How linux TCP handle (RST,SYN) at initial connection establishment
Hi,
I need some clarification on how TCP reacts to incoming (RST, SYN) during 3-way handshaking process.
RFC 793, p36, states the following:
"In all states except SYN-SENT, all reset (RST) segments are validated by checking their SEQ-fields [sequence numbers]. A reset is valid if its sequence number is in the window. In the SYN-SENT state (a RST received in response to an initial SYN), the RST is acceptable if the ACK field acknowledges the SYN."
My questions are:
1) According to RFC 793, an established TCP connection can be reset by sending suitable TCP packets with the (RST,SYN). During the connection establishment stage, does the client suffers the same risk?
At SYN-SENT state, if a good client is under attack by (RST, SYN) flood, does (RST, SYN) packets reset the client's connections (to avoid its connection to destined server)? Assume that in the (RST, SYN) packet, the ACK sequence number correctly acknowledges the client's SYN, but TCP ACK flag is not set(or, if set, does it affects?).
2) At TCP connection establishment, will (RST, ACK) flooding occur to avoid any connection request to the target server? Assume (RST,ACK) packets' source IP have been spoofed to be target server IP.
Last edited by syseeker; 01-13-2005 at 08:20 AM.
|