[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [lwip-users] TCP SYN to UDP port
From: |
Simon Goldschmidt |
Subject: |
Re: [lwip-users] TCP SYN to UDP port |
Date: |
Mon, 18 Apr 2016 09:44:48 +0200 |
Esa Hill wrote:
> When nmap scan is executed against our device (LwIP 1.4.1), it responds with
> RST for SYN even
> when the socket/port is listening only UDP “connections”.
>
> Is this correct behavior (does some RFC say something about this?) or should
> it just drop silently
> the SYN packet as it does for unused ports?
> This came up in one certification process (they see it as a problem).
Yes, this is correct behaviour. Any correct packet that does not match a pcb
should be answered with RST (unless it is a RST itself).
Not sending a RST in response is often done by devices to "hide" their
presence, but I'm not sure this is really safer to do...
Also I can't tell you right now if there is an lwIP setting to do so, but I
think not.
> Nmap results:
> 49998/tcp filtered unknown
> 49999/tcp filtered unknown
> 50000/tcp closed ibm-db2
> 50001/tcp filtered unknown
> 50002/tcp filtered iiimsf
That's strange. You should see a RST on all ports. Unless you have a resource
problem.
As Sergio already said there is absolutely no interconnection between UDP and
TCP.
Simon
Re: [lwip-users] TCP SYN to UDP port, Sergio R. Caprile, 2016/04/18