Re: rst or drop when defining PF firewall rules.
From: sam (sam.wun_at_authtec.net)
Date: Tue, 09 Nov 2004 13:51:19 +0800
Conrad J. Sabatier wrote:
> In article <email@example.com>, sam <firstname.lastname@example.org> wrote:
> Better to drop. This saves bandwidth, and may even lead a would-be attacker
> to conclude there's nothing there.
> Sending any sort of reply only confirms for them that they've found a target
> to work on.
I also agree this setting in the firewall. But I don't understand why PF
or other firewalls also include option for sending "rst" as an
alternative. There may be a reason, but I can't find a clear answer to this.
Is this for _backward_ compatitable?