On Tue, Jan 25, 2005 at 09:26:58PM -0800, seberino@xxxxxxxxxxxxxxx wrote: > Lopsch > > Thanks for your email. I know a little about TCP flags. > IIRC, ACK means 'Acknowlegement' > and FIN means 'Finish Connection'. > > Why would TCP want everyone to turn on ACK when they > want to finish a connection with FIN? > > I assume that TCP was written to do 2 errands in one > TCP datagram?...1. acknowledge last datagram received > 2. terminate connection > > It seems odd you can't terminate a connection (FIN) > without also acknowledging something to me. > > Chris read: http://www.tcpipguide.com/free/t_TCPConnectionEstablishmentProcessTheThreeWayHandsh.htm and: http://www.tcpipguide.com/free/t_TCPConnectionTermination.htm if you want a better understanding of TCP connection setup and termination and the flags set during each phase. the quick answer to your question is that an actual OS TCP/IP stack will always set the ACK bit when sending a FIN, URG, or PSH packet. FIN, URG, and PSH packets that are sent without the ACK bit set were probably generated by some scanner tool (nmap, hping) or by somebody's custom code (perl script). -j -- "Operator! Give me the number for 911!" --The Simpsons
