> I'm not one of the crazy people that has RFC documents memorized but > the one for tcp/ip states that if a network node (computer, server, > endpoint router, etc) receives data on a port it doesn't have a > service running on, it should reply back with an ICMP Unavailable (I > think) message to indicate that port is closed for connections.
Not quite. The TCP spec indicates that if a connection attempt is received for a port that isn't listening, or if data is received for a nonexistent connection, it is to send back an RST segment (not an ICMP anything). See RFC 793 section 3.9's description of SEGMENT ARRIVES for state CLOSED: "[a]n incoming segment not containing a RST causes a RST to be sent in response". UDP traffic aimed at nonexistent ports, on the other hand, does send back Port Unrechable ICMPs, though I've been unable to find anywhere this is precisely specified - the UDP spec, 768, does not mention that circumstance at all, and the ICMP spec, 792, mentions port unreachable once, to give it a number, but not after that. It cojnes close in saying that "[i]f, in the destination host, the IP module cannot deliver the datagram because the indicated protocol module or process port is not active, the destination host may send a destination unreachable message to the source host", but does not specify precisely what "destination unreachable" means. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML [email protected] / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
