I think RFC 793 requires TCP stacks to send RSTs if they get packets not meant for them in some cases. Anyone know which cases? For example, I think closed ports must send RSTs if they get stuff. This is basis for bare FIN and Xmas tree scans IIRC. Is this right?? Even if YES, it seems a firewall could drop any RSTs that don't have ACK set without damage right? Chris
