On Mon, 2005-04-11 at 15:18, Christian Seberino wrote: > > I think RFC 793 requires TCP stacks to send RSTs if they > get packets not meant for them in some cases. Anyone know which > cases? Pretty much all. The exceptions I can think of off the top of my head: In response to a RST In response to a FIN to an open port (MS returns a RST/ACK) > For example, I think closed ports must send RSTs if they > get stuff. Agreed. > Even if YES, it seems a firewall could drop any RSTs that > don't have ACK set without damage right? The only condition I can think of off the top of my head that will return a RST instead of a RST/ACK is in response to an unsolicited ACK sent to either an open or closed port. So they do happen in the wild. HTH, Chris
