Please read the rest of the thread before criticizing.
On Feb 13, 2013, at 9:58 AM, "Matthew X. Economou" <xenop...@irtnog.org> wrote: > khatfield@s... Writes: >> >> The less you do with the firewall (routing/blocking/inspecting) the >> better. >> >> Drop drop drop ;) > > I think this is really bad advice. A firewall should return > destination-unreachable/reset packets for administratively prohibited > traffic types. Drops, null routes, etc. should only be used in case of > emergency like ongoing DoS attacks or for special cases like stealth > firewalls. > > -- > I FIGHT FOR THE USERS > > _______________________________________________ > freebsd-...@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscr...@freebsd.org" _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
