Re: weird scans from port 80

From: Fredderic (fredderic@iprimus.com.au)
Date: 01/29/03


From: "Fredderic" <fredderic@iprimus.com.au>
Date: Wed, 29 Jan 2003 23:26:51 +1000


> From RFC 793 page 36:
> As a general rule, reset (RST) must be sent whenever a segment
> arrives which apparently is not intended for the current connection.

In a perfect world, DROP would be unnecesary.
Unfortunately, this ain't a perfect world.

So stick your RFC's where they fit, and try to help the person with a
realisitic answer. THEN you can point out why it's evil with my and
everyone else's heart-felt blessing.



Relevant Pages

  • Re: weird scans from port 80
    ... reset (RST) must be sent whenever a segment ... >> arrives which apparently is not intended for the current connection. ... "A reset must not be sent if it is not clear ...
    (comp.os.linux.security)
  • Re: Some questions about the new TCP congestion control code
    ... restarting an idle connection based on ss_fltsz seemed ... the congestion window from collapsing when the connection was idle. ... will not send out a "short" segment for the amount of window space released. ...
    (freebsd-net)
  • Re: recv() for buffered data after peer disconnected
    ... For a connection reset, ... When the process on the other reaches the FIN ... The TCP specification ... RST to show that data was lost. ...
    (comp.unix.programmer)
  • RE: [fw-wiz] Maximum number of subnets on a firewall
    ... Indeed network connectivity from any subnet to any subnet is on a need ... trying to create a connection from anywhere to anywhere. ... segment is considered a weak link and to avoid exploiting it all devices on ...
    (Firewall-Wizards)
  • Re: Repair LCD ghosts
    ... Have you considered that the problem may not be one of connection? ... the segment drive electronics, would show as bad segment contrast for the ... Usually, the rubber connection sandwich, is reversible both ways- ie left to ...
    (sci.electronics.repair)