulting to off in my patch. Don't
> :turn it on if you don't want to.
> :
> :Kris
>
> Let me put it another way: I think this sort of thing is an excellent
> example of introducing unnecessary kernel bloat into the system. Who
> gives a fart whether someone can port scan you efficiently or
> anonymously or not? I get port scanned every day. Most hackers don't
> even bother with portscans, they just try the exploit on the target
> machines directly.
Tools, not policy..
You may not care about it, but others do.
Kris
PGP signature
