Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: RST's and ACK's and stealth scans

RST's and ACK's and stealth scans

From: HSKarim <HSKarim_at_aol.com>
Date: Sat, 2 May 1998 15:02:56 EDT

Greetings...

Quick questions about TCP/IP traffic
1. What does it mean when I see a Reset accompanied with an ACK?

That is... someone told me that if I see a packet that only has the RESET flag
set, this means that the connection was terminated (Or not allowed to
establish).
But, they said, If I see a packet that contains a RESET with the ACK bit set
then although the connection was refused, this is evidence that some service
was at least listening enoguh to Acknowlege.

2. Can I assume that when My firewall sends RST that the packet reveals
nothing more than the fact that the connection was refused,whether the ACK bit
is set or not?

3. If RST was sent and window size is 0 (ACK or no ACK) I conclude that my
firewall really does not want to talk... Is this a correct conclusion?

-Thanks
Hassan
Received on May 02 1998

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]