iptables: drop or reject?

[Tim]

On Sun, 2007-10-28 at 17:27 +0900, John Summerfield wrote:
> Anyone who thinks identd provides any security at all wrt computers
> they don't control is ignorant or stupid.
> 
> It's trivial to find (or even, at a pinch write/modify one) a fake 
> identd that will say anything one chooses; anyone implementing
> security assuming otherwise is trusting the untrustworthy. 

Too true, but unfortunately that doesn't stop some ISPs from leaving
their mail servers configured to check for it.  Nor does it stop many
IRC hosts from checking for it, either.  Most IRC clients include a
daemon just so you can connect to such servers (since the user probably
doesn't have one as part of their system).

-- 
[tim at bigblack ~]$ uname -ipr
2.6.22.9-91.fc7 i686 i386

Using FC 4, 5, 6 & 7, plus CentOS 5.  Today, it's FC7.

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.