Re: [SLUG] Verisign Annoyance?

From: Eben King (eben1@tampabay.rr.com)
Date: Fri Sep 26 2003 - 17:08:47 EDT


On Fri, 26 Sep 2003, Levi Bard wrote:

> So, what's the consensus, iptables or route? I'm personally leaning
> toward iptables on the principle that it will only affect, say, my
> incoming traffic, whereas if I use route, every packet will have to
> cascade through the routing table before hitting the default route (in my
> case).

I'm not using either, as my DNS administrator(s) "fixed" the Verisign
problem (in much the same way as you "fix" a cat); which is, IMO, the best
solution.

Would a null route get you an error sooner (as in, without the TCP
timeout) than dropping the packet? Maybe not, if you use DENY rather than
REJECT.

-- 
-eben    ebQenW1@EtaRmpTabYayU.rIr.OcoPm    home.tampabay.rr.com/hactar
Are you confident that you appear to be professional in your electronic
communication?  Consider this: A: No
                               Q: Can I top post? from nick@xx.co.uk

----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:04:45 EDT