I guess RST means reset.
The complete three-way hand shake should be SYN -> SYN/ACK -> ACK. After the
hand shack the connection established.
SYN -> SYN/ACK -> RST is a probing or test: the client get the server
answered SYN/ACK, then close the section and release the resource. It
doesn't like the SYN -> SYN/ACK -> Timeout that holds the resrouece of the
server until timeout (used in DOS attacks).
-----Original Message-----
From: Reed Mohn, Anders [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 25, 2000 5:11 AM
To: Fw-1-Mailinglist (E-mail)
Subject: [FW1] SYNDefender
A "dummy" question about SYNDefender.
I checked Phoneboy, but I couldn't find a complete answer to this:
What exactly do the messages that I see in log viewer
mean?
I mostly see two different messages, both have:
SRC=close DEST=server SRVC=HTTP ACTION=REJECT
But one is with COMMENT= Message SYN -> SYN/ACK -> RST
and the other: COMMENT= Message SYN -> SYN/ACK -> Timeout
Now, I'm guessing the latter means that the client did not
send an ACK within the timeout, is that correct?
But what about the RST?
Thanks,
Anders :=)
============================================
Anders Reed Mohn Systems Administrator
ITCompagniet AS
Phone/fax: +47 23135200 / +47 23135201
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
