It doesn't make me more of a target to return 'ICMP prohibited' packets in reply to probes at prohibited ports. On the contrary it probably makes me less of a target because I clearly have active security measures in place.
Disagree. To most crackers, it makes you more interesting. And not answering anything, as Joanne said, will reduce by a large amount the number of people who take the time to decide that the silent host is worth probing further. Also read my "Real-time blocking with Portsentry" note for how to use portsentry, iptables, and a simple shell script to totally banish offenders from your system.
-- Rodolfo J. Paiz rpaiz@xxxxxxxxxxxxxx http://www.simpaticus.com
