On Fri, 2001-12-07 at 15:30, Jose Nazario wrote: > > The only bad thing about 'rejecting' i can think of, is TCP/IP stack > > fingerprinting of the returned RST packet. > as already said, "so what?" you're already connecting to them (to send the > mail), they know you exist and, due to the joys of passive OS > fingerprinting, they know what OS you're running typically. > > nothing gained. Well in a server you are sending mail to, that is true. If somebody was just conducting a scan of your box though, that does become information that they otherwise wouldn't have. Still debatable though whether that added bit of security is worth the delays in trying to send mail to ident enable servers. ---Steve ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Dec 07 2001 - 20:38:07 PST