diff --git a/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml b/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
index a5c4ab0144..bc8c1763b2 100644
--- a/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/firewalls/chapter.sgml
@@ -1455,8 +1455,9 @@ sh /etc/ipf.rules.script</programlisting>
 	response returned for any of the undesirable stuff, their
 	packets just get dropped and vanish.  This way the attacker
 	has no knowledge if his packets have reached your system.  The
-	less the attackers can learn about your system the more secure
-	it is.  The inbound 'nmap OS fingerprint' attempts rule I log
+	less the attackers can learn about your system, the more
+	time they must invest before actually doing something bad.
+	The inbound 'nmap OS fingerprint' attempts rule I log
 
 	<!-- XXX: what? -->