TCP "RST" Through PIX

Published By rsivanandan On Saturday, June 16th 2007. Under Tech in general

Rather an unusual question is this! At EE, somebody asked this question. Seems that he has a application (Client-Server) which ends the tcp/ip connection using a ‘RST’ flag instead of the standard ‘Fin’ Sequence.

There is no way to tell PIX (for that matter any good firewall I would say) to let the RST flagged packet to come back through the outside interface.

So how does a standard tcp/ip connection teardown happen ? Everywhere it is discussed about how a tcp/ip connection is INITIATED but the connection tear down is equally important as well.

Host 1 – The sender sends a FIN packet and waits for a reply
Host 2 – The receiver send and ACK packet
Host 1 – The receiver also sends a FIN packet
Host 2 – The sender sends an ACK packet and the session is closed.

So the the tcp connection teardown is a 4 step process where as connection initiation is a 3 step process.

del.icio.us Tags: PIX, TCP, RST, FIN

I-BLOG

Never go to bed mad. Stay up and fight!

TCP "RST" Through PIX

Leave a Reply

Categories

Recent Comments

Business

NDTV News – India

Never go to bed mad. Stay up and fight!

TCP "RST" Through PIX

Leave a Reply

Related Articles From This Category

Categories

Recent Comments

Tags